STRENGTHENING HEALTH

INFORMATION INFRASTRUCTURE

Health Care Quality Indicators Expert Group 13 November 2015 Paris

Jillian.Oderkirk@oecd.org Niek.Klazinga@oecd.org

2

» In 2010, health ministers called for improvement in

national information infrastructure to provide

evidence to improve health care quality

» Ministerial Communiqué called for more effective

use of data that has been already collected

» OECD Health Committee supported projects in

2011/12 and 2013/14

• Work is guided by the Health Care Quality

Indicators Expert Group (HCQI)

Agenda to improve health information

infrastructure

3

» Most useful data for

scientific knowledge

generation and

intelligence for health

care management

and policy would

describe patients

pathways of care and

the outcomes and

costs of those

pathways

High priority data – care pathways and

outcomes

Source: www.mdgadvertising.com/blog/mapping-healthcare-

search-to-the-patient-journey/

4

How to build care pathway data?

» Evidence about the pathways and outcomes of care

» Two key prerequisites

» Collection and storage of data at the level of

individual patients/persons

» E.g. registries, administrative data, surveys

» Capacity to follow patients through the cycle of

care to relate care to outcomes

» Often requires data linkage because few databases

have all of the information needed

» Could be based on electronic health records

5

HCQI report in 2013

» Most countries have national data

covering the key elements of the

health care pathway

» Often data is in silos (separate and

disconnected)

» Too few countries are linking across

databases for research or to improve

the quality of care

» Most work has a long history, i.e.

cancer registries

» Innovation in 6 of 19 of countries

» 13 of 25 countries plan to extract data

from clinical records for a range of

monitoring and research needs

6

» Cross-country variation in data development and

use is linked to different approaches to addressing

risks to data subjects’ privacy

» HCQI and Working Group on Security and Privacy in

the Digital Economy members met together on May

11, 2012

» To begin to achieve a common understanding of

privacy protection challenges in the use of

personal health data

» To identify potential joint international actions

Joint dialogue with experts in health and

data privacy

7

THE HCQI EXPERT GROUP

INFORMATION INFRASTRUCTURE

PROJECT IN 2013-14

8

2013-14 study to improve data

governance

» Project of the Health Care Quality Indicators Expert

Group with advice from the Working Group on Security

and Privacy in the Digital Economy

» Aiming to:

» Understand the current situation and monitor

changes since 2011

» Uncover and document practices and

» Make recommendations of promising governance

practices to enable privacy-respectful data use

9

Provide advice and guidance at all stages including:

» Work plan

» Instruments and techniques for the collection of evidence

» Plans and modalities to consult with stakeholders

» Conclusions and recommendations

» Review of material for publication

Experts in health policy, statistics, research, privacy

regulation, law, and information technology from

government, industry and civil society communities

Convened quarterly by Web-conferencing

Advisory Panel of Experts

10

Advisory Panel Members

Members Area of expertise

Countries Level of engagement

6 Privacy law Australia, Italy, USA, UK***

High

5 Health Statistics Canada, Finland*, Italy*, Korea* Switzerland*

High

2 Health Research Finland, USA High

3 Health IT Canada, Netherlands, USA

High

5 Health Policy EC, Israel**, Japan*

High

7 Low

*HCQI Expert Group members

**Health Committee member

***Security and Privacy in the Digital Economy member

11

Study framework

Proposed data use Proposed data use

Benefits: Risks:

Individuals' rights to health Individuals' rights to privacy

Societal values: Societal trust in:

Health Government

Safe care Health care providers

Effective care Societal values:

Scientific discovery Privacy

Efficient public services Sharing data

Patient benefits: Patient risks:

Care accessibility Lost privacy

Care affordability Discrimination

Care quality Identity theft

Coordination of care Health system risks:

Health system benefits: Lost privacy

Savings in data collection costs Decreased trust

Efficiency gains Lost market share

Market share

Innovation/discovery

Decision to

process personal

health data

12

Study framework

Proposed data use Proposed data use

Benefits: Risks:

Individuals' rights to health Individuals' rights to privacy

Societal values: Societal trust in:

Health Government

Safe care Health care providers

Effective care Societal values:

Scientific discovery Privacy

Efficient public services Sharing data

Patient benefits: Patient risks:

Care accessibility Lost privacy

Care affordability Discrimination

Care quality Identity theft

Coordination of care Health system risks:

Health system benefits: Lost privacy

Savings in data collection costs Decreased trust

Efficiency gains Lost market share

Market share

Innovation/discovery

Decision to

process personal

health data

Data Governance

Framework

Maximises

Benefits and

Minimises Risks

13

» HCQI country representatives coordinated with other

organisations in custody of key datasets

» Explored personal health data development and use

including:

» Datasets

» Dataset linkages

» Access to data

» Data governance

» National and multi-country analytical projects

Country questionnaire

14

• Canada

• Czech Republic

• Denmark

• Finland

• Iceland

• Ireland

• Israel

• Italy

• Japan

• Korea

• Netherlands

Country questionnaire

• New Zealand

• Norway

• Singapore

• Spain

• Sweden

• Switzerland

• Turkey

• United Kingdom

(England, Scotland and

Wales)

• United States

15

» Question sets tailored to each type of expert

» Experts in data privacy, project approval, data

processing, access, routine use and analysis

» Interviews to understand current practices to:

» Govern data

» Initiate and approve projects

» Protect data security

» Process data

» Provide access to data

» Interviews completed with 50 experts

» legal experts in 11 countries and operational experts in 15

countries

Interviews with experts

16

» APHII reviewed draft findings from the country survey and

expert interviews in spring 2014

» APHII participated in a modified Delphi survey to identify

elements of a

» Data governance framework that maximises societal

benefits and minimises risks

» Taxonomy to guide evaluation of risks and benefits

» APHII met on 21 May 2014 to discuss and revise aspects

of the recommendations where views diverged and outline

the structure of the report

» Further exchange, revision and drafting over the summer

and early fall, including a teleconference to finalise the

draft on 11 September

Analysis

17

KEY FINDINGS AND

RECOMMENDATIONS

18

Follow the health care pathway and measure outcomes in

order to:

» Evaluate the quality and cost-effectiveness of

treatments

» Monitor adverse events (drugs, devices, care)

» Evaluate and revise clinical care guidelines

» World-class research: pathways + genetic data +

monitoring devices and more

High Value Health Data Supporting

Management, Policy and Innovation

19

» Hospital in-patients

» Mental hospital in-patients

» Primary care patients

» Emergency care patients

» Prescription medicines (by patient)

» Long-term care patients

» Patients in cancer, diabetes and CVD registries

» Patient reported outcomes and patient experiences

surveys

» Census/population registries

» Deaths

Key national data for pathways

investigated:

20

Key health data availability, maturity and

use

0.00

1.00

2.00

3.00

4.00

5.00

6.00

Score is the sum of the percentage of national datasets meeting 7 dataset content and usefactors (Highest score =7)

21

» Canada – prescription medicines & primary health care

» Switzerland – cancer registry

» Japan – mental hospital in-patients and patient experiences

In development:

» Canada – patient experiences

» Czech Republic – patient experiences

» United States – in-patient hospitalisations

Progress in national dataset availability

since 2011

22

Little change in national data linkage

activities since 2011

7+ key national datasets Canada, Finland, Israel, Korea, Singapore, Sweden, United

Kingdom (England, Scotland and Wales)

5-6 national datasets Denmark, New Zealand, Netherlands, United States

3-4 national datasets Czech Republic, Iceland, Norway, Spain

1-2 national datasets Ireland, Italy, Switzerland

0 national datasets Japan, Turkey

Key datasets linked regularly for statistics or research in 2013

# of countries reporting a linkage study is usually underway in:

Hospital in-

patients Deaths Cancers Rx

Mental hospital

in-patients

Primary care

Long-term care

Population

health survey

Census or

population

registry

2011 10 11 8 6 7 4 5 6 9

2013 8 9 11 9 8 2 5 5 6

23

Twelve countries are linking data across

the pathway of care

A B C D E

Regularly linking hospital in-patient, mental-hospital in-

patient, cancer registry data and

mortality data

Linking datasets in A +

emergency care data

Linking datasets in A +

prescription medicines data

Linking datasets in A + long-term

care data

Linking datasets in A + primary

care data

Canada Canada Canada Canada Korea

Czech Republic Israel Denmark Finland Singapore

Denmark Korea Finland Israel UK (Wales) Finland New Zealand Korea Korea Israel Singapore New Zealand Singapore Korea Sweden Sweden UK (Wales)

New Zealand UK (Eng., Scot. & Wales)

UK (Scot. & Wales)

Singapore Sweden

UK (Eng., Scot. & Wales)

24

» Develop health care quality and system performance

indicators

» Measure health care coordination, pathways and outcomes

» Estimate compliance with clinical care guidelines

» Develop indicators of health care utilisation and costs

» Measure disease prevalence

» Estimate health and health care use for different

socioeconomic groups

» Conduct medical and health services research projects – 27

policy relevant national projects and 11 multi-country

projects

» Assure the quality, validity and completeness of national

datasets

Key reasons for regular dataset

linkages

25

The APHII recommends that:

The health information system should support health care quality and

system performance monitoring and improvement, and research

innovations for better health care and outcomes.

The health information system should:

Be accessible for statistics and research, subject to safeguards specified in law

Be developed within a data governance framework that protects health information privacy and reflects

societal values regarding rights to privacy and to health

Include datasets of patient-level data for complete or representative national patient populations for all key

health and social care services and for patient characteristics, behaviours and health outcomes

Include data from clinical, administrative, laboratory, device and survey sources that can be linked and

analysed for approved statistics and research projects

Require the collection of consistent, unique patient identifiers for all datasets where unique identification

and/or data linkage is in the public interest

Follow international standards for the coding of terminology and data interoperability

Be routinely audited for information content quality and usability for research and statistics

Enable datasets to be routinely linked for approved on-going monitoring of population health, health care

quality and system performance in the public interest

Enable datasets to be routinely linked for approved research projects in the public interest

26

Sharing and accessibility of health data

for approved statistical and research

uses

0.0

1.0

2.0

3.0

4.0

5.0

6.0

7.0

Score is the sum of the percentage of national datasets meeting 6 accessibility factors(Highest score =6)

27

» All of the 20 countries have one or more legislations

protecting health information privacy

» All legal frameworks recognise personal health data as

sensitive data

» Secondary analysis of personal health data is permitted

with the consent of data subjects or if legally authorised

» Differences among countries relate to:

» Sharing identifiable and de-identified data

» Exemptions to consent requirements

» The form of consent (broad or narrow, opt-in/opt-out)

Legislative frameworks governing

personal health data

28

Sharing rules matter more when key

datasets are in the custody of different

organisations

1-2 custodians Czech Republic, Iceland, Italy, Japan, Switzerland, Turkey, UK England, UK Scotland

3-4 custodians Canada, Denmark, Finland, Israel, New Zealand, Singapore, Spain, Sweden, United States

5-6 custodians Korea, UK Wales

7+ custodians Ireland, Netherlands, Norway

29

Sharing identifiable data among

national data custodians for research or

statistics (dataset linkages)

1-2 custodians Czech Republic, Iceland, Italy, Japan, Switzerland, Turkey, UK England, UK Scotland

3-4 custodians Canada, Denmark, Finland, Israel, New Zealand, Singapore, Spain, Sweden, United States

5-6 custodians Korea, UK Wales

7+ custodians Ireland, Netherlands, Norway

Sharing identifiable health data among national custodians:

Permitted

Not permitted (unless consent or legal authorisation)

Not permitted but linkages still occur through consistent

encryption of identifiers or trusted 3rd party

30

Other challenges sharing identifiable

data

Among public authorities in general:

Data collection authority uncertainty (Czech Republic)

Trouble negotiating transfers (Singapore, Turkey)

Slow negotiations (Canada, USA)

Among health and statistical authorities:

Netherlands, Switzerland and USA have linkages take

place within the NSO

Iceland negotiated method for bi-directional sharing

UK NSO legally authorised to share

Among health care providers and public authorities:

Trouble negotiating sharing with private providers

(Canada, Netherlands, Iceland, UK)

31

Sharing de-identified micro data

Academic and

non-profit

researchers

Commercial

sector

researchers

Foreign

Researchers

Permitted

16 10 15

Permitted only for

unlinked data

1 1 1

Not permitted but

access still occurs

through secure portals

3 1

Not permitted (unless

consent is obtained)

2 10 6

32

» Future research and statistical uses of data are not

known in a detailed way at the time data is collected

(hospitalisation, primary care visit, insurance claim etc.)

» Some data are specifically collected to support future,

and not yet specified research – bio banks

» Costs of administering project specific consent

questions retrospectively are prohibitive

» Validity of the research results is compromised – known

bias toward younger/healthier and less mobile

» Public acceptability of numerous requests is doubtful –

robust programs have 1000’s of projects annually

Big data and project-specific consent

33

» Project-specific consent for purpose-specific studies

(invitation to a survey or a clinical trial)

» Exemptions to patient consent requirements when

complete patient data is essential

» Broader consent questions

» Can be framed as an option to opt-out of datasets that will

be used for research and statistics

» Can be asked by health care providers at the first visit or

» Can be asked within patient portals (where patients access

their own data) as these become more widely available

» Decisions on exemptions or use of data under a broad consent are

taken by a credible arms-length approval body

Promising practices

34

The APHII recommends that:

The processing and the secondary use of data for public health,

research and statistical purposes should be permitted, subject to

safeguards specified in the legislative framework for data protection

The legislative framework should:

Reflect the basic principles for privacy protection outlined in the OECD Privacy Framework

Cover all data sources and all data custodians and processors

Require a fair and transparent approval process including an independent approval body

Permit use of personal health data for research and statistics, subject to the approval process.

Allow the use of data, whether collected by consent, exceptions to consent or specific authorisation,

for further approved statistical and research projects

When giving patients the right to opt-out of the inclusion of their data in datasets used for future

approved research and statistics, there should be practical means to exercise that right

Allow personal health datasets to be linked for approved uses (record linkage)

Permit the sharing of linkable data among public authorities for approved data linkages

Allow sharing and access for research or statistical projects by applicants from all sectors of society

Allow sharing and access to data by foreign applicants, where the legislative framework in the foreign

country adequately meets the standard for data protection of the home country

Require public reporting of all applications for approval to process personal health data and the

approval decisions

35

» 12 of 20 countries have an open health data initiative -

usually to improve access to aggregated health data

» Rarely is there a website or public information about:

» All national personal health datasets or

» Approved studies involving the processing of personal health

datasets (linked data)

» Countries providing researcher access to data tend to also

have a website explaining requirements of applicants

» Communication about data uses, benefits, safeguards and

data subjects’ rights is challenging

» Good examples and lessons learned in the UK (care.data)

» Public consultations, public involvement in steering committees,

public information

Open and transparent health

information systems

36

Public engagement should:

Include regular, clear and transparent communication with the public about the

collection and processing of personal health datasets including the benefits of the

processing, the risks of the processing and the risk mitigations.

Include public information, such as a website, that describes personal health datasets at

a national level, including the content of the datasets and the dataset custodians.

Include public information, such as a website, that describes applications for approval of

the processing of national personal health datasets, including dataset linkages, as well

as approval decisions.

The APHII recommends that:

The public should be consulted upon and informed about the collection

and processing of personal health data

37

» In 12 countries 70%+ of key national datasets are

within one organisation

» Enables efficiency/data uses/security+access

» Accreditation or certification assures processors

meet and maintain the countries’ highest

standards for data protection

» Accreditation has been implemented in

Scotland, Australia and is under consideration

in England

Concentrating and strengthening

national data processing

38

» Highest volume of approved access requests in:

» Denmark with 2000 applications from external researchers per year

(40% linkages)

» New Zealand with 2500 applications (5% linkages)

» 100’s of requests in Canada, Finland, USA – about 6-10% are

linkages - UK England is preparing for high volume

» Cost recovery models used – marginal cost (staff time)

» Costs much higher where probabilistic matching is needed (lack of

consistent ID number)

» Strategies to lower costs

» Secure storage of linkage keys to not re-do established links (Statistics

Canada)

» Automation of linkages (UK HSCIC)

Volumes and recovering costs

39

The APHII recommends that:

A certification/accreditation process for the processing of health data for

research and statistics could be implemented.

The certification/accreditation process should:

Limit processing of identifiable data and data linkages to certified/accredited data

custodians and processors.

Require certified/accredited data custodians and processors to comply with norms for

data governance that include these eight recommended data governance mechanisms.

Establish rules, policies, data standards and administrative structures among

certified/accredited data custodians and processors that encourage and support

appropriate cooperation for data sharing and analysis that minimise barriers.

Require certified/accredited data custodians and processors to act as a secure national

archive for personal health data with future research and statistical value.

Adequately resource and require data custodians and processors to ensure that any fees

to process data requests do not limit fair access to data for approved applicants from all

sectors of society.

Require accountability for adherence to certification/accreditation norms and for the

timeliness and quality of data processing services.

40

Approval processes

» Five different approaches to decision making

» Independent REB advises data custodians (5 countries)

» Independent REB and data custodians advise DPR (2)

» DPR advises data custodians (3)

» IRB advises data custodians (3)

» Custodians decide alone (4)

» Public information about approval process to request access to de-

identified record-level data and to request a data linkage

» For all key national health datasets in (9 countries)

» For most key national health datasets in (3)

» No information about data linkages (5)

» No public information at all (5)

41

Taxonomy to evaluate risks and benefits

Societal benefits Data use purpose (ad hoc, on-going) Consistency with acceptable uses of the data Potential benefits of results: • Health outcomes • Treatments/patient experiences • Care quality/efficiency/affordability • Sector management/governance • Profits/market share • Industry/economic growth • Progress of science/research/ innovation • Data quality/respondent burden/data costs • Transparency /accountability of government Potential beneficiaries of the project results • Multiple societies/global population • Society/whole population • Patient groups • Government/policy makers • Research community • Health care industry Potential impact of results on beneficiaries Data/methods appropriate to realise benefits

Societal Risks Identifiability of the data required/necessary Consent or fulfilment of exemption rules Positive advice of approval bodies and custodians Risk analysis Applicant track record of privacy respectful use Legal sanctions that could be applied including adequacy of foreign laws Necessity to transfer data/alternatives (Research Data Centre, Secure Remote Access) Security of transfer/recipient’s organisation Vulnerability and impact of outside attack Time limit for data access Follow up to ensure obligations are respected

42

The APHII recommends that:

The project approval process should be fair and transparent

The project approval process should:

Follow a criteria for project approval that considers both societal risks AND societal benefits of

proposed data uses, such as the taxonomy included in this report

Consider the elements of the proposed statistical or research use of data on their own merits and avoid

discrimination against applicants due to their age, experience, employment or other factors

Ensure the process to apply for approval to process and/or access personal health data and the criteria

for project approval are publicly available (such as a website)

Ensure a summary of each application for project approval and each approval decision are publicly

available (such as a website). Summaries should include the purpose of the processing, the datasets

included and the organisations and researchers involved

A multidisciplinary project approval body should:

Include relevant stakeholders, such as legal experts, statistical experts, patients and researchers that

are also third parties, with no stake in an approval decision

Consult with the custodians of all datasets involved and take their advice into account

Be publicly identified, including the project approval body's role, membership, criteria the body follows

for project approval, timeliness of approval decisions, and process to appeal a decision

Be accountable for the timeliness and quality of their services

43

» Data linkages are needed and a

processor must exist that holds the keys

to the identifiability of data

» Data de-identification rarely reduces the

re-identification risk to zero

» Some methods carry more risk than others

» No consistency in practices

Why can’t we de-identify the data and

through away the key?

» Treatment to lower re-identification risks can damage

data utility - research results are biased/useless

» Data de-identification decisions must consider “the big

picture”:

» Desired use of the data and data security environment

surrounding the data use

44

The APHII recommends that

Best practices in data de-identification should be applied to

protect patient data privacy

Data de-identification practices should:

Document data de-identification methods

Involve a data privacy expert in the development or review of de-identification methods

Define direct and indirect identifiers

Delete direct identifiers or, where necessary create a pseudonym from direct identifiers

Replace the pseudonym with a meaningless study number when releasing any data to a third party

Store the mapping between the identifiers, the pseudonym and any study numbers for future approved

uses, such as informing data subjects and the replication, validation and extension of a study

Develop general rules for the treatment of indirect identifiers through data masking techniques

Consider the impact of the treatment of indirect identifiers on the study results, and consider other

measures to mitigate privacy risks if the treatment will unduly damage the study findings

Develop guidelines on cell counts and indirect disclosure risks for tabulations and results of scientific

research that are to be placed in the public domain

Audit the data de-identification process to ensure all steps have been followed

45

Data security environments surrounding

data use

» Common approaches of national data processors:

» Physical security, separation of duties, staff obligations

and training, secure channels for data sharing

» Contractual obligations + follow-up and penalties

» Alternatives to transferring data from processors to recipients

» Secure research data centres and remote data access systems

» Data use limited to within a secure physical or virtual facility

» Facilities offer analytical software, tools and good processing speeds

» No ability to print or otherwise remove data or results from the facility

until the release is approved by a qualified reviewer

» RDCs in Canada, Japan, Singapore, Netherlands and USA and RDA’s in

Canada (Ontario), UK (Scotland and Wales), Netherlands, USA, Korea

(pilot) and Denmark (in development)

46

The APHII recommends that

Best practices in data security and management should be applied to

reduce re-identification and breach risks

Data security and management practices should: Control and monitor physical and IT data security within data custodians and processors

Control and monitor to ensure that access to and use of personal health data within data custodians or

processors is performed by staff subject to confidentiality rules/regulations

Limit data transfers to and from data custodians or processors to secure channels

Require legally binding contracts with recipients of personal or de-identified person-level data from

custodians or processors that specify the data confidentially and security requirements to be respected

Ensure data custodian staff, data processor staff and third-party data recipients have mandatory and

periodic training on data privacy and security protection

Before transferring data, review the physical security and security policies and practices of data recipients

and any parties mediating data transfers

Conduct Independent and random data security audits of recipients and parties mediating transfers

Follow-up to verify data destruction and other end of contract requirements have been met

Offer alternatives to transferring data, such as a research data centre, secure data portal, or analysing

the data within a certified/accredited organisation

Implement penalties for data misuse by any party

47

Views about the next five years Country

Likelihood that linked data are used to regularly monitor care quality

Likelihood that data from EHRs are used to regularly monitor care quality

Canada Likely Very likely Czech Republic Likely Very unlikely

Denmark Very likely Unsure Finland Unsure Very likely Iceland Likely Likely Ireland Likely Likely

Israel Likely Likely Italy Very likely Likely

Japan Likely Likely Korea Unsure Unsure* Netherlands Likely Likely*

New Zealand Likely Unsure

Norway Very likely Likely

Singapore Likely Likely

Spain Unsure Very likely*

Sweden Likely Unsure

Switzerland Likely Unsure

Turkey Unlikely Very unlikely

United States Likely Very likely*

UK England No opinion No opinion

UK Scotland Very likely Very likely

UK Wales No opinion No opinion

48

Progress and obstacles

» Progress

» Strengthening of legislative frameworks governing health information

privacy and use or reforms are underway

» Greater clarity about the interpretation of legislation in practice

» Improvements data quality and tools for data processing

» Progress in developing and standardising EHR systems

» Monitoring and research uses of data have started

» Obstacles

» Uncertainty about the impact of the European DPR

» Lack of government priority on solving data use challenges

» Need for more time to implement EHR systems

49

The APHII recommends that

Governance mechanisms should be periodically reviewed at an

international level to maximise societal benefits and minimise societal

risks as new data sources and new technologies are introduced

Periodic review is needed to:

Share best practices in data governance, including:

Review and develop norms for the accreditation or certification of data processors;

Review privacy legislations in OECD countries, compare similarities and differences,

and create a list of countries sharing similar and adequate data privacy protection;

Review current practices in patient consent and reach agreement on privacy-protective

mechanisms to request/waive consent for research and statistics involving large health

datasets;

Review developments in data security risks and in software and IT processes to assist

with risk mitigation; and

Review approaches to public consultation and public information about data uses, risks

and risk mitigations.

Monitor national implementation of best practices in data governance, such as these eight

recommended data governance mechanisms.

50

» Health Committee (HC) discussion on 8 December

» Working Party on Security and Privacy in the Digital

Economy on 9 December

» APHII teleconference on 10 December

» Written feedback from HC, SPDE and HCQI by 30

January

» Feedback from national experts in January-February

» Experts identified on the country survey +

» Additional experts HCQI, SPDE and HC recommends

» Revised draft for final review in March 2015 – then

publication in late spring

Next steps for this report

51

» Launch the OECD publication

» Invite leaders of promising practices to present

» opportunity to learn from their experiences, including

benefits and challenges overcome

» Invite HC and SPDE members to join us

» Hold it at the OECD on 20 May 2015 – day before next

HCQI meeting

International workshop on governing

personal health data – mechanisms and

tools for privacy-protective data use

52

COMMENT on the draft recommendations

DISCUSS the draft report

ADVISE on next steps including:

• National experts to invite to review the draft report

• Possibility of an international workshop on data governance on

20 May 2015

Members of the HCQI Expert Group are

invited to:

53

1. The health information system should support health care quality and system performance

monitoring and improvement, and research innovations for better health care and

outcomes

2. The processing and the secondary use of data for public health, research and statistical

purposes should be permitted, subject to safeguards specified in the legislative framework

for data protection

3. The public should be consulted upon and informed about the collection and processing of

personal health data

4. A certification/accreditation process for the processing of health data for research and

statistics could be implemented

5. The project approval process should be fair and transparent and decision-making should

be supported by an independent, multidisciplinary project review body

6. Best practices in data de-identification should be applied to protect patient data privacy

7. Best practices in data security and management should be applied to reduce re-

identification and breach risks

8. Governance mechanisms should be periodically reviewed at an international level to

maximise societal benefits and minimise societal risks as new data sources and new

technologies are introduced

The Advisory Panel of Experts on Health

Information Infrastructure recommends that: