Effective Sharing of Records and Maintaining Privacy

Supplementary Files

Effective sharing of records, maintaining privacy: a practical schema

How to Cite

Neame, R. (2013). Effective Sharing of Records and Maintaining Privacy. Online Journal of Public Health Informatics, 5(2). https://doi.org/10.5210/ojphi.v5i2.4344


A principal goal of computerisation of medical records is to join up care services for the patient, so that their records can follow them wherever they go thereby reducing delays, duplications, risks and errors, and costs. Healthcare records are increasingly being stored electronically, so creating the necessary conditions for them potentially to be readily shared. The three main obstacles to realising these potential benefits relate to record accessibility, maintaining privacy and assuring the usefulness of the shared information. These constitute a set of issues that need new thinking, since existing systems are struggling to deliver them. The solution to this puzzle lies in three main parts. One is to store the sharable parts of care records in readily accessible locations, on ‘the web’ or in ‘the cloud’ and in standard web-format so that anyone can access them at any time. For privacy these publicly-accessible records must be stripped of all identifiers (names, addresses, dates, places etc) replacing these with a linktag that means nothing to anyone except those authorised to access them, but serves to identify and authenticate a specific record. The second is to give control over record access and sharing to the patient (or their identified representative), enabling them to authorise access providing the storage location (URL), linktag, security keys and context (dates, places, people etc). This can be done using a token (eg smart card) which holds these details, thereby relieving the record keeper of responsibility for access control and privacy. The third is to mark up the content of the stored records using XML tags for each data element ‘type’ (eg administrative, financial, operational, clinical etc); and within those types to tag sub-types such as diagnosis, medication, procedure, investigation result etc so providing the recipient with the tools necessary to read, display and manipulate the records as they prefer.
Authors own copyright of their articles appearing in the Online Journal of Public Health Informatics. Readers may copy articles without permission of the copyright owner(s), as long as the author and OJPHI are acknowledged in the copy and the copy is used for educational, not-for-profit purposes. Share-alike: when posting copies or adaptations of the work, release the work under the same license as the original. For any other use of articles, please contact the copyright owner. The journal/publisher is not responsible for subsequent uses of the work, including uses infringing the above license. It is the author's responsibility to bring an infringement action if so desired by the author.