• Fri
  • Jul 25, 2014
  • Updated: 1:38am
NewsHong Kong

Privacy at risk over plan to share patients' data

Privacy commissioner warns safeguards are needed over Electronic Health Record system

PUBLISHED : Saturday, 24 May, 2014, 3:00am
UPDATED : Saturday, 24 May, 2014, 3:00am

A proposed system to allow public and private doctors to share information on their patients has loopholes that pose a threat to personal privacy.

That's the view of Privacy Commissioner Allan Chiang Yam-wang, who also warns the loopholes "jeopardise" his enforcement powers.

The Electronic Health Record sharing system is expected to be rolled out by the end of the year, following scrutiny of the associated bill by Legco. But Chiang warned that in the bill's present form, the system lacked measures to protect patients' privacy, such as a "need-to-know" clause or a "safe deposit box" to store highly sensitive health data such as patients' mental conditions. Both measures were needed to prevent unnecessary sharing of medical data, he said.

He also criticised an immunity clause which exempted the system's chief - the Electronic Health Record Commissioner - from needing to inspect doctors' records to ensure they were complying with the law.

"I find it odd and incomprehensible that the commissioner is given this special immunity, which tends to undermine the regulatory power of the privacy commission as well as the safeguard for patients' privacy."

He said that with this immunity, even if the commissioner failed to perform his duties in respect to data protection, he could refuse to follow orders from the privacy commission to tighten up monitoring.

A spokesperson for the Food and Health Bureau defended the proposed system, saying that health care providers had different medical record systems which catered to different clinical needs, so it was right that the commissioner refrain from making direct regulatory checks.

The spokesperson said a "need to know" clause was not necessary since the principle would be incorporated in a code of practice.

But Chiang's suggestions were welcomed by patients' rights advocates.

"[His] suggestions - like establishing a safe deposit box for sensitive medical information - are in line with what we hope for," said Tim Pang Hung-cheong, a patients' rights advocate with the Society for Community Organisation.

"Some illnesses like HIV or psychological illnesses cause stigmatisation or even discrimination towards these patients, so a safety box would protect that."

However, Pang said he recognised the need to balance protecting patients' privacy with disclosing enough health data for medical practitioners to make well-informed decisions.

"We need to have professional input on whether withholding some information may affect health care and medication prescription," he said.

A "need to know" clause could help guard against "excessive sharing", he added.



For unlimited access to:

SCMP.com SCMP Tablet Edition SCMP Mobile Edition 10-year news archive



This article is now closed to comments

Seems to me that what the privacy commissioner Chiang really needs to do first is to study carefully on what's been already in place in the code of practice of medical professional. Chiang, please do not reinventing the wheel just because you want the general public to think that you are working hard enough to balance your pay check.
The old guard protecting their rights to play God. Chiang is spot on but they will ignore him.until the underhanded self serving politics if the medical associations are dismantled better fly away for your healthcare if you have the $$$
Well, that is wonderful. The Electronic Health Record Commissioner gets immunity before he even starts the job and screws up.


SCMP.com Account