8/10/2019 Health Informatics & Legal Issues
1/59
Health Informatics &Legal Issues
26 March 2014NDU
Dr. Mona Al-Achkar Jabbour
[email protected] of Law
President of the Lebanese Information Technology Association(LITA)
Member Founder of the Pan arab Observatory for Cyber Security
mailto:[email protected]:[email protected]8/10/2019 Health Informatics & Legal Issues
2/59
Thank you
8/10/2019 Health Informatics & Legal Issues
3/59
Added value
For:
citizens
governments
business sctor
Online prescribing, information patients portals
interactive communication
Extended service times
Decision support systems
Order clinicians entry online training
Clinical databases
communication
Workflow planning systems
budgetary systems
8/10/2019 Health Informatics & Legal Issues
4/59
Directory of eHealth policies
In September 2010 Ban Ki Moon, launched the Global Strategyfor Womens and Childrens Health, with the aim of saving thelives of 16 million mothers and children worldwide by 2015 in 75target countries, including the worlds 49 poorest nations.
CoIAsrecommendations to improve accountability andtransparency emphasize the essential role of information andcommunication technologies (ICT) in achieving the goals set outby the Global Strategy.
by 2015, all target countries should have integrated the use ofICT in their national health information systems and health
infrastructure.
8/10/2019 Health Informatics & Legal Issues
5/59
"Medical Informatics
"Medical Informatics studies:
the organization of medical information
the effective management of informationusing computer technology
and the impact of such technology on
medical research, education, and patientcare.
8/10/2019 Health Informatics & Legal Issues
6/59
assessing current informationpractices,
determining the information needs ofhealth care providers and patients,
developing interventions usingcomputer technology,
and evaluating the impact of thoseinterventions.
The fieldexplorestechniques
for:
8/10/2019 Health Informatics & Legal Issues
7/59
Objectives
optimize the use of information inorder to improve:
the quality of health care, reduce cost,
provide better education forproviders and patients,
and to conduct medical researchmore effectively."
Thisresearch
seeks to:
8/10/2019 Health Informatics & Legal Issues
8/59
8/10/2019 Health Informatics & Legal Issues
9/59
health information technology
medical practice
medical research
This area ofstudy supports:
systems such as electronic healthrecords (EHR)
electronic medical records (EMR)
health information exchange standards
medical terminologies
Clinical Terms and portable medical devices for the
collection of data.
It involves:
http://searchhealthit.techtarget.com/definition/Health-IT-information-technologyhttp://whatis.techtarget.com/definition/electronic-health-record-EHRhttp://whatis.techtarget.com/definition/electronic-health-record-EHRhttp://searchhealthit.techtarget.com/definition/Health-IT-information-technology8/10/2019 Health Informatics & Legal Issues
10/59
health informatics
The first use in the 1950s with dental data collected by theNational Bureau of Standards, now known as the National Instituteof Standards and Technology (NIST).
Accelerated usage with development of the MassachusettsGeneral Hospital Utility Multi-Programming System (MUMPS),which provided a standard programming language for clinicalapplications.
Today,International Medical Informatics Association (IMIA)oversees member organizations involved in health informaticsworldwide.
http://searchsoftwarequality.techtarget.com/definition/NISThttp://whatis.techtarget.com/definition/Mhttp://whatis.techtarget.com/definition/Mhttp://searchsoftwarequality.techtarget.com/definition/NIST8/10/2019 Health Informatics & Legal Issues
11/59
8/10/2019 Health Informatics & Legal Issues
12/59
Scope - 1
It deals with:
- the resources
-devices
- required methods to optimize:
- the acquisition, storage, retrieval, and use
of information in health and biomedicine.
8/10/2019 Health Informatics & Legal Issues
13/59
Scope -2
Health informatics tools:
Computers clinical guidelines
formal medical terminologies
information and communication systems
http://en.wikipedia.org/wiki/Medical_guidelinehttp://en.wikipedia.org/wiki/Medical_guidelinehttp://en.wikipedia.org/wiki/Medical_guidelinehttp://en.wikipedia.org/wiki/Medical_guideline8/10/2019 Health Informatics & Legal Issues
14/59
Scope -3
nursing
clinical care
dentistry
pharmacy
public health
occupational therapy
physical therapy
(bio)medical research
alternative medicine
It is
appliedto the
areasof:
http://en.wikipedia.org/wiki/Nursinghttp://en.wikipedia.org/wiki/Clinical_medicinehttp://en.wikipedia.org/wiki/Dentistryhttp://en.wikipedia.org/wiki/Pharmacyhttp://en.wikipedia.org/wiki/Public_healthhttp://en.wikipedia.org/wiki/Occupational_therapyhttp://en.wikipedia.org/wiki/Physical_therapyhttp://en.wikipedia.org/wiki/Biomedical_researchhttp://en.wikipedia.org/wiki/Medical_researchhttp://en.wikipedia.org/wiki/Alternative_medicinehttp://en.wikipedia.org/wiki/Alternative_medicinehttp://en.wikipedia.org/wiki/Medical_researchhttp://en.wikipedia.org/wiki/Biomedical_researchhttp://en.wikipedia.org/wiki/Physical_therapyhttp://en.wikipedia.org/wiki/Occupational_therapyhttp://en.wikipedia.org/wiki/Public_healthhttp://en.wikipedia.org/wiki/Pharmacyhttp://en.wikipedia.org/wiki/Dentistryhttp://en.wikipedia.org/wiki/Clinical_medicinehttp://en.wikipedia.org/wiki/Nursing8/10/2019 Health Informatics & Legal Issues
15/59
The term "medical informatics", refered to the processing of medical data bycomputers.
the importance of "information processing" wrapidly superseded by that of"information communication
Health applications then became known as "health telematics" or"telemedicine", and now "e health".
the value of these applications lies not in the technology itself or even in theexchange of data but in the ability to develop human networks of competenceand expertise in the field of health.
8/10/2019 Health Informatics & Legal Issues
16/59
Tele-health
surveillance, healthpromotion and publichealth functions. It is
broader in definitionthan tele-medicine asit includes computer-assistedtelecommunicationsto support
management,surveillance, literatureand access to medicalknowledge.
Tele-medicine
is the use oftelecommunicationsto diagnose and treat
disease and ill-health.
Telematics for health
is a WHO compositeterm for both tele-medicine and tele-
health, or any health-related activitiescarried out overdistance by means ofinformationcommunication
technologies.
8/10/2019 Health Informatics & Legal Issues
17/59
Nursing Informatics
Planning care Delivering careNursing
informaticsrefers to:
informaticswithin all areas of
nursing practice
informaticsdesigned for and
relevant tonurses
informationmanagement,
knowledge fromsciences otherthan nursing
8/10/2019 Health Informatics & Legal Issues
18/59
E-health
Barely in use before 1999
Actually, this term now seems to serve as a general"buzzword"
It characterizes everything related to computers andmedicine.
The term was apparently first used by industry leadersand marketing people rather than academics.
8/10/2019 Health Informatics & Legal Issues
19/59
e-health in the academic environment
the term has already entered
the scientific literature (today,76 Medline-indexed articlescontain the term "e-health" inthe title or abstract).
8/10/2019 Health Informatics & Legal Issues
20/59
E-health :More than a technological developement
"stamping a definition onsomething like e-health is
somewhat like stamping adefinition on 'the Internet': It isdefined how it is used - thedefinition cannot be pinned
down, as it is a dynamicenvironment, constantly
moving."
8/10/2019 Health Informatics & Legal Issues
21/59
E-health by the academics
e-health is:
an emerging field in the intersection of medical informatics, publichealth and business,
referring to health services and information delivered or enhancedthrough the Internet and related technologies.
It characterizes:
a technical development
a state-of-mind a way of thinking
an attitude
a commitment for networked, global thinking, to improve health carelocally, regionally, and worldwide by using information and
communication technology.
8/10/2019 Health Informatics & Legal Issues
22/59
8/10/2019 Health Informatics & Legal Issues
23/59
Defining E- Health
- public healthwhich is the responsibility of States (preventingand responding to disease in populations)and healthcare-which is the responsibility of professional and hospitals towardindividual patients and the treatment of disease.
