Privacy-Friendly Management of Electronic Health Records in the eHealth Context

Privacy-Friendly Management of Electronic Health Records in the eHealth Context

Milica Milutinovic (KU Leuven, Belgium) and Bart De Decker (KU Leuven, Belgium)
DOI: 10.4018/978-1-5225-2237-9.ch023


Electronic Health Records (EHRs) are becoming the ubiquitous technology for managing patients' records in many countries. They allow for easier transfer and analysis of patient data on a large scale. However, privacy concerns linked to this technology are emerging. Namely, patients rarely fully understand how EHRs are managed. Additionally, the records are not necessarily stored within the organization where the patient is receiving her healthcare. This service may be delegated to a remote provider, and it is not always clear which health-provisioning entities have access to this data. Therefore, in this chapter the authors propose an alternative where users can keep and manage their records in their existing eHealth systems. The approach is user-centric and enables the patients to have better control over their data while still allowing for special measures to be taken in case of emergency situations with the goal of providing the required care to the patient.
Chapter Preview


Electronic health records (EHRs) are becoming the core part of the official healthcare reforms in many western countries. They represent collections of health-related information of patients that are stored in an electronic form. The driving force for their implementation is cost savings. They alleviate the problem of redundancy and the related increase in expenses, as tests and procedures do not need to be repeated, since the information can be accessible to multiple healthcare providers. Compared to the traditional approach of storing the patients’ data, the benefits of EHRs are also easier transfer and analysis of health data on a large scale. Additionally, they allow for merging the data across different healthcare domains. This reform in health-related information management is therefore expected to ensure better care provisioning and reductions in healthcare costs. However, the EHR are also raising certain concerns of the patients. Due to the electronic nature and non-transparent handling of EHR records, the patients are increasingly worried about the privacy of their data. Consequentially, one of the main obstacles to EHR adoption are the privacy and security concerns of the users (Hiller, McMullen, Chumney, & Baumer, 2011).

In the current system design, the users are not in control over their medical records. In most systems, the retrieval of the electronic records from a central database does not need to be authorised by the user at the time of retrieval and for each medical person accessing it. Moreover, the access can also be carried out without the user’s knowledge. While the facilitation of the exchange of health information about a patient between various sources is considered to be a major benefit of the EHR systems, this inter-domain exchange of data is yet another reason why patients are distrustful about the offered privacy protection.

In order to address the aforementioned issues, this work provides a novel system model that grants the users augmented control over their data. To the best of our knowledge, this is the first approach that considers integration of EHRs into the eHealth assistance systems. The resulting system implements the preferences of users with regards to their data management, while ensuring appropriate care in emergency situations.

Complete Chapter List

Search this Book: