rss
J Med Ethics 2009;35:753-761 doi:10.1136/jme.2009.029918
  • Paper
  • Law, ethics and medicine

Privacy impact assessment in the design of transnational public health information systems: the BIRO project

  1. C T Di Iorio1,
  2. F Carinci1,
  3. J Azzopardi2,
  4. V Baglioni3,
  5. P Beck4,
  6. S Cunningham5,
  7. A Evripidou6,
  8. G Leese7,
  9. K F Loevaas8,
  10. G Olympios6,
  11. M Orsini Federici3,
  12. S Pruna9,
  13. P Palladino10,
  14. S Skeie8,
  15. P Taverner8,
  16. V Traynor6,
  17. M Massi Benedetti3
  1. 1
    Serectrix s.n.c., Pescara, Italy
  2. 2
    Department of Medicine, University of Malta, G’Mangia, Malta
  3. 3
    Department of Internal Medicine, University of Perugia, Perugia, Italy
  4. 4
    Joanneum Research, Graz, Austria
  5. 5
    Division of Medicine and Therapeutics, Ninewells Hospital, University of Dundee, Dundee, Scotland
  6. 6
    Cyprus Ministry of Health, Nicosia, Cyprus
  7. 7
    School of Medicine, University of Dundee, Dundee, Scotland
  8. 8
    NOKLUS, Bergen, Norway
  9. 9
    Paulescu Institute, Bucharest, Romania
  10. 10
    Department of Electronic and Information Engineering, University of Perugia, Perugia, Italy
  1. Correspondence to Concetta Tania Di Iorio, Via Gran Sasso 79, 65121 Pescara (PE), ITALY; tania_diiorio{at}virgilio.it
  • Received 23 February 2009
  • Revised 3 June 2009
  • Accepted 8 July 2009

Abstract

Objectives: To foster the development of a privacy-protective, sustainable cross-border information system in the framework of a European public health project.

Materials and methods: A targeted privacy impact assessment was implemented to identify the best architecture for a European information system for diabetes directly tapping into clinical registries. Four steps were used to provide input to software designers and developers: a structured literature search, analysis of data flow scenarios or options, creation of an ad hoc questionnaire and conduction of a Delphi procedure.

Results: The literature search identified a core set of relevant papers on privacy (n = 11). Technicians envisaged three candidate system architectures, with associated data flows, to source an information flow questionnaire that was submitted to the Delphi panel for the selection of the best architecture. A detailed scheme envisaging an “aggregation by group of patients” was finally chosen, based upon the exchange of finely tuned summary tables.

Conclusions: Public health information systems should be carefully engineered only after a clear strategy for privacy protection has been planned, to avoid breaching current regulations and future concerns and to optimise the development of statistical routines. The BIRO (Best Information Through Regional Outcomes) project delivers a specific method of privacy impact assessment that can be conveniently used in similar situations across Europe.

Footnotes

  • Competing interests None.

  • Provenance and Peer review Not commissioned; externally peer reviewed.

This Article

  1. Abstract
  2. Full text
  3. PDF

Responses

  1. Submit a response
  2. No responses published

Social bookmarking

Register for free content


Free sample
 This recent issue is free to all users to allow everyone the opportunity to see the full scope and typical content of JME.
View free sample issue >>

Free archive
The full back archive is now available for JME. Institutional subscribers may access the entire archive as part of their subscription. Personal subscribers will also have access to all content when logged in. Non-subscribers who register have free access to all articles published before 2006, back to volume 1 issue 1.
Register to access the free archive >>

Don't forget to sign up for content alerts so you keep up to date with all the articles as they are published.