Legal aspects regarding the use and integration of electronic medical records for epidemiological purposes with focus on the Italian situation
DOI:
https://doi.org/10.2427/8971Abstract
The "Observational Studies" working group of the Italian Association of Medical Statistics and Clinical Epidemiology (SISMEC) has undertaken to study the impact of recent healthcare sector regulations on the legal and organisational aspects of managing all EMR databases with emphasis on Legislative Decree No. 196/2003 (the Italian Personal Data Protection Law). This paper examines six issues relating to theirs legal implications. The first section, “Confidentiality”, provides definitions and the regulatory context for the terms "confidentiality" and "personal data". In the second, “Nature of data held in electronic medical record archives”, we discuss the problem of sensitive data and procedures to make the identification code anonymous. In “Data ownership” we highlight the difference between the data controller and the database controller. The fourth section, “Conditions for processing”, discusses problems associated with using research data from one study in other investigations. In the fifth, “Patient consent”, we address the problems related to patient consent. Finally in “Penalties” we outline the main civil and criminal liability issues applied in case of non-compliance with the provisions of the Personal Data Protection Code. Where possible, we provide suggestions on how to comply with the legal requirements of managing medical record archives in order to make it easier for researchers to remain in compliance with the relevant provisions.
Downloads
Published
Issue
Section
License
Copyright (c) 2022 Antonietta Stendardo , Francesca Preite, Rosaria Gesuita , Simona Villani , Antonella Zambon , SISMEC "Observational Studies" working group
This work is licensed under a Creative Commons Attribution 4.0 International License.