- products, such as instruments to ensure the constantmonitoring of blood pressure in ambulatory patients,
- systems, such as computer-assisted surgery systems, andservices, such as:
- operating surgical and intensive care units, with interconnectedinstruments and surveillance services ensuring continuouspatient monitoring;
- computer-assisted prescription services, where the softwarechecks for incompatible drugs, contraindications and dosagelevels;
- information services for patients and consumers, includingindividual electronic health records.
The
scope ofe-health
extremelygeneric :
8/10/2019 Health Informatics & Legal Issues
24/59
10 e's in "e-health"
Efficiency
Enhancing quality
Encouragement
Education
Enabling
Extending
Ethics Evidence based
Empowerment
Equity
8/10/2019 Health Informatics & Legal Issues
25/59
The goals
increasing efficiency in health care
Improving quality of care
increasing commitment to evidence-based medicine
empowering patients and consumers
developing new relationships between patients and health professionals
8/10/2019 Health Informatics & Legal Issues
26/59
Some applications
system making patient information accessible for allhealthcare units at a district, county, or even national level.
patient portal, a system for patient Internet access tomedical record.
use of Internet as a source of medical information, ameans for medical consultation and for marketing of drugs.
8/10/2019 Health Informatics & Legal Issues
27/59
8/10/2019 Health Informatics & Legal Issues
28/59
e-Business
includes onlineprocurement
processingbetween healthcare providersand suppliers,onlineelectronic
claimsprocessing,eligibilityauthorizationfrom insurancecompanies, and
consumerpurchase ofprescriptiondrugs andhealthinsurance.
Consumermarketing
includes theuse of Web sites
to showcaseorganizationalinformation toattract newpatients andprovide
wellnessinformation anddisease-specificinformation toexistingpatients.
Organizationalmanagement
includes patientaccess to
medicalinformation viaelectronichealth recordsallowing themto conduct risk
assessments oftheir ownhealth andinclude patient-physicianinteraction
using e-mail.
Clinical customerservices
includes patientaccess to
medicalinformation viaelectronichealth recordsallowing themto conduct risk
assessments oftheir ownhealth andinclude patient-physicianinteraction
using e-mail.
8/10/2019 Health Informatics & Legal Issues
29/59
Going digital
- datasharing
- mail andelectronicmessagesarchiving
- accesslogs data
and audittrails
- tracingaccess and
time ofaccess
8/10/2019 Health Informatics & Legal Issues
30/59
Implications in practice
The standards and regulations that have hitherto servedto protect individuals in such a vitally important area oflife can no longer be guaranteed when healthcare moves
into the public arena.
At a more local level, the introduction of computer-
mediated healthcare changes the processes andpractices of the care professionalsnot least in learningto operate and manage ICTs, individually and as part of ateam.
8/10/2019 Health Informatics & Legal Issues
31/59
Multi-layers stakeholders
Patients:individuals, family,
carersManagement,
owners,shareholders
Health
professionals:doctors, nurses,
Governmentdepartments: local,
state, federal
professions allied tohealth:
Researchers,academics and
students Vendorsand consultants
Professional bodies:colleges and
Community andmedia associations
Staff and unions:scientific, technical,
administrative
Th i l i h fi ld
8/10/2019 Health Informatics & Legal Issues
32/59
The main players in the field :
new players
Varieties of cultures, objectives and traditions
- United Nations agencies
- other international bodies dealing with health telecommunications and Trade
- Government authorities, health and telecommunication decision-makers at the
national and regional levels, as well as the regional bodies to which they belong - Academic and research institutions
- Local health professionals and their associations
- Consumers, patients and their associations
- The Donors
- Non-governmental organizations
- The private sector, including foundations and industries related to health and ICTs
- The media
8/10/2019 Health Informatics & Legal Issues
33/59
Multidisciplinary
computer science
information science
medicine
law
philosophy
social sciences
El t i M di l R d d El t i H lth
8/10/2019 Health Informatics & Legal Issues
34/59
Electronic Medical Records and Electronic Health
Records
Electronic Medical Records (EMR)
Contain the standardmedical and clinical data
gathered in one providersoffice.
Electronic health records (EHRs)
1- go beyond the data collected inthe providers office and include amore comprehensive patient history.
ex: EHRs are designed to contain and shareinformation from all providers involved in a
patients care.
2- EHR data can be created,managed, and consulted by
authorized providers and staff fromacross more than one health care
organization.
Unlike EMRs, EHRs also allow apatients health record to movewith themto other health careproviders, specialists, hospitals,nursing homes, and even across
states.
8/10/2019 Health Informatics & Legal Issues
35/59
EMRlegal aspects
- legal document (but what about the Proof)
- the hospital owns the Record
- the patient owns the infos
- confidential
8/10/2019 Health Informatics & Legal Issues
36/59
Legal Challenges
The critical, legal challenge for
MEdical informatics is how tomaximize the opportunities andbenefits afforded whilst minimizingthe risks and liabilities arising fromnew technology and practices.
8/10/2019 Health Informatics & Legal Issues
37/59
Health information networks
Risks samples
Unethical practices due to unregulated IM&T use, e.g. Internet prescribing withoutconsultation
Privacy, confidentiality breaches due to poor security monitoring of data storage ortransmission
Privacy issues surrounding electronic health records
Incomplete data conversion from paper-based records
Medical errors due to failed or unavailable technology
Unethical use of healthcare information by insurance and other commercial companies
8/10/2019 Health Informatics & Legal Issues
38/59
Main Legal issues in MI
Evolving and complex legal principles raised by the use of ICTsin health related fields
Main issues:
- privacy, security, operational, Ethical, consumerprotection, unethical use, equity
8/10/2019 Health Informatics & Legal Issues
39/59
What is Medical Data?
Personal data
Sensitive Data
Technical and legal Protection
Norms & Standards
Private Application
8/10/2019 Health Informatics & Legal Issues
40/59
Sensitive data
Personal health data: Sensitive patient
health data can include insurance-
related data, actual medical information,and personal data about patients, suchas social security numbers, addresses,and other sensitive information, whichshould not be publicly available.
8/10/2019 Health Informatics & Legal Issues
41/59
Risks
- The storing and exchange of medical images is crucial to providing a knowledge base forpractitioners, and clearly it is also crucial that the images from which judgments are made arereliable.Reliability
Data Leakage
The movement of a data asset from an intended state to an unintended, inappropriate, or
unauthorized state, representing a risk or a potentially negative impact to the company.Locate all sensitive information
A key challenge is being able to accurately identify relevant data at all key locations (storeddata, laptops, network, message server).
Control and protect all sensitive information
There are many ways to misuse and lose sensitive data. Hospitals/physicians and companiesmust control and protect sensitive data in order to meet legal, regulatory and company policycompliance obligations.
Data Loss
8/10/2019 Health Informatics & Legal Issues
42/59
Obligations & Liabilities
medical, employer ID, mothers maiden name, signature or biometric data
reasonable security measures
Encrypted data
secure destruction
businesses may not transfer covered data without encryption unlessinternally or by fax
credit card companies
Variations:
several legislations
may hold liability forcosts associated withbreaches of pd data
8/10/2019 Health Informatics & Legal Issues
43/59
Increasing risks
According to a 2012
Department of HomelandSecurity bulletin, attacks againsthealthcare organizations are
expected to increase.
8/10/2019 Health Informatics & Legal Issues
44/59
8/10/2019 Health Informatics & Legal Issues
45/59
Contractual Agreements
Data Management with Third Parties
Data transfer across geographic borders
Vendors or Partners may expose sensitive data to their
third parties agents and contractors Granting vendors access to a hospital/ Companys
sensitive data and processing environments
Existing contracts may contain risk data leakage andmisuse by third parties
Inconsistent implementation of privacy practices
among independent organizations Who has responsibility and associated liability for data
protection?
Contract language and internal auditing of thosecontracts
Data protectionthrough contractswith outsourcing,
marketingagreements, and
vendorrelationships that
involve datatransfer acrossorganizational,
geographic, and
system boundaries
8/10/2019 Health Informatics & Legal Issues
46/59
Nursing informatics Legal issues
Two areas of the lawthat most involve
healthcare leadersand managers are :
employmentlaw
mal practice
8/10/2019 Health Informatics & Legal Issues
47/59
Cyber Security: Must for E-health
As healthcare moves from prescription pads to iPads
new digital landscape requires a cyber security partnerto guard against the bugs, viruses and bad actors
Ponemon Institute estimated the cost of MedicalIdentity Theft to consumers at $12 billion for 2013
8/10/2019 Health Informatics & Legal Issues
48/59
Health cyber Threats
15% of respondents experienced a misdiagnosis
13% of respondents experienced a mistreatment
14% of respondents experienced a delay in treatment
11% of respondents were prescribed the wrong pharmaceutical
50% of respondents have done nothing to resolve the incident
8/10/2019 Health Informatics & Legal Issues
49/59
issues of cyber security: Crimes and assaults
Cyber crime
online fraud
identity theft,
child pornography
intellectual property
Money laundering
Cyber Terrorism
Spamming, phishing, spyware, malware.
