STRENGTHENING HEALTH
INFORMATION INFRASTRUCTURE
Health Care Quality Indicators Expert Group 13 November 2015 Paris
2
» In 2010, health ministers called for improvement in
national information infrastructure to provide
evidence to improve health care quality
» Ministerial Communiqué called for more effective
use of data that has been already collected
» OECD Health Committee supported projects in
2011/12 and 2013/14
• Work is guided by the Health Care Quality
Indicators Expert Group (HCQI)
Agenda to improve health information
infrastructure
3
» Most useful data for
scientific knowledge
generation and
intelligence for health
care management
and policy would
describe patients
pathways of care and
the outcomes and
costs of those
pathways
High priority data – care pathways and
outcomes
Source: www.mdgadvertising.com/blog/mapping-healthcare-
search-to-the-patient-journey/
4
How to build care pathway data?
» Evidence about the pathways and outcomes of care
» Two key prerequisites
» Collection and storage of data at the level of
individual patients/persons
» E.g. registries, administrative data, surveys
» Capacity to follow patients through the cycle of
care to relate care to outcomes
» Often requires data linkage because few databases
have all of the information needed
» Could be based on electronic health records
5
HCQI report in 2013
» Most countries have national data
covering the key elements of the
health care pathway
» Often data is in silos (separate and
disconnected)
» Too few countries are linking across
databases for research or to improve
the quality of care
» Most work has a long history, i.e.
cancer registries
» Innovation in 6 of 19 of countries
» 13 of 25 countries plan to extract data
from clinical records for a range of
monitoring and research needs
6
» Cross-country variation in data development and
use is linked to different approaches to addressing
risks to data subjects’ privacy
» HCQI and Working Group on Security and Privacy in
the Digital Economy members met together on May
11, 2012
» To begin to achieve a common understanding of
privacy protection challenges in the use of
personal health data
» To identify potential joint international actions
Joint dialogue with experts in health and
data privacy
8
2013-14 study to improve data
governance
» Project of the Health Care Quality Indicators Expert
Group with advice from the Working Group on Security
and Privacy in the Digital Economy
» Aiming to:
» Understand the current situation and monitor
changes since 2011
» Uncover and document practices and
» Make recommendations of promising governance
practices to enable privacy-respectful data use
9
Provide advice and guidance at all stages including:
» Work plan
» Instruments and techniques for the collection of evidence
» Plans and modalities to consult with stakeholders
» Conclusions and recommendations
» Review of material for publication
Experts in health policy, statistics, research, privacy
regulation, law, and information technology from
government, industry and civil society communities
Convened quarterly by Web-conferencing
Advisory Panel of Experts
10
Advisory Panel Members
Members Area of expertise
Countries Level of engagement
6 Privacy law Australia, Italy, USA, UK***
High
5 Health Statistics Canada, Finland*, Italy*, Korea* Switzerland*
High
2 Health Research Finland, USA High
3 Health IT Canada, Netherlands, USA
High
5 Health Policy EC, Israel**, Japan*
High
7 Low
*HCQI Expert Group members
**Health Committee member
***Security and Privacy in the Digital Economy member
11
Study framework
Proposed data use Proposed data use
Benefits: Risks:
Individuals' rights to health Individuals' rights to privacy
Societal values: Societal trust in:
Health Government
Safe care Health care providers
Effective care Societal values:
Scientific discovery Privacy
Efficient public services Sharing data
Patient benefits: Patient risks:
Care accessibility Lost privacy
Care affordability Discrimination
Care quality Identity theft
Coordination of care Health system risks:
Health system benefits: Lost privacy
Savings in data collection costs Decreased trust
Efficiency gains Lost market share
Market share
Innovation/discovery
Decision to
process personal
health data
12
Study framework
Proposed data use Proposed data use
Benefits: Risks:
Individuals' rights to health Individuals' rights to privacy
Societal values: Societal trust in:
Health Government
Safe care Health care providers
Effective care Societal values:
Scientific discovery Privacy
Efficient public services Sharing data
Patient benefits: Patient risks:
Care accessibility Lost privacy
Care affordability Discrimination
Care quality Identity theft
Coordination of care Health system risks:
Health system benefits: Lost privacy
Savings in data collection costs Decreased trust
Efficiency gains Lost market share
Market share
Innovation/discovery
Decision to
process personal
health data
Data Governance
Framework
Maximises
Benefits and
Minimises Risks
13
» HCQI country representatives coordinated with other
organisations in custody of key datasets
» Explored personal health data development and use
including:
» Datasets
» Dataset linkages
» Access to data
» Data governance
» National and multi-country analytical projects
Country questionnaire
14
• Canada
• Czech Republic
• Denmark
• Finland
• Iceland
• Ireland
• Israel
• Italy
• Japan
• Korea
• Netherlands
Country questionnaire
• New Zealand
• Norway
• Singapore
• Spain
• Sweden
• Switzerland
• Turkey
• United Kingdom
(England, Scotland and
Wales)
• United States
15
» Question sets tailored to each type of expert
» Experts in data privacy, project approval, data
processing, access, routine use and analysis
» Interviews to understand current practices to:
» Govern data
» Initiate and approve projects
» Protect data security
» Process data
» Provide access to data
» Interviews completed with 50 experts
» legal experts in 11 countries and operational experts in 15
countries
Interviews with experts
16
» APHII reviewed draft findings from the country survey and
expert interviews in spring 2014
» APHII participated in a modified Delphi survey to identify
elements of a
» Data governance framework that maximises societal
benefits and minimises risks
» Taxonomy to guide evaluation of risks and benefits
» APHII met on 21 May 2014 to discuss and revise aspects
of the recommendations where views diverged and outline
the structure of the report
» Further exchange, revision and drafting over the summer
and early fall, including a teleconference to finalise the
draft on 11 September
Analysis
18
Follow the health care pathway and measure outcomes in
order to:
» Evaluate the quality and cost-effectiveness of
treatments
» Monitor adverse events (drugs, devices, care)
» Evaluate and revise clinical care guidelines
» World-class research: pathways + genetic data +
monitoring devices and more
High Value Health Data Supporting
Management, Policy and Innovation
19
» Hospital in-patients
» Mental hospital in-patients
» Primary care patients
» Emergency care patients
» Prescription medicines (by patient)
» Long-term care patients
» Patients in cancer, diabetes and CVD registries
» Patient reported outcomes and patient experiences
surveys
» Census/population registries
» Deaths
Key national data for pathways
investigated:
20
Key health data availability, maturity and
use
0.00
1.00
2.00
3.00
4.00
5.00
6.00
Score is the sum of the percentage of national datasets meeting 7 dataset content and usefactors (Highest score =7)
21
» Canada – prescription medicines & primary health care
» Switzerland – cancer registry
» Japan – mental hospital in-patients and patient experiences
In development:
» Canada – patient experiences
» Czech Republic – patient experiences
» United States – in-patient hospitalisations
Progress in national dataset availability
since 2011
22
Little change in national data linkage
activities since 2011
7+ key national datasets Canada, Finland, Israel, Korea, Singapore, Sweden, United
Kingdom (England, Scotland and Wales)
5-6 national datasets Denmark, New Zealand, Netherlands, United States
3-4 national datasets Czech Republic, Iceland, Norway, Spain
1-2 national datasets Ireland, Italy, Switzerland
0 national datasets Japan, Turkey
Key datasets linked regularly for statistics or research in 2013
# of countries reporting a linkage study is usually underway in:
Hospital in-
patients Deaths Cancers Rx
Mental hospital
in-patients
Primary care
Long-term care
Population
health survey
Census or
population
registry
2011 10 11 8 6 7 4 5 6 9
2013 8 9 11 9 8 2 5 5 6
23
Twelve countries are linking data across
the pathway of care
A B C D E
Regularly linking hospital in-patient, mental-hospital in-
patient, cancer registry data and
mortality data
Linking datasets in A +
emergency care data
Linking datasets in A +
prescription medicines data
Linking datasets in A + long-term
care data
Linking datasets in A + primary
care data
Canada Canada Canada Canada Korea
Czech Republic Israel Denmark Finland Singapore
Denmark Korea Finland Israel UK (Wales) Finland New Zealand Korea Korea Israel Singapore New Zealand Singapore Korea Sweden Sweden UK (Wales)
New Zealand UK (Eng., Scot. & Wales)
UK (Scot. & Wales)
Singapore Sweden
UK (Eng., Scot. & Wales)
24
» Develop health care quality and system performance
indicators
» Measure health care coordination, pathways and outcomes
» Estimate compliance with clinical care guidelines
» Develop indicators of health care utilisation and costs
» Measure disease prevalence
» Estimate health and health care use for different
socioeconomic groups
» Conduct medical and health services research projects – 27
policy relevant national projects and 11 multi-country
projects
» Assure the quality, validity and completeness of national
datasets
Key reasons for regular dataset
linkages
25
The APHII recommends that:
The health information system should support health care quality and
system performance monitoring and improvement, and research
innovations for better health care and outcomes.
The health information system should:
Be accessible for statistics and research, subject to safeguards specified in law
Be developed within a data governance framework that protects health information privacy and reflects
societal values regarding rights to privacy and to health
Include datasets of patient-level data for complete or representative national patient populations for all key
health and social care services and for patient characteristics, behaviours and health outcomes
Include data from clinical, administrative, laboratory, device and survey sources that can be linked and
analysed for approved statistics and research projects
Require the collection of consistent, unique patient identifiers for all datasets where unique identification
and/or data linkage is in the public interest
Follow international standards for the coding of terminology and data interoperability
Be routinely audited for information content quality and usability for research and statistics
Enable datasets to be routinely linked for approved on-going monitoring of population health, health care
quality and system performance in the public interest
Enable datasets to be routinely linked for approved research projects in the public interest
26
Sharing and accessibility of health data
for approved statistical and research
uses
0.0
1.0
2.0
3.0
4.0
5.0
6.0
7.0
Score is the sum of the percentage of national datasets meeting 6 accessibility factors(Highest score =6)
27
» All of the 20 countries have one or more legislations
protecting health information privacy
» All legal frameworks recognise personal health data as
sensitive data
» Secondary analysis of personal health data is permitted
with the consent of data subjects or if legally authorised
» Differences among countries relate to:
» Sharing identifiable and de-identified data
» Exemptions to consent requirements
» The form of consent (broad or narrow, opt-in/opt-out)
Legislative frameworks governing
personal health data
28
Sharing rules matter more when key
datasets are in the custody of different
organisations
1-2 custodians Czech Republic, Iceland, Italy, Japan, Switzerland, Turkey, UK England, UK Scotland
3-4 custodians Canada, Denmark, Finland, Israel, New Zealand, Singapore, Spain, Sweden, United States
5-6 custodians Korea, UK Wales
7+ custodians Ireland, Netherlands, Norway
29
Sharing identifiable data among
national data custodians for research or
statistics (dataset linkages)
1-2 custodians Czech Republic, Iceland, Italy, Japan, Switzerland, Turkey, UK England, UK Scotland
3-4 custodians Canada, Denmark, Finland, Israel, New Zealand, Singapore, Spain, Sweden, United States
5-6 custodians Korea, UK Wales
7+ custodians Ireland, Netherlands, Norway
Sharing identifiable health data among national custodians:
Permitted
Not permitted (unless consent or legal authorisation)
Not permitted but linkages still occur through consistent
encryption of identifiers or trusted 3rd party
30
Other challenges sharing identifiable
data
Among public authorities in general:
Data collection authority uncertainty (Czech Republic)
Trouble negotiating transfers (Singapore, Turkey)
Slow negotiations (Canada, USA)
Among health and statistical authorities:
Netherlands, Switzerland and USA have linkages take
place within the NSO
Iceland negotiated method for bi-directional sharing
UK NSO legally authorised to share
Among health care providers and public authorities:
Trouble negotiating sharing with private providers
(Canada, Netherlands, Iceland, UK)
31
Sharing de-identified micro data
Academic and
non-profit
researchers
Commercial
sector
researchers
Foreign
Researchers
Permitted
16 10 15
Permitted only for
unlinked data
1 1 1
Not permitted but
access still occurs
through secure portals
3 1
Not permitted (unless
consent is obtained)
2 10 6
32
» Future research and statistical uses of data are not
known in a detailed way at the time data is collected
(hospitalisation, primary care visit, insurance claim etc.)
» Some data are specifically collected to support future,
and not yet specified research – bio banks
» Costs of administering project specific consent
questions retrospectively are prohibitive
» Validity of the research results is compromised – known
bias toward younger/healthier and less mobile
» Public acceptability of numerous requests is doubtful –
robust programs have 1000’s of projects annually
Big data and project-specific consent
33
» Project-specific consent for purpose-specific studies
(invitation to a survey or a clinical trial)
» Exemptions to patient consent requirements when
complete patient data is essential
» Broader consent questions
» Can be framed as an option to opt-out of datasets that will
be used for research and statistics
» Can be asked by health care providers at the first visit or
» Can be asked within patient portals (where patients access
their own data) as these become more widely available
» Decisions on exemptions or use of data under a broad consent are
taken by a credible arms-length approval body
Promising practices
34
The APHII recommends that:
The processing and the secondary use of data for public health,
research and statistical purposes should be permitted, subject to
safeguards specified in the legislative framework for data protection
The legislative framework should:
Reflect the basic principles for privacy protection outlined in the OECD Privacy Framework
Cover all data sources and all data custodians and processors
Require a fair and transparent approval process including an independent approval body
Permit use of personal health data for research and statistics, subject to the approval process.
Allow the use of data, whether collected by consent, exceptions to consent or specific authorisation,
for further approved statistical and research projects
When giving patients the right to opt-out of the inclusion of their data in datasets used for future
approved research and statistics, there should be practical means to exercise that right
Allow personal health datasets to be linked for approved uses (record linkage)
Permit the sharing of linkable data among public authorities for approved data linkages
Allow sharing and access for research or statistical projects by applicants from all sectors of society
Allow sharing and access to data by foreign applicants, where the legislative framework in the foreign
country adequately meets the standard for data protection of the home country
Require public reporting of all applications for approval to process personal health data and the
approval decisions
35
» 12 of 20 countries have an open health data initiative -
usually to improve access to aggregated health data
» Rarely is there a website or public information about:
» All national personal health datasets or
» Approved studies involving the processing of personal health
datasets (linked data)
» Countries providing researcher access to data tend to also
have a website explaining requirements of applicants
» Communication about data uses, benefits, safeguards and
data subjects’ rights is challenging
» Good examples and lessons learned in the UK (care.data)
» Public consultations, public involvement in steering committees,
public information
Open and transparent health
information systems
36
Public engagement should:
Include regular, clear and transparent communication with the public about the
collection and processing of personal health datasets including the benefits of the
processing, the risks of the processing and the risk mitigations.
Include public information, such as a website, that describes personal health datasets at
a national level, including the content of the datasets and the dataset custodians.
Include public information, such as a website, that describes applications for approval of
the processing of national personal health datasets, including dataset linkages, as well
as approval decisions.
The APHII recommends that:
The public should be consulted upon and informed about the collection
and processing of personal health data
37
» In 12 countries 70%+ of key national datasets are
within one organisation
» Enables efficiency/data uses/security+access
» Accreditation or certification assures processors
meet and maintain the countries’ highest
standards for data protection
» Accreditation has been implemented in
Scotland, Australia and is under consideration
in England
Concentrating and strengthening
national data processing
38
» Highest volume of approved access requests in:
» Denmark with 2000 applications from external researchers per year
(40% linkages)
» New Zealand with 2500 applications (5% linkages)
» 100’s of requests in Canada, Finland, USA – about 6-10% are
linkages - UK England is preparing for high volume
» Cost recovery models used – marginal cost (staff time)
» Costs much higher where probabilistic matching is needed (lack of
consistent ID number)
» Strategies to lower costs
» Secure storage of linkage keys to not re-do established links (Statistics
Canada)
» Automation of linkages (UK HSCIC)
Volumes and recovering costs
39
The APHII recommends that:
A certification/accreditation process for the processing of health data for
research and statistics could be implemented.
The certification/accreditation process should:
Limit processing of identifiable data and data linkages to certified/accredited data
custodians and processors.
Require certified/accredited data custodians and processors to comply with norms for
data governance that include these eight recommended data governance mechanisms.
Establish rules, policies, data standards and administrative structures among
certified/accredited data custodians and processors that encourage and support
appropriate cooperation for data sharing and analysis that minimise barriers.
Require certified/accredited data custodians and processors to act as a secure national
archive for personal health data with future research and statistical value.
Adequately resource and require data custodians and processors to ensure that any fees
to process data requests do not limit fair access to data for approved applicants from all
sectors of society.
Require accountability for adherence to certification/accreditation norms and for the
timeliness and quality of data processing services.
40
Approval processes
» Five different approaches to decision making
» Independent REB advises data custodians (5 countries)
» Independent REB and data custodians advise DPR (2)
» DPR advises data custodians (3)
» IRB advises data custodians (3)
» Custodians decide alone (4)
» Public information about approval process to request access to de-
identified record-level data and to request a data linkage
» For all key national health datasets in (9 countries)
» For most key national health datasets in (3)
» No information about data linkages (5)
» No public information at all (5)
41
Taxonomy to evaluate risks and benefits
Societal benefits Data use purpose (ad hoc, on-going) Consistency with acceptable uses of the data Potential benefits of results: • Health outcomes • Treatments/patient experiences • Care quality/efficiency/affordability • Sector management/governance • Profits/market share • Industry/economic growth • Progress of science/research/ innovation • Data quality/respondent burden/data costs • Transparency /accountability of government Potential beneficiaries of the project results • Multiple societies/global population • Society/whole population • Patient groups • Government/policy makers • Research community • Health care industry Potential impact of results on beneficiaries Data/methods appropriate to realise benefits
Societal Risks Identifiability of the data required/necessary Consent or fulfilment of exemption rules Positive advice of approval bodies and custodians Risk analysis Applicant track record of privacy respectful use Legal sanctions that could be applied including adequacy of foreign laws Necessity to transfer data/alternatives (Research Data Centre, Secure Remote Access) Security of transfer/recipient’s organisation Vulnerability and impact of outside attack Time limit for data access Follow up to ensure obligations are respected
42
The APHII recommends that:
The project approval process should be fair and transparent
The project approval process should:
Follow a criteria for project approval that considers both societal risks AND societal benefits of
proposed data uses, such as the taxonomy included in this report
Consider the elements of the proposed statistical or research use of data on their own merits and avoid
discrimination against applicants due to their age, experience, employment or other factors
Ensure the process to apply for approval to process and/or access personal health data and the criteria
for project approval are publicly available (such as a website)
Ensure a summary of each application for project approval and each approval decision are publicly
available (such as a website). Summaries should include the purpose of the processing, the datasets
included and the organisations and researchers involved
A multidisciplinary project approval body should:
Include relevant stakeholders, such as legal experts, statistical experts, patients and researchers that
are also third parties, with no stake in an approval decision
Consult with the custodians of all datasets involved and take their advice into account
Be publicly identified, including the project approval body's role, membership, criteria the body follows
for project approval, timeliness of approval decisions, and process to appeal a decision
Be accountable for the timeliness and quality of their services
43
» Data linkages are needed and a
processor must exist that holds the keys
to the identifiability of data
» Data de-identification rarely reduces the
re-identification risk to zero
» Some methods carry more risk than others
» No consistency in practices
Why can’t we de-identify the data and
through away the key?
» Treatment to lower re-identification risks can damage
data utility - research results are biased/useless
» Data de-identification decisions must consider “the big
picture”:
» Desired use of the data and data security environment
surrounding the data use
44
The APHII recommends that
Best practices in data de-identification should be applied to
protect patient data privacy
Data de-identification practices should:
Document data de-identification methods
Involve a data privacy expert in the development or review of de-identification methods
Define direct and indirect identifiers
Delete direct identifiers or, where necessary create a pseudonym from direct identifiers
Replace the pseudonym with a meaningless study number when releasing any data to a third party
Store the mapping between the identifiers, the pseudonym and any study numbers for future approved
uses, such as informing data subjects and the replication, validation and extension of a study
Develop general rules for the treatment of indirect identifiers through data masking techniques
Consider the impact of the treatment of indirect identifiers on the study results, and consider other
measures to mitigate privacy risks if the treatment will unduly damage the study findings
Develop guidelines on cell counts and indirect disclosure risks for tabulations and results of scientific
research that are to be placed in the public domain
Audit the data de-identification process to ensure all steps have been followed
45
Data security environments surrounding
data use
» Common approaches of national data processors:
» Physical security, separation of duties, staff obligations
and training, secure channels for data sharing
» Contractual obligations + follow-up and penalties
» Alternatives to transferring data from processors to recipients
» Secure research data centres and remote data access systems
» Data use limited to within a secure physical or virtual facility
» Facilities offer analytical software, tools and good processing speeds
» No ability to print or otherwise remove data or results from the facility
until the release is approved by a qualified reviewer
» RDCs in Canada, Japan, Singapore, Netherlands and USA and RDA’s in
Canada (Ontario), UK (Scotland and Wales), Netherlands, USA, Korea
(pilot) and Denmark (in development)
46
The APHII recommends that
Best practices in data security and management should be applied to
reduce re-identification and breach risks
Data security and management practices should: Control and monitor physical and IT data security within data custodians and processors
Control and monitor to ensure that access to and use of personal health data within data custodians or
processors is performed by staff subject to confidentiality rules/regulations
Limit data transfers to and from data custodians or processors to secure channels
Require legally binding contracts with recipients of personal or de-identified person-level data from
custodians or processors that specify the data confidentially and security requirements to be respected
Ensure data custodian staff, data processor staff and third-party data recipients have mandatory and
periodic training on data privacy and security protection
Before transferring data, review the physical security and security policies and practices of data recipients
and any parties mediating data transfers
Conduct Independent and random data security audits of recipients and parties mediating transfers
Follow-up to verify data destruction and other end of contract requirements have been met
Offer alternatives to transferring data, such as a research data centre, secure data portal, or analysing
the data within a certified/accredited organisation
Implement penalties for data misuse by any party
47
Views about the next five years Country
Likelihood that linked data are used to regularly monitor care quality
Likelihood that data from EHRs are used to regularly monitor care quality
Canada Likely Very likely Czech Republic Likely Very unlikely
Denmark Very likely Unsure Finland Unsure Very likely Iceland Likely Likely Ireland Likely Likely
Israel Likely Likely Italy Very likely Likely
Japan Likely Likely Korea Unsure Unsure* Netherlands Likely Likely*
New Zealand Likely Unsure
Norway Very likely Likely
Singapore Likely Likely
Spain Unsure Very likely*
Sweden Likely Unsure
Switzerland Likely Unsure
Turkey Unlikely Very unlikely
United States Likely Very likely*
UK England No opinion No opinion
UK Scotland Very likely Very likely
UK Wales No opinion No opinion
48
Progress and obstacles
» Progress
» Strengthening of legislative frameworks governing health information
privacy and use or reforms are underway
» Greater clarity about the interpretation of legislation in practice
» Improvements data quality and tools for data processing
» Progress in developing and standardising EHR systems
» Monitoring and research uses of data have started
» Obstacles
» Uncertainty about the impact of the European DPR
» Lack of government priority on solving data use challenges
» Need for more time to implement EHR systems
49
The APHII recommends that
Governance mechanisms should be periodically reviewed at an
international level to maximise societal benefits and minimise societal
risks as new data sources and new technologies are introduced
Periodic review is needed to:
Share best practices in data governance, including:
Review and develop norms for the accreditation or certification of data processors;
Review privacy legislations in OECD countries, compare similarities and differences,
and create a list of countries sharing similar and adequate data privacy protection;
Review current practices in patient consent and reach agreement on privacy-protective
mechanisms to request/waive consent for research and statistics involving large health
datasets;
Review developments in data security risks and in software and IT processes to assist
with risk mitigation; and
Review approaches to public consultation and public information about data uses, risks
and risk mitigations.
Monitor national implementation of best practices in data governance, such as these eight
recommended data governance mechanisms.
50
» Health Committee (HC) discussion on 8 December
» Working Party on Security and Privacy in the Digital
Economy on 9 December
» APHII teleconference on 10 December
» Written feedback from HC, SPDE and HCQI by 30
January
» Feedback from national experts in January-February
» Experts identified on the country survey +
» Additional experts HCQI, SPDE and HC recommends
» Revised draft for final review in March 2015 – then
publication in late spring
Next steps for this report
51
» Launch the OECD publication
» Invite leaders of promising practices to present
» opportunity to learn from their experiences, including
benefits and challenges overcome
» Invite HC and SPDE members to join us
» Hold it at the OECD on 20 May 2015 – day before next
HCQI meeting
International workshop on governing
personal health data – mechanisms and
tools for privacy-protective data use
52
COMMENT on the draft recommendations
DISCUSS the draft report
ADVISE on next steps including:
• National experts to invite to review the draft report
• Possibility of an international workshop on data governance on
20 May 2015
Members of the HCQI Expert Group are
invited to:
53
1. The health information system should support health care quality and system performance
monitoring and improvement, and research innovations for better health care and
outcomes
2. The processing and the secondary use of data for public health, research and statistical
purposes should be permitted, subject to safeguards specified in the legislative framework
for data protection
3. The public should be consulted upon and informed about the collection and processing of
personal health data
4. A certification/accreditation process for the processing of health data for research and
statistics could be implemented
5. The project approval process should be fair and transparent and decision-making should
be supported by an independent, multidisciplinary project review body
6. Best practices in data de-identification should be applied to protect patient data privacy
7. Best practices in data security and management should be applied to reduce re-
identification and breach risks
8. Governance mechanisms should be periodically reviewed at an international level to
maximise societal benefits and minimise societal risks as new data sources and new
technologies are introduced
The Advisory Panel of Experts on Health
Information Infrastructure recommends that: