You are here: Resources > FIDIS Deliverables > Interoperability > D4.11: eHealth identity management in several types of welfare states in Europe > 
Access of health data  Title:
 Agenda for future research




This section addresses some important concerns in the field of processing health data. We discuss following aspects:  

- EHR systems are pushed by technological developments but it is essential that they are deployed to achieve higher rationalisation of the health care industry. How can this ‘double’ (economic) potential be fulfilled? 

- Since private partners become central partners in health care (delivery), how can we balance privacy protection of citizens against (other) interests of these private stakeholders? What role does the EU and national governments play herein? 

- Crucial choices have to be made by governments to generate the future of the social welfare states in Europe.  How will eHealth affect the character of the social welfare state?

- Patient empowerment is an important rationale in the European vision on eHealth.  However, patients risk being subject of risk analyses in higher degrees.  

- Necessitate (and lack of attention) to stress organisational matters besides pure technological needs.  How can this be taken into the development of eHealth?


As stated before, our overview is too limited to make a comparative picture on how different types of European welfare countries are socially constructing eHealth records and cards. However, based on the information made available, we have indications of diverging debates. Moreover, the debate on health profiling seems in most of the countries embryonic and more related to technological and legal issues. The discourse on eHealth and profiling is mainly developed from different viewpoints.

Technology push, economic value and innovation perspectives are dominant in the discourse on eHealth developments. The European ambition to play a prominent role as dynamic knowledge-based economy is currently an important driver in eHealth. Whether we call it ‘knowledge-based economy’, information society’, ‘service economy’, or even ‘information economy’, information and knowledge become more and more a profitable and valuable source for economy. In this context and in line with the ambitions of the Lisbon Declaration (European Council, 2000) and the i2010 Initiative, there is a huge economic potential in eHealth: ‘e-Health is emerging as the new industry alongside pharmaceuticals and the medical devices sector’ (Com (2004), 356 final). The ambition of a European Health Information Space has to be understood from this perspective. The link between the management of information and its economical value was also mentioned by the German correspondent: ‘Economization of information administration’ (GE-2).

In the particular domain of EHR, it has become clear that cards are mostly defined and approached as technological enablers of efficiency and quality of health care (delivery). They accelerate the flows of information and are seen as enablers for free movement of people and data, which they are. However, fundamental social, ethical and legal questions are slowly being integrated in the debate. The Article 29 Data Protection Working Party makes us explicitly aware of the ‘new risk scenario’ emerging out of the use of eHealth tools. Without taking the position of a technological pessimist, more concerns should rise on the way eHealth in general and the handling of health care related information. Andreassen et al. (2007) warn for ‘unintentional consequences’ which could emerge because of the use of electronic systems in health care. Because of the phenomenon of technology push – economical and human losses for eHealth applications can be quite high.

eHealth is emerging as ‘a vehicle for health reforms’ (Rossing). As mentioned by the Swiss partner, the whole organisation of health care has to be reconsidered: ‘Not the reproduction of existing structures is the target subject. Conjunction, simplification and interoperability of existing in order to create new, improved processes are the main reasons’. Since welfare states at least have the ambition to make available health for all, they urgently look for ways to provide new efficient and qualitative care. However, it is not that easy to radically change systems. Changes are not that new, they still are the outcome of the past. But very little is currently debated on health care reforms related to the issue of eHealth. This debate is necessary in order to sketch the role of health information systems within these contexts, especially since health care service configurations are divergent between the European countries. The balancing of privacy against other rights is a very difficult task with unpredictable outcomes, as the national background and history of the specific welfare state certainly play a role. Healthcare systems are influenced by the organizational and cultural differences of member states (COM (2004) 356, 13) and in turn, ‘certain features of health care system structure might have an effect in eHealth policy and deployment priorities’ (Hämäläinen et al., 2007, 10). Comparative, multi-country research has been underutilised as a means to inform health system development. For the EU, it remains important to try to find ‘common values and principles in EU health systems’, to build upon (Ministers at the Health Council on 1 June 2006).

The current reforms in European health care create more opportunities for private partners to take up central roles. These types of reforms should urge to discuss the issue of public and private information: in general we can assume that governments and public agencies have to act according to specific regulations and laws dealing with the collection, storage and utilization of health data. From the information we obtained from our correspondents it is clear that important reflections are still underway in several countries in the particular case of electronic health cards and records. However, due to changes in the organisation of welfare regimes, more and more private agencies will be taking up roles in the collection, storage and use of health related data. Very little specific information from our national correspondents came through on how private (for profit or not-for profit) agencies will be held responsible and sanctioned when (ab)using health information, what will be considered as purposive use, how informed consent matters will be dealt with etc. We assume that government protections on this level are still very limited in scope, while IT developments clearly have taken the trajectory of public-private cooperation. However the EU has an important role to play in this field: only with a strong (supra-national) policy citizens can be protected against possible privacy intrusions of multinationals.  

In the perspective of previous observation, the issue of access and use of health data is a normative issue. What do we want to do with health data? Should it be accessible and used for public health research, even without people being aware of the use of (their) health data? ‘The use of personal information without the individual’s consent violates Kant’s categorical imperative that human beings are ends and not means’ (Redigor, 2004, 1977). Next to this deontological point of view, utilitarian theories provide more support for the use of health related information for public health research (Coughlin, 2006).  

However, in practice there are often conflicts between principles. How do we weight the importance of autonomy against justice, or against beneficence? Redigor (2004, 1977) concludes that there is a moral justification for using personal data without informed consent in research, ‘the benefits to society weigh more than the harm attributable to the invasion of privacy, so long as the use of personal data without informed consent is the only way to answer a research question, and confidentiality and personal integrity remain intact.’ However, moral evaluations are (more and more) subordinated to the rule of law. Both in the United States as in the European Union, the use of personal data from medical records in the context of epidemiological research has been restricted by law. Melton (1997) points out to the fact that – because of all those legal restrictions on the use of personal data – important advantages regarding monitoring health, disease management and effectives can be lost.  

Besides technological and legal protective measures, very little reflections and documentation is found on organisational measures creating a context for profiling based on health information. Organizational policies and practices are at least as important as other measures. An important part of data-handling is not solely a question of technological and legal issues but also related to behavioural and cultural aspects on how to handle personal data. Clear guidelines and protocols for people involved in the handling of personal health data should be considered as necessary, but this kind of debate seems not to very prominent in the current reflections on health cards and health records. Operational policy statements regarding information use and flows should attempt to balance the need for providers, payers, researchers, and others to access health information against patients’ desires for privacy. Policies with health care agencies regarding information use and flows are to be formalized in specific policy documents on security, confidentiality, protection of sensitive health information, research uses of health information, and release of health information. 

The issue of patient empowerment in combination with the increased focus on individual responsibility in health is in both ways affecting the way thoughts are being developed on health information systems. Stroetmann pointed out to the parallel between the growing use of ICT in healthcare provisions and the emphasis on health rather than care (Stroetmann, 2007, 24). The emphasis on patient empowerment seems to introduce a twist away from the paternalist protective vision on health care towards a ‘participative state’ (Klamer, H. et al., 2005). Patient empowerments is going hand in hand with the access to (personal) health information and information on health care provision. However, one question is to what extent eHealth tools will be deployed to support policies for the wellbeing of (all) citizens or to endorse the individual responsibilities. The introduction of disease management programmes and the changing health insurance field (away from solely public insurance) could lead to a new approach of the citizen, using health information and profiling techniques for risk selection When health insurance institutions and other (private) companies have access to data, they could make abuse of it enlarging the information asymmetry, instead of deploying a participative model of the welfare state.  

Internationally, the increased attention for international comparisons and benchmarking, performance and quality measurement, the upcoming evidence based health care, the need to assess the cost and funding related issues, all urge to be able to make use of better deployed health information systems. Governments have the double duty in this process. First of all, they have to ensure the rule of law, including the right to privacy, and secondly, they are the forerunners of the (proactive) development of the welfare state. For the latter, massive amounts of personal data have to be (automatically) processed in order to guarantee the effective implementation of activities in the field of taxation, public health, etc. This double duty asks for a correct balance between the use of personal information and the protection of it. Some others are surprised by the fact ‘at a time when mankind is experiencing the greatest developments in information technology, we are limiting the use of personal information that can be used for the common good’ (Redigor, 2004, 1978). The idea of using personal information for the common good risks to undermine the balance in favor of the (unlimited) processing of personal data against the protection of peoples’ privacy (e.g. when profiles are used to categorize people). But always, there has to be found a balance between the protection of peoples’ privacy and the advantages of processing personal data for the ‘public good’. When processing health data, member states are bounded by the general data protection principles. Data protection is important in the context of the individual freedom, at least in Western democracies. However, ‘communitarian perspectives may favor limiting individual autonomy for the sake of the common good or public interest [7]’ (Coughlin, S.S., 2006, 17). According to Regidor (2004) and Capron (1991) if confidentiality (of the information derived from the medical records) is maintained, the use of information from medical records can be justified. In some cases this is could be true. A clear example is that the patient does not have to give his or her informed consent each time a healthcare professional makes use of the information from his or her medical record for treatment and diagnosis. However, in the context of managed care, ‘information management by a third party can damage a doctor-patient relationship of trust and threaten the protection of medical data’, despites the workings of data protection legislations (Hooghiemstra, 1998).




Access of health data  fidis-wp4-d4.11.eHealth_identity_management_in_several_types_of_welfare_states_in_Europe.sxw  Agenda for future research
16 / 19