Abstract
Consent management is a significant function in electronic health information systems as it allows patients to manage the privacy preferences regarding their health information. Placing patients in control of the privacy of their health information ensures that the risks for reputational and personal harm are reduced. Several approaches towards patient consent management solutions, ranging from software prototypes to conceptual models, have been adopted in response to the need for privacy preservation. The purpose of this paper is to review these approaches and to identify areas that still need to be addressed – particularly in terms of the automated enforcement of consent directives, interoperability, as well as standardised healthcare data exchange.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Coiera, E., Clarke, R.: e-Consent: the design and implementation of consumer consent mechanisms in an electronic environment. J. Am. Med. Inform. Assoc. 11(2), 129–140 (2004)
Can, O.: A semantic model for personal consent management. In: Garoufallou, E., Greenberg, J. (eds.) MTSR 2013. CCIS, vol. 390, pp. 146–151. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-03437-9_15
Bursa, O., Sezer, E., Can, O., Unalir, M.O.: Using FOAF for interoperable and privacy protected healthcare information systems. In: Closs, S., Studer, R., Garoufallou, E., Sicilia, M.-A. (eds.) MTSR 2014. CCIS, vol. 478, pp. 154–161. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13674-5_15
Heinze, O., Birkle, M., Köster, L., Bergh, B.: Architecture of a consent management suite and integration into IHE-based regional health information networks. BMC Med. Inform. Decis. Making 11(1), 58 (2011)
Gaba, A., Havinga, Y., Meijer, H.J., Jan, E.: Privacy and security for analytics on healthcare data (2014)
Rindfleisch, T.C.: Privacy, information technology, and health care. Commun. ACM 40(8), 92–100 (1997)
Eskeland, S., Oleshchuk, V.A.: EPR access authorization of medical teams based on patient consent. In: ECEH, pp. 11–22 (2007)
Russello, G., Dong, C., Dulay, N.: Consent-based workflows for healthcare management. In: IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008, pp. 153–161. IEEE (2008)
Hu, L.L., Sparenborg, S., Tai, B.: Privacy protection for patients with substance use problems. Subst. Abuse Rehabil. 2, 227 (2011)
Yu, B., Wijesekera, D., Costa, P.C.G.: Informed consent in electronic medical record systems. In: Healthcare Ethics and Training: Concepts, Methodologies, Tools, and Applications, pp. 1029–1049. IGI Global (2017)
Mense, E., Blobel, B., et al.: Hl7 standards and components to support implementation of the European General Data Protection Regulation (GDPR). Eur. J. Biomed. Inform. 13(1), 27–33 (2017)
Abbas, R.M., Carroll, N., Richardson, I., Beecham, S.: The need for trustworthiness models in healthcare software solutions. In: HEALTHINF, pp. 451–456 (2017)
Moss, L., Shaw, M., Piper, I., Hawthorne, C., Kinsella, J.: Sharing of big data in healthcare: public opinion, trust, and privacy considerations for health informatics researchers. In: HEALTHINF, pp. 463–468 (2017)
Elkhodr, M., Shahrestani, S., Cheung, H.: Preserving the privacy of patient records in health monitoring systems. In: Theory and Practice of Cryptography Solutions for Secure Information Systems, pp. 499–529. IGI Global (2013)
Madathil, K.C., et al.: An investigation of the efficacy of electronic consenting interfaces of research permissions management system in a hospital setting. Int. J. Med. Inform. 82(9), 854–863 (2013)
ACT Health: Informed consent. http://www.health.act.gov.au/publicinformation/consumers/informed-consent. Accessed 22 Mar 2018
O’Connor, Y., Rowan, W., Lynch, L., Heavin, C.: Privacy by design: Informed consent and internet of things for smart health. Procedia Comput. Sci. 113, 653–658 (2017)
St John, E., Scott, A., Irvine, T., Pakzad, F., Leff, D., Layer, G.: Completion of hand-written surgical consent forms is frequently suboptimal and could be improved by using electronically generated, procedure-specific forms. Surgeon 15(4), 190–195 (2017)
Ghazvini, A., Shukur, Z.: Security challenges and success factors of electronic healthcare system. Procedia Technol. 11, 212–219 (2013)
Fernández-Alemán, J.L., Señor, I.C., Lozoya, P.Á.O., Toval, A.: Security and privacy in electronic health records: a systematic literature review. J. Biomed. Inform. 46(3), 541–562 (2013)
Buys, M.: Protecting personal information: implications of the protection of personal information (PoPI) act for healthcare professionals. SAMJ: South Afr. Med. J. 107(11), 954–956 (2017)
Ramdhin, A.: Protection of personal information bill: what should you be asking? https://www.werksmans.com/legal-briefs-view/protection-ofpersonal-information-bill-what-should-you-be-asking/. Accessed 01 Mar 2018
Gostin, L.O.: National health information privacy: regulations under the Health Insurance portability and accountability act. JAMA 285(23), 3015–3021 (2001)
McGraw, D.: Privacy and health information technology: executive summary. J. Law Med. Ethics 37(2 suppl), 121–149 (2009)
Wang, L.: The privacy rule: HIPAA standards for the privacy of individually identifiable health information. Empl. Benefits J. 27(3), 59–63 (2002)
Hodge Jr., J.G., Gostin, L.O., Jacobson, P.D.: Legal issues concerning electronic health information: privacy, quality, and liability. JAMA 282(15), 1466–1471 (1999)
Antal, H., Bunnell, H.T., McCahan, S.M., Pennington, C., Wysocki, T., Blake, K.V.: A cognitive approach for design of a multimedia informed consent video and website in pediatric research. J. Biomed. Inform. 66, 248–258 (2017)
Asghar, M.R., Russello, G.: Actors: a goal-driven approach for capturing and managing consent in e-health systems. In: IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp. 61–69. IEEE (2012)
Blake, K., et al.: Use of mobile devices and the internet for multimedia informed consent delivery and data entry in a pediatric asthma trial: Study design and rationale. Contemp. Clin. Trials 42, 105–118 (2015)
Chávez, E., Finnie, G.: Empowering data sources to manage clinical data. In: 2010 IEEE 23rd International Symposium on Computer-Based Medical Systems (CBMS), pp. 203–208. IEEE (2010)
Ge, Y., Ahn, D.K., Unde, B., Gage, H.D., Carr, J.J.: Patient-controlled sharing of medical imaging data across unaffiliated healthcare organizations. J. Am. Med. Inform. Assoc. 20(1), 157–163 (2013)
Bergmann, J., Bott, O.J., Pretschner, D.P., Haux, R.: An e-consent-based shared EHR system architecture for integrated healthcare networks. Int. J. Med. Inform. 76(2), 130–136 (2007)
Khan, A., McKillop, I.: Privacy-centric access control for distributed heterogeneous medical information systems. In: 2013 IEEE International Conference on Healthcare Informatics (ICHI), pp. 297–306. IEEE (2013)
Ko, Y.Y., Liou, D.M.: The study of managing the personal consent in the electronic healthcare environment. World Acad. Sci. Eng. Technol. 65, 314 (2010)
Kondylakis, H., et al.: IEmS: a collaborative environment for patient empowerment. In: 2012 IEEE 12th International Conference on Bioinformatics and Bioengineering (BIBE), pp. 535–540. IEEE (2012)
Kondylakis, H., et al.: Donors support tool: Enabling informed secondary use of patients’ biomaterial and personal data. Int. J. Med. Inform. 97, 282–292 (2017)
Sonne, S.C., et al.: Development and pilot testing of a video-assisted informed consent process. Contemp. Clin. Trials 36(1), 25–31 (2013)
Nwomeh, B.C., Hayes, J., Caniano, D.A., Upperman, J.S., Kelleher, K.J.: A parental educational intervention to facilitate informed consent for emergency operations in children. J. Surg. Res. 152(2), 258–263 (2009)
Li, Y., Xie, M., Bian, J.: USign—a security enhanced electronic consent model. In: 2014 36th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC), pp. 4487–4490. IEEE (2014)
Lentz, J., Kennett, M., Perlmutter, J., Forrest, A.: Paving the way to a more effective informed consent process: recommendations from the clinical trials transformation initiative. Contemp. Clin. Trials 49, 65–69 (2016)
Warriner, A., et al.: A pragmatic randomized trial comparing tablet computer informed consent to traditional paper-based methods for an osteoporosis study. Contemp. Clin. Trials Commun. 3, 32–38 (2016)
Whiddett, R., Hunter, I., Engelbrecht, J., Handy, J.: Patients attitudes towards sharing their health information. Int. J. Med. Inform. 75(7), 530–541 (2006)
Yu, B., Wijesekera, D., Costa, P.C.: An ontology for medical treatment consent. In: STIDS, pp. 72–79 (2014)
Pruski, C.: e-CRL: a rule-based language for expressing patient electronic consent. In: Second International Conference on eHealth, Telemedicine, and Social Medicine, 2010, ETELEMED 2010, pp. 141–146. IEEE (2010)
Yu, B., Wijesekera, D., Costa, P.: Consent-based workflow control in EMRs. Procedia Technol. 16, 1434–1445 (2014)
Rowan, W., O’Connor, Y., Lynch, L., Heavin, C.: Exploring user behaviours when providing electronic consent on health social networks: a just tick agree approach. Procedia Comput. Sci. 121, 968–975 (2017)
Cavoukian, A.: Privacy by Design. Take the Challenge. Information and Privacy Commissioner of Ontario, Toronto (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Zazaza, L., Venter, H.S., Sibiya, G. (2019). The Current State of Electronic Consent Systems in e-Health for Privacy Preservation. In: Venter, H., Loock, M., Coetzee, M., Eloff, M., Eloff, J. (eds) Information Security. ISSA 2018. Communications in Computer and Information Science, vol 973. Springer, Cham. https://doi.org/10.1007/978-3-030-11407-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-11407-7_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-11406-0
Online ISBN: 978-3-030-11407-7
eBook Packages: Computer ScienceComputer Science (R0)