Privacy and health information: health cards offer a workable solution

Roderick Neame


Collections of computerised personal health data present a very real threat to privacy. Access control is difficult to manage in order to maintain privacy and at the same time to retain flexibility of usage. The legal situation is clear, imposing a requirement to respect personal privacy and human rights. Primary users (those whose access is based on a duty of care) may exceed their authorisation and access records where they have no duty of care or need to know. Secondary users (those generating analyses, research reports and financial management data) may be given access to datasets containing identifiers which are not required for their work. The 'owners' of the data (e.g. government) may use them in ways that are inconsistent with the permissions under which the datawere provided (e.g. by permitting links to other databases to create 'new' information), behind closed doors and without independent audit.
Currently there is a crisis emerging in which professionals are arguing that they are being compelled to compromise their ethical responsibilities to their patients, and government is responding that their measures are necessary to preserve access to quality data for research and planning. This paper proposes an integrated plan for managing these issues in a manner that is ethically sustainable, as well as in keeping with all provisions of the law, using a personal health card.


ethics; law; privacy

Full Text:




  • There are currently no refbacks.

This is an open access journal, which means that all content is freely available without charge to the user or their institution. Users are allowed to read, download, copy, distribute, print, search, or link to the full texts of the articles in this journal starting from Volume 21 without asking prior permission from the publisher or the author. This is in accordance with the BOAI definition of open accessFor permission regarding papers published in previous volumes, please contact us.

Privacy statement: The names and email addresses entered in this journal site will be used exclusively for the stated purposes of this journal and will not be made available for any other purpose or to any other party.

Online ISSN 2058-4563 - Print ISSN 2058-4555. Published by BCS, The Chartered Institute for IT