astana-view

How to ensure security of electronic patient data?

4765 просмотров

The business community is concerned about the security of patient records.

Remind that from January 1, 2020, Kazakhstan will introduce the Compulsory Social Medical Insurance (CSMI) system.

At present, patient data (electronic medical records) are stored separately in each medical information system (MIS). At the same time, over time, these data will be transferred to a common repository and data exchange will be possible.

In this regard, the business community is concerned about the safety and confidentiality of personal medical data.

"The Atameken NCE RK has been raised the issue of security of medical data of patients for six months. In particular, these are the issues of determining responsibility for the disclosure of data and cybersecurity. It should be remembered that digitized data may become publicly available if not adequately protected. The eHealth concept states that data should never belong to the program provider and that levels of access to information should be demarcated. It is important to discuss whether these risks are fully closed in the draft of the new Code," the Deputy Chairman of the Board of the Atameken NCE RK Yuliya Yakupbaeva said.

On the part of the Ministry of Health of the Republic of Kazakhstan, the Department of Digitalization is responsible for the digitalization of health care.

"Under the new Code, we have formed a chapter on digital health care and reflected several articles in it. The most important thing is that we prescribed who owns the data: it is the health care entity that generated the data and (or) the individual in respect of whom the data were generated. Also, taking into account that all doctors and the CSMI fund review the data about the patient, we clearly define the responsibility of health care subjects, which will allow us to develop rules for access to information," Beybut Esenbayev, the Director of the Department of Digitalization, said.

The participants of the meeting noted that, as of today, there is no proper control over electronic data within a large number of medical organizations. And if it did not cause anxiety when we had data on paper, it is a separate system risk in the form of electronic stories.

The solution to this problem should be a comprehensive approach to the protection of information at all stages of the functioning of medical systems.

The issue of protection of personal data of the patient should be considered in two directions: the safety of information systems and the maintenance of medical confidentiality.

For example, it is proposed to consider the legislative regulation of banking, tax secrecy, etc., which regulates disclosure of secrecy.

Concluding the meeting, the parties came to the conclusion that there is a need for serious consideration of the issue of personal data protection within the framework of improving the draft of the new Code of the Republic of Kazakhstan "On Public Health and the Healthcare System".


Please, join our Telegram channel to stay up to date on the latest news.

Partners