FHIR Chat · Secrecy on Patient data · nordics

Stream: nordics

Topic: Secrecy on Patient data

view this post on Zulip Martin Grundberg (Sep 13 2019 at 08:48):

Hi
We are now looking into how to handle secrecy flags on patients in our core Swedish patient profile.

This was discussed in a previous Zulip thread (https://chat.fhir.org/#narrow/stream/194447-nordics/topic/Patient), but I thought a thread dedicated to this question would be good.

There we got the recommendation to look at resource.meta.security (https://www.hl7.org/fhir/resource.html). While looking at the codes, we thought that https://www.hl7.org/fhir/v3/ActCode/cs.html#v3-ActCode-DEMO probably meets the Swedish requirements rather well. But you could argue that each countries secrecy flags are so unique that each country should have their own code and extend this valueSet.

What happens if a person goes from Sweden to Norway, or from Denmark to Finland etc if we use the DEMO code? Is that information transferable between our countries? The meta.secrecy flag allows for multiple codes, so in theory it could include both a very specific national code, and also one common one from the existing valueSet. The problem with creating nationally unique codes is that they are not recognized in other countries, and for something like this, it feels important that a secrecy flag is in some way recongnized as it impacts patient safety.

How are you planning on doing this? What are your thoughts?

@Jens Villadsen , @Thomas Tveit Rosenlund @Mikael Rinnetmäki

view this post on Zulip Jens Villadsen (Sep 13 2019 at 09:08):

That's easy: We simply don't plan to do it :joy:
No, that is really a hard nut to crack. I guess it would imply some lawmakers to agree each others legislation. @Thor Schliemann what's your take on it?

view this post on Zulip Viktor Jernelöv (Sep 13 2019 at 09:29):

https://www.hl7.org/fhir/v3/ActCode/cs.html#v3-ActCode-DEMO has the following in the description:

Usage Note: If there is a jurisdictional mandate, then use the applicable ActPrivacyLaw code system, and specify the law rather than or in addition to this more generic code.

This sounds like a good thing to get inspiration from, but not in using the actual codes but by adding an extension where we could provide information about the law that is the reason behind the secrecy flag. In Sweden, that would be guided by https://www4.skatteverket.se/rattsligvagledning/edition/2019.7/330545.html and someone with a solid understanding of our laws could probably help us identify the specific law and paragraf that should be used for each country.

view this post on Zulip Grahame Grieve (Sep 13 2019 at 10:18):

you should consider using both DEMO for wider interop and an additional specific local code.

view this post on Zulip Grahame Grieve (Sep 13 2019 at 10:19):

also, note that this part of wider discussion at HL7

view this post on Zulip John Moehrke (Sep 13 2019 at 10:59):

There is a paper being worked on in the Security WG of HL7, that is trying to address this. But the bottom-line is that in order for you to "know" that a recipient will understand your security tags, you must have some domain policy with them (trust agreement and data use agreement) that assures you that they understand your codes. This is not unlike all other uses of codes.

view this post on Zulip John Moehrke (Sep 13 2019 at 11:00):

This is also a major topic of my tutorial next week at HL7 on Thursday morning.

view this post on Zulip Thomas Tveit Rosenlund (Sep 16 2019 at 10:10):

you should consider using both DEMO for wider interop and an additional specific local code.

Would this method give us anything for services used localy, inside Norway for example. I don't think the Master Person index of Norway should be accessible outside Norway.

The Master Person Index of Norway exposes only two meta.security tags, and they are both related to restricted access to address information. The documentation can be found here:
https://simplifier.net/Grunndata-R4/Address
https://simplifier.net/Grunndata-R4/AddressMetadata

And directly on Person here (comes from the source FREG):
https://simplifier.net/Grunndata-R4/Person (meta.security.addressConfidentiality)

view this post on Zulip Grahame Grieve (Sep 16 2019 at 10:20):

I don't think the Master Person index of Norway should be accessible outside Norway

You don't think information from the MPI should be copied more widely?

view this post on Zulip Thomas Tveit Rosenlund (Sep 16 2019 at 11:01):

I don't think the Master Person index of Norway should be accessible outside Norway

You don't think information from the MPI should be copied more widely?

Absolutely, but probably not from the MPI?

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -