scholarly journals Data protection, data management, and data sharing: Stakeholder perspectives on the protection of personal health information in South Africa

PLoS ONE ◽  
2021 ◽  
Vol 16 (12) ◽  
pp. e0260341
Author(s):  
Ciara Staunton ◽  
Kathrina Tschigg ◽  
Gayle Sherman
Keyword(s):  
South Africa ◽  
Health Information ◽  
Data Protection ◽  
Personal Information ◽  
Data Use ◽  
Personal Health Information ◽  
Personal Health ◽  
Structured Interviews ◽  
Laboratory Service ◽  
The Impact

The Protection of Personal Information Act (POPIA) 2013 came into force in South Africa on 1 July 2020. It seeks to strengthen the processing of personal information, including health information. While POPIA is to be welcomed, there are concerns about the impact it will have on the processing of health information. To ensure that the National Health Laboratory Service [NHLS] is compliant with these new strict processing requirements and that compliance does not negatively impact upon its current screening, treatment, surveillance and research mandate, it was decided to consider the development of a NHLS POPIA Code of Conduct for Personal Health. As part of the process of developing such a Code and better understand the challenges faced in the processing of personal health information in South Africa, 19 semi-structured interviews with stakeholders were conducted between June and September 2020. Overall, respondents welcomed the introduction of POPIA. However, they felt that there are tensions between the strengthening of data protection and the use of personal information for individual patient care, treatment programmes, and research. Respondents reported a need to rethink the management of personal health information in South Africa and identified 5 issues needing to be addressed at a national and an institutional level: an understanding of the importance of personal information; an understanding of POPIA and data protection; improve data quality; improve transparency in data use; and improve accountability in data use. The application of POPIA to the processing of personal health information is challenging, complex, and likely costly. However, personal health information must be appropriately managed to ensure the privacy of the data subject is protected, but equally that it is used as a resource in the individual’s and wider public interest.

scholarly journals Locking it down

2016 ◽  
Vol 150 (1) ◽  
pp. 60-66 ◽  
Author(s):  
Kelly Grindrod ◽  
Jonathan Boersema ◽  
Khrystine Waked ◽  
Vivian Smith ◽  
Jilan Yang ◽  
...  
Keyword(s):  
Health Information ◽  
Personal Information ◽  
Medication Management ◽  
Kappa Statistic ◽  
Personal Health Information ◽  
Third Party ◽  
Personal Health ◽  
Privacy And Security ◽  
Standard Data ◽  
Android Apps

Objective: To explore the privacy and security of free medication applications (apps) available to Canadian consumers. Methods: The authors searched the Canadian iTunes store for iOS apps and the Canadian Google Play store for Android apps related to medication use and management. Using an Apple iPad Air 2 and a Google Nexus 7 tablet, 2 reviewers generated a list of apps that met the following inclusion criteria: free, available in English, intended for consumer use and related to medication management. Using a standard data collection form, 2 reviewers independently coded each app for the presence/absence of passwords, the storage of personal health information, a privacy statement, encryption, remote wipe and third-party sharing. A Cohen’s Kappa statistic was used to measure interrater agreement. Results: Of the 184 apps evaluated, 70.1% had no password protection or sign-in system. Personal information, including name, date of birth and gender, was requested by 41.8% (77/184) of apps. Contact information, such as address, phone number and email, was requested by 25% (46/184) of apps. Finally, personal health information, other than medication name, was requested by 89.1% (164/184) of apps. Only 34.2% (63/184) of apps had a privacy policy in place. Conclusion: Most free medication apps offer very limited authentication and privacy protocols. As a result, the onus currently falls on patients to input information in these apps selectively and to be aware of the potential privacy issues. Until more secure systems are built, health care practitioners cannot fully support patients wanting to use such apps.

Managing Your Health Online: Issues in the Selection, Curation, and Sharing of Digital Health Information

2018 ◽  
pp. 433-450
Author(s):  
Elizabeth Sillence ◽  
Pam Briggs
Keyword(s):  
Health Information ◽  
Personal Information ◽  
Digital Health ◽  
Personal Health Information ◽  
Future Research ◽  
Online Health Information ◽  
Personal Health ◽  
Self Disclosure ◽  
Complex Information ◽  
Personal Experiences

It is now easier than ever before to access digital health information. Individuals can monitor and record information about their own health, gather information online, and share personal experiences with those in a similar position. In fact, this shift towards peer-to-peer sharing sites represents a significant change in the way people think about online health information and raises a number of challenges around eHealth and personal information management, including issues of trust, privacy, and self-disclosure. This chapter examines two of those challenges in light of increased peer exchange around health: the sharing of personal health information, and the curation of such a large and complex information resource. It also discusses directions for future research in the field.

