Beyond Reasonable Doubt

Scenarios - Healthcare

Questions of privacy are at their most sensitive when it comes to our personal medical data. This Special Category Data (GDPR Article 9) merits extra protection and safeguarding because this highly-sensitive personal data has significant risk to the rights and freedoms of the person. Access to this sensitive data can also be a matter of life and death which requires that legitimate access is assigned to those healthcare professionals only, who have a genuine vital interest that serves the performance of critical healthcare delivery – access must be lawful.

This contrasts with recent revelations concerning a social networking platform over privacy issues, where several apps silently share (B2B) sensitive user data including weight, blood pressure and ovulation status, without the knowledge or consent of the app user – regulators are investigating the abuse of privacy. It is also reported that medical records are offered for sale on the dark web for as much as $50 each – lucrative data theft including identity has escalated in recent years.

Privacy and confidentiality have long been the norm for healthcare professionals and organisations. Any compromise or risk to privacy and confidentiality is not acceptable to either patients or healthcare professionals. The convenience and benefits that online access to our medical records offer will not be realised without assurances that only genuine identities with legitimate authority have access to our medical data. The opportunities for reducing prescription fraud and eliminating signature forgery, as examples, by assigning unique e-signatures to genuine clinician identities (who have signature authority) only, will not be realised without assurances about the legitimate identities.

Establishing and maintaining accurate identification information about patients and healthcare professionals is essential to a future, trusted healthcare online and this will need to embrace our new regulatory environment (GDPR / UK Data Protection Act) that governs the processing of our Personal and Professional Identity Data (PPID).

e-ntitle.® and x.Context® are registered trademarks of Objectsoft, Limited.  

 ©1998 – “forever Objectsoft Limited. All Rights Reserved.