VPHuisartsen argues that the LSP’s design causes a breach of professional secrecy. The design is a privatized version of a system that was designed for the Dutch government but which was denounced by the Dutch senate in 2010, when a law intended to mandate the infrastructure was rejected.
The LSP system does not provide doctors with mechanisms with which they can directly control the disclosure of patient information.
The LSP system does not provide doctors with mechanisms with which they can directly control the disclosure of patient information. From the perspective of VPHuisartsen, this omission makes it impossible to adhere to professional obligations related to professional secrecy and data protection. The system implements course-grained role-based access control within the LSP — a central component implemented by US-based company CSC –, thus disclosing health information at a potentially very large scale without physicians being able to exercise control over the authorization policies that give health professionals or organizations access to specific patient information.
Illegal
The LSP comes with an opt-in system that does not provide much clarity on the reach of the consent to patients, and which thus effectively implements a generic consent system that, VPHuisartsen argues, is illegal under European law.
VPHuisartsen believes that doctors should, together with patients, have the final say over disclosing information and that they should be able to control what information is exhanged with whom – and that no external system may “take over” decisions that are subject to professional autonomy. The court case argues for fine-grained consent, similar in vein to what was recently proposed in a Dutch citizen’s campaign www.specifieketoestemming.nl, as a means to control disclosure of information in a way that is transparent to patients and that gives patients the final say over what information is exchanged with whom.
Broader implications
Besides arguing for specific consent, the court case has broader implications in that it also involves technical decisions on designing health information exchange systems. The case is one of the first to argue for, in effect, applying privacy and security by design principles to health information exchange systems. End to end security principles [pdf] should be used to ensure that components or systems that are not owned by – or directly controlled by – physicians cannot access confidential information communicated between healthcare professionals.
VPHuisartsen thus argues that effective, fine-grained control over information disclosure should be implemented in such a way that access to patient records is directly controlled by physicians.
The court is expected to decide on a verdict between June and August 2014. For more information, contact VPHuisartsen.