Governance in patient-centric healthcare

Many e-Health applications aim to put patients in charge of their information. However, health processes are complex. Patients will have general preferences and concerns, but are unlikely to understand the complexities of the information flows relevant to their care. This paper argues that such applications should consider and leverage the organisational aspects of care. Care providers must act in the patient's interest, and thus are responsible for protecting personal information. Rather than burden each application (and user) with the daunting task of enumerating and enforcing policies to govern all possible uses of information, we suggest that applications should focus on specific confidentiality concerns — effecting information disclosure preferences with respect to the existing sharing protocols of care providers. We present a context-aware, policy-based middleware as an example illustrating how patient preferences can qualify existing control policy.

[1]  Ross J. Anderson,et al.  A security policy model for clinical information systems , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[2]  Anne-Marie Kermarrec,et al.  The many faces of publish/subscribe , 2003, CSUR.

[3]  K. Holland Proposed changes for nurse education in England (UK) as a result of the Darzi report (DoH, 2008a) Health Quality Care for All--NHS next stage review final report: some initial observations. , 2008, Nurse education in practice.

[4]  S. Brennan The NHS IT Project: The Biggest Computer Programme in the World... Ever! , 2005 .

[5]  Jatinder Singh,et al.  Policy-Based Information Sharing in Publish/Subscribe Middleware , 2008, 2008 IEEE Workshop on Policies for Distributed Systems and Networks.

[6]  David M. Eyers,et al.  Credential management in event-driven healthcare systems , 2008, Companion '08.

[7]  Alastair D Hay,et al.  Sharing patient data: competing demands of privacy, trust and research in primary care. , 2005, The British journal of general practice : the journal of the Royal College of General Practitioners.

[8]  N Britten,et al.  Confidentiality of medical records: the patient's perspective. , 1995, The British journal of general practice : the journal of the Royal College of General Practitioners.

[9]  Patients' knowledge and expectations of confidentiality in primary health care: a quantitative study. , 2000, The British journal of general practice : the journal of the Royal College of General Practitioners.

[10]  Dh Confidentiality: NHS Code of Practice , 2003 .

[11]  Richard J. Whiddett,et al.  Patients' attitudes towards sharing their health information , 2006, Int. J. Medical Informatics.

[12]  Jatinder Singh,et al.  Event-based data control in healthcare , 2008, Companion '08.