Today Privacy First sent the following email to the Electronic Health Record spokespersons in the Dutch House of Representatives:
Dear Members of Parliament,
On Tuesday 13 December 2012 an important General Meeting with Minister Edith Schippers about the Electronic Health Record (Elektronisch Patiëntendossier, EPD) will take place. The Privacy First Foundation is keen to provide you with the following points of interest in order for you to prepare for and make possible contributions to the debate:
1) As far as Privacy First is aware, at the moment one is working towards an opportunistic spurious solution along private lines, namely a regional exchange of data through the National Switch Point (Landelijk Schakelpunt, LSP). By definition this leads to function creep by design. The digital ‘regional walls’ in and around the LSP can of course easily be circumvented or removed. Therefore the entire system can take on its old central form again at any given moment in the future, with all the privacy and security risks this entails.
2) Those same risks around the LSP will neither be annulled by henceforth indicating the EPD as a ‘Personal Health Record’ (Persoonlijk Gezondheidsdossier, PGD). This is merely privacy by semantics which, moreover, has a misleading effect. Indeed, the infrastructure that’s behind the LSP remains virtually unchanged.
3) A privacy-friendly EPD first of all demands an independent Privacy Impact Assessment (PIA) by which various solutions characterized by privacy by design can be established. As long as such a PIA has not been conducted and subsequently evaluated in Parliament, no irrevocable steps regarding the design and possible extension of the EPD are to be taken.
4) When further designing the EPD, it is absolutely key to leave space for research, innovation and competition. The recent DigiNotar affair shows that dependence on one party (or a select group of parties) is to be avoided. Apart from suboptimal, privacy-unfriendly products, this prevents cartel formations.
5) Apart from proper security, privacy-friendly transparency for patients also requires individual freedom of choice. Access by patients to their own records, for example, is not to be made dependent on the linking up with the LSP. Such access via the internet also creates new privacy related risks.
6) Within the governance structure around the EPD, independent privacy and security experts are to be appointed.
7) In terms of human rights the Netherlands continues to be unabatedly responsible for the protection of the medical privacy of its citizens, even in the event of a privatized EPD. At the initiative of Privacy First the Netherlands will have to be able to account for this in front of the United Nations Human Rights Council in May 2012.
Yours faithfully,
The Privacy First Foundation