Mi i i i Ri k
8/10/2019 Health Informatics & Legal Issues
50/59
Minimizing Risks
Openly discuss with their medical liabilitycarriers the advantages and pitfalls in using ICTs
Reach out to professionals within their
organizations, networks, or communities forsupport in
Ensure that their systems meet their legal,business, and records management needs
Ask in-depth questions of potential vendors to
ensure that their products address medico-legalissues
demand the functionality that supports boththeir clinical and business needs.
With thechanging
legallandscapeand the areasof potential
risk,physicians
can :
8/10/2019 Health Informatics & Legal Issues
51/59
Lebanon
8/10/2019 Health Informatics & Legal Issues
52/59
Lebanon
We are on the net!
The citizen at the heart of theGovernment concern!?
What about the Legal Frame work?
8/10/2019 Health Informatics & Legal Issues
53/59
HIPPA and HITECH in the USA setnational standard for the privacy
Convention on PDP in Europe Varieties of legislations in Europe
Observation of technical standards ofsecure data communication, or to
provisions ensuring high quality ofhandling, collecting, storing,transmitting and manipulating, etc. ofhealth care data
Protectionlegal
framework
Administrative, legislative and regulatory
8/10/2019 Health Informatics & Legal Issues
54/59
Administrative, legislative and regulatory
frameworks
Appropriate administrative, legislative and regulatoryframeworks are essential to the implementation of anational or regional e-health project.
This wide-ranging subject has a bearing on the
fundamental rights of the citizen, e-commerce, healthand a large number of international regulationsgoverning the technical and economic spheres.
Administrative, legislative and regulatory
8/10/2019 Health Informatics & Legal Issues
55/59
Administrative, legislative and regulatory
frameworks
On the general level
- rules governing security
- respect for human rights
- protection of the citizen
- protection of personal data
- intellectual property
- regulations on the legal status of electronic documents and signatures
- instruments relating to the implementation of directives and
international standards, particularly in the field of security and dataconfidentiality and e-commerce
- rules on environmental protection and waste management and onequal opportunities for citizens.
Administrative, legislative and regulatory
8/10/2019 Health Informatics & Legal Issues
56/59
Administrative, legislative and regulatory
frameworks
On the technical level, this includes:
- liberalization of the telecommunication sector
- absence of monopoly in this sphere
- transparent bidding procedures
- reasonable taxation policy
- independent arbitration and regulation systems for telecommunications - respect for international norms and standards, and related regulations.
On the medical level, this includes:
- codes of ethics for health professionals
- protocols for the certification and type approval of medical equipment
- rules for the protection of health professionals in the exercise of their duties (radiologicalprotection, contamination, etc.)
- rules governing hygiene and safety in regard to hospital wastes
- sound rules governing the production, distribution and management of medicines
- rules governing the status of medical records.
Administrative, legislative and regulatory
8/10/2019 Health Informatics & Legal Issues
57/59
Administrative, legislative and regulatory
frameworks
- basic legislative and legal documents
- supervising by administrative machinery
- Regional cooperation
- The exchange of medical records can legitimately take place where a similarlevel of personal data protection prevails in each of the countries
- conducting clinical trials
- Regional cooperation can be facilitated by partnerships with international
bodies to guarantee codes of good conduct and credibility
8/10/2019 Health Informatics & Legal Issues
58/59
Protection of electronic patienthealthcare data and informationFOCUS
Global All industriesSCOPE
Civil and criminal for exposureof data or fraudulent behaviorPENALTIES
8/10/2019 Health Informatics & Legal Issues
59/59
Thanks for yourquestions
Top Related