Health Information Systems (HIS) Privacy Restrictions for GDPR

2021 ◽  
Vol 10 (2) ◽  
pp. 4-16
Author(s):  
Marcelo Carvalho ◽  
Paulo Bandiera-Paiva ◽  
Eduardo Marques ◽  
José Manuel Machado
Keyword(s):  
Health Information ◽  
Health Information System ◽  
Personal Health Information ◽  
Control Element ◽  
Personal Health ◽  
Clear Understanding ◽  
General Data Protection Regulation ◽  
Standards And Regulations ◽  
General Data ◽  
The Impact

The personal health information (PHI) that a health information system (HIS) stores and processes requires special caution to ensure authorized manipulation by system users. A diverse set of best practices, standards, and regulations are in place nowadays to achieve that purpose. To the access control element in a HIS, general data protection regulation (GDPR) will require explicit authorization and informed consent prior to this manipulation of patient information by healthcare practitioners in a system. The adaptations to cope this type of previous authorization on HIS requires not only a clear understanding of technicalities and modification to the underlying computational infrastructure but also the impact on players that interact with this type of system during healthcare service provision, namely patients and healthcare professionals. This article is an effort to understand this effect by means of collecting opinion from both players in a multicentric survey that presents different questions establishing scenarios that reflect this new control and its consequences.

Protection of Personal Information Act 2013 and data protection for health research in South Africa

2020 ◽  
Vol 10 (2) ◽  
pp. 160-179
Author(s):  
Ciara Staunton ◽  
Rachel Adams ◽  
Dominique Anderson ◽  
Talishiea Croxton ◽  
Dorcas Kamuya ◽  
...  
Keyword(s):  
South Africa ◽  
Data Protection ◽  
Health Research ◽  
Personal Information ◽  
Right To Privacy ◽  
Informational Privacy ◽  
The Right To Privacy ◽  
Constitutional Right ◽  
The Right ◽  
The Impact

Abstract The Protection of Personal Information Act (POPIA) [No.4 of 2013] is the first comprehensive data protection regulation to be passed in South Africa and it gives effect to the right to informational privacy derived from the constitutional right to privacy It is due to come into force in 2020, and seeks to regulate the processing of personal information in South Africa, regulate the flow of personal information across South Africa’s borders, and ensure that any limitations on the right to privacy are justified and aimed at protecting other important rights and interests. Although it was not drafted with health research in mind, POPIA will have an impact on the sharing of health data for research, in particular biorepositories. It is now timely to consider the impact of POPIA on biorepositories, and the necessary changes to their access and sharing arrangements prior to POPIA coming into force.

scholarly journals Preparing Nursing Homes for the Future of Health Information Exchange

2015 ◽  
Vol 06 (02) ◽  
pp. 248-266 ◽  
Author(s):  
M. Rantz ◽  
C. Galambos ◽  
A. Vogelsmeier ◽  
M. Flesner ◽  
L. Popejoy ◽  
...  
Keyword(s):  
Nursing Homes ◽  
Health Information ◽  
Information Exchange ◽  
Health Information Exchange ◽  
Use Cases ◽  
Personal Health Information ◽  
Personal Health ◽  
Structured Interviews ◽  
Resident Care ◽  
External Stakeholders

SummaryObjective: Our purpose was to describe how we prepared 16 nursing homes (NHs) for health information exchange (HIE) implementation.Background: NH HIE connecting internal and external stakeholders are in their infancy. U.S. initiatives are demonstrating HIE use to increase access and securely exchange personal health information to improve patient outcomes.Method: To achieve our objectives we conducted readiness assessments, performed 32 hours of clinical observation and developed 6 use cases, and conducted semi-structured interviews with 230 participants during 68 site visits to validate use cases and explore HIE.Results: All 16 NHs had technology available to support resident care. Resident care technologies were integrated much more with internal than external stakeholders. A wide range of technologies were accessible only during administrative office hours. Six non-emergent use cases most commonly communicated by NH staff were: 1) scheduling appointments, 2) laboratory specimen drawing, 3) pharmacy orders and reconciliation, 4) social work discharge planning, 5) admissions and pre-admissions, and 6) pharmacy-medication reconciliation. Emerging themes from semi-structured interviews about use cases included: availability of information technology in clinical settings, accessibility of HIE at the point of care, and policies/procedures for sending/receiving secure personal health information.Conclusion: We learned that every facility needed additional technological and human resources to build an HIE network. Also, use cases help clinical staff apply theoretical problems of HIE implementation and helps them think through the implications of using HIE to communicate about clinical care.Citation: Alexander GL, Rantz M, Galambos C, Vogelsmeier A, Flesner M, Popejoy L, Mueller J, Shumate S, Elvin M. Preparing nursing homes for the future of health information exchange. Appl Clin Inf 2015; 6: 248–266http://dx.doi.org/10.4338/ACI-2014-12-RA-0113

Sign in / Sign up

Export Citation Format

Share Document