Til hovedinnhold
Norsk English

Handling Consent to Patient Data Access in a Hospital Setting

Sammendrag

The right to use patient data in treatment is based on the conditions of a need to know and patient consent. In electronic health records, these two conditions can be applied in various ways. We study the handling of consent in two Norwegian hospitals, with a view to how access control and consent handling can be integrated across electronic systems that process patient data. A workshop was held, where two consent handling scenarios were simulated, one in-hospital, the other external. Activities were identified and tied to roles and to the documents and systems used. Electronic systems were found to support the execution of the scenarios to some extent. The electronic functions used in-hospital were consent storage and logging of access; access control was not sufficient. When sharing information externally, the typical approach is a declaration signed by the patient or a referral; such external information sharing should be supported by specific functionality. A first step towards integrated access control is integrated consent handling.

Kategori

Vitenskapelig Kapittel/Artikkel/Konferanseartikkel

Oppdragsgiver

  • Research Council of Norway (RCN) / 164371

Språk

Engelsk

Forfatter(e)

  • Gunnar René Øie
  • Herbjørn Andresen
  • Inger Anne Tøndel

Institusjon(er)

  • Norges teknisk-naturvitenskapelige universitet
  • SINTEF Digital / Software Engineering, Safety and Security
  • Universitetet i Oslo

År

2007

Forlag

IOS Press

Bok

MEDINFO 2007 - Proceedings of the 12th World Congress on Health (Medical) Informatics – Building Sustainable Health Systems

Hefte nr.

1

ISBN

9781586037741

Side(r)

242 - 246

Vis denne publikasjonen hos Cristin