Sage Journals: Discover world-class research

Abstract

Between 1998 and 2003 a number of European countries, the UK, Canada, Australia and the US all introduced data privacy legislation that sought to comply with the European Data Privacy Directive of 1995 in protecting the privacy of individuals undergoing treatment in large hospitals. In 2004 we find that hospital administrators within these jurisdictions are still struggling to find ways to implement and maintain hospital databases while complying with the given legislation - where compliance seems to require a whole new approach to database management. This research examines the UK Data Protection Act 1998 and considers whether current database management systems allow the EU Directives contained in the Act to be followed in practice. It finds a number of recurrent problems with hospital systems that would make compliance with the Act difficult. These findings have significant implications for hospital information systems development and design.

Keywords

data privacy data quality information systems design UK Data Protection Act 1998

References

Westin A F. Privacy and Freedom. New York: Atheneum , 1967.

Miller A. The Assault on Privacy. Ann Arbor, MI: University of Michigan Press , 1971.

European Commission . Directive of the European Parliament on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data. EC/95, 20 February 1995.

Ziebland S , Chappel A , Dumbelow C , Evans J , Prinjha S , Rozmovita L. How the internet affects patients’ experience of cancer: a qualitative study . BMJ 2004; 328 (6 March).

Regina v. Department of Health, ex parte Source Informatics Ltd. CA: Simon Brown, Aldous and Schiemann LJJ . 21 December 1999.

NHS . Code of Conduct for NHS Managers. http://www.dh.gov.uk/assetRoot/04/08/59/04/04085904.pdf, 10 September 2004.

Stevens G. A Brief Summary of the Medical Privacy Rule. CRS Report for Congress. 14 February 2003.

Twight C. Dependent on D.C.: The Rise of Federal Control over the Lives of Ordinary Americans. London: Palgrave/St Martin’s Press , 2002.

Warren A , Dearnley J , Oppenheim R. Sources of literature on data protection and human rights . The Journal of Information, Law and Technology 2001.

10.

Redman T. Data Quality: The Field Guide. New Jersey: Digital Press , 2001.

11.

Wang R Y. A product perspective on total data quality management . Communications of the ACM 1998; 41 (2); 58-65 .

12.

Stair R. Principles of Information Systems. Boston: Boyd and Fraser , 1992.

13.

England I. The status of health IT expenditure: a qualitative study of senior executives in regard to IT investment . Proceedings of the Australian Health Informatics Conference 2001, 29-31 July, Canberra.

14.

Starr P. Smart technology, stunted policy: developing health information networks . Health Affairs 1997; 16 (3); 95-105 .

15.

Singleton P , Hunnable J , Mason R. Gaining Patient Consent to Disclosure: A Consultancy Project for the NHS Executive. Report. 2001.

16.

Bloom F E. Science as a way of life: perplexities of a physician-scientist . Science 2003; 300 (5626; 13 June); 1680-1685 .

17.

Junnakar S. Law prescribes overhaul of aging system. CNETNews.com 16 June 2003.

18.

Schulten C. Integration architectures in healthcare and how to extend access to mobile healthcare workers . Proceedings of the Australian Health Informatics Conference 2001, 29-31 July, Canberra.

19.

Perry J. Medical ‘privacy’ rule tab $18 billion, value $0. NewsMax.com 18 April 2001.

20.

Hansard of the Victorian Parliament, Second Reading of the Health Records Bill, 22 March 2001.

21.

Miles M B , Huberman A M. Qualitative Data Analysis: An Expanded Source Book 2nd edn. Thousand Oaks, CA: Sage , 1994.

22.

Lederman R. How poor information systems increase hospital queues . Health Informatics Journal 2002; 8; 147-152 .

23.

NHS Lifehouse Project Data Protection Work Team . Report on Data Usage, Consent, Ethical Approvals and Research Controls. December 2001.

24.

Baker R , Shiels C , Stevenson K , Fraser R , Stone M.

What proportion of patients refuse consent to data collection from their records for research purposes?

British Journal of General Practice 2000; 50(457); 655-656 .

25.

Place A. Keeping patients’ medical records safe from prying eyes . The Age Newspaper 12 April 2003; 34 .

26.

Flaherty D. Privacy impact assessments: an essential tool for data protection . In 22nd Annual Meeting of Privacy and Data Protection Officials, September 2000, Venice.

Managing hospital databases: can large hospitals really protect patient data?

Abstract

Keywords

References