|
Work item:
|
F.HR-AP
|
|
Subject/title:
|
Framework for access permission of person-generated health records in digital health platforms
|
|
Status:
|
Under study
|
|
Approval process:
|
AAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2025 (Medium priority)
|
|
Liaison:
|
IHE, HL7, ISO TC215
|
|
Supporting members:
|
ETRI, Republic of Korea
|
|
Summary:
|
The personal health record is an electronic record that contains individual's health-related information such as medical history, medications, data generated by the personal health devices, clinical test results, and other relevant data. There are many types of personal health devices that generate data that is stored in the digital health platform such as cloud server. This data is defined as person-generated health record (PGHR) which is a part of a personal health record.
Recently, observation data measured by the personal health devices have been increasing dramatically. The continuous measurement data is important in estimating patient's health condition and making a clinical decision between face-to-face encounter by the healthcare professionals. Although the collected PGHR are not from the healthcare organization, it is still a sensitive data that can be misused without clear permission by the owner of the PGHR due to the lack of standardized method for granting access permission.
The framework for access permission enables the digital health platform to grant access to the individual's PGHR based on the factors such as the intended purpose of the data usage, the identity of the data requester, consent from the data owner, and the context in which the data is utilized. The purpose of this framework is to guarantee that the PGHR are accessed and used in secure manner, prioritizing privacy and data protection.
This (draft) Recommendation provides guideline and framework for managing access permission to PGHR within the digital health platform. This framework serves to control and manages the access to the PGHR. Exchange of information related to requesting and granting access permissions can be realized using the existing health IT standards such as HL7 FHIR to ensure that the practical issues related to interoperability are effectively addressed.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2023-08-21 14:38:05
|
|
Last update:
2024-06-14 15:44:46
|
|
