European Standards on Confidentiality and Privacy in Healthcare Dr Colin M Harper Division of Psychiatry & Neuroscience Queen’s University Belfast Biotechnology, Culture, and Human Values in Asia and Beyond Eighth Asian Bioethics Conference Bangkok, Thailand March 19-23, 2007
“Europe isn’t a continent, it is a peninsula which sticks off Asia!”
Europe? European Union (EU)-- 25 (+2) Member states 457 million people Enacts ‘hard’ law for member states ‘Single Economic Market’ key focus Council of Europe (CoE) Member states 800 million people ‘Softer’ Standard setting Human rights / Democracy
European Norms in field of Privacy in Healthcare Confidentiality Ethics & Law (Human) Right to Privacy (CoE) Data Protection Law (EU)
Universal Declaration on Bioethics and Human Rights Article 9 – Privacy and confidentiality The privacy of the persons concerned and the confidentiality of their personal information should be respected. To the greatest extent possible, such information should not be used or disclosed for purposes other than those for which it was collected or consented to, consistent with international law, in particular international human rights law.
European Convention for the Protection of Human Rights and Fundamental Freedoms ARTICLE 8 1.Everyone has the right to respect for his private and family life, his home and his correspondence. 2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.
European Standards on Confidentiality and Privacy in Healthcare (EuroSOCAP) European Commission (EU) funded project examining the fundamental ethical requirements of privacy and confidentiality of healthcare information in an EU context. It focused on ensuring that European level ethical guidance contained the effective protections necessary for vulnerable patient groups (e.g. prisoners, migrants, children).
EuroSOCAP Project Team Project Team: 18 healthcare professionals, legal experts and ethicists from 10 European states. Project coordinated from the Division of Psychiatry & Neuroscience, Queen’s University Belfast, Northern Ireland, UK/Ireland.
Development of Standards Feb 2003Draft Standards developed by Project team through 5 Workshops - June 2005 June 2005Draft Standards circulated widely for consultation. September Workshop attended by 80 experts/stakeholders from 26 states: 2005 Patient Organizations, National Medical Associations, National Ministries of Health, National Data Protection Authorities, the European Commission, industry, universities, and relevant international organizations. October Revised Draft Standards prepared and circulated for a further 2005 round of consultation. NovemberStandards finalized at a meeting of the EuroSOCAP 2005Project Board.
Examples of issues where differences arose Confidentiality after death? Breach of confidence a criminal offence? Need for consent for secondary uses? What level of risk of harm to a third party justifies disclosure of confidential health information? Public benefit of medical research v individual right to privacy? Kinds of technology used in healthcare service?
European Standards on Confidentiality and Privacy in Healthcare
European Standards on Confidentiality and Privacy in Healthcare The Standards provide: Ethical Guidance on confidentiality and privacy to healthcare professionals. Recommendations to healthcare provider institutions on supporting frameworks for ethical best practice.
Contents of EuroSOCAP European Standards on Confidentiality and Privacy in Healthcare Ethical & Legal Foundations of the Standards Protection, Use and Disclosure of Patient Information— General Considerations (e.g. consent, lack of capacity) Protection, Use and Disclosure of Patient Information for their Healthcare Protection, Use and Disclosure of Patient Information for Healthcare Purposes not Directly Related to their Healthcare (audit, research, management of services) Obligations and Justifications for the Disclosure of Patient Identifiable Information for Purposes not Related to their Healthcare (e.g. crime prevention, public safety)
Website The web site includes: the Standards in 5 languages and Guidance in a further 20 languages; an online searchable database of links to relevant material; an online searchable database of interests and contact details of individuals from across Europe interested in the area of healthcare confidentiality and privacy; an based news service. an online forum for discussion of healthcare confidentiality and privacy.
How are the European Standards being used in different contexts? Better take up by data protection sector at national level than European level. Better take up by public health sector at European level than national level. Health professional organisations at a European level very positive—encouraged to develop their own work in ethics. European Standards seen as relevant in different respects by different European countries