Vincent Regnault: "The data protection officer is an indispensable stakeholder in the health institution"
Telemedicine | 16 Jun 2011
The view of Vincent Regnault, Data Protection Manager at Fécamp Hospital.
Health institutions are perpetually evolving. The economic situation and the need to make care services efficient are causing institutions to prioritise information systems. The quality and comprehensiveness of the information derived from the processing of care provision is now paramount.
Health institutions must be capable of ensuring optimum traceability of care activities (medical prescriptions, paramedical care, inpatient pricing, etc).
The political will to implement the electronic health record (DMP) and develop healthcare networks requires interoperable information systems for sharing information about patients.
At the heart of this process, patients must be assured that the handling of their data is in accordance with legislation and complies with rules of professional conduct. Therefore, it seems necessary to highlight the importance of appointing a data protection officer within health institutions.
Will the amendment to European Directive 95/46 and the certification procedures require a data protection officer to be appointed systematically in every institution?
A data protection officer, tasked with ensuring that all the personal data processed is identified, compliant and updated, is an indispensable stakeholder who will allow health institutions to use the computerized patient record in a fully secure manner.
The different tasks they perform on the ground will enable officers to make other staff aware of their role. These tasks are part of a process of continuous improvement and proper risk management. They will allow each person’s competences to evolve, so that the data protection officer representing the institution can guarantee that it complies with the legislation in force. Officially appointed data protection officers have a privileged relationship with France's data protection commission, because of the dedicated telephone support and website area available to them.
Once the law on hospital reform and on patients, healthcare and the regions was passed on 21 July 2009 (law no 2009-879), a genuine transformation of care services was set in motion.
One of the key aspects of the law is the strengthening of local cooperation between public health institutions. It provides for the creation of a new type of functional cooperation: regional hospital communities.
With the implementation of regional hospital communities, a new question emerges: could a single data protection officer cover several hospitals? It is now essential to analyze the possibilities of having a single, “shared” data protection officer, as well as their remit, and the relevance of their role in the new forms of organization.
The Data Protection Officer in the Health Institution, by Vincent Regnault
Health institutions are perpetually evolving. The economic situation and the need to make care services efficient are causing institutions to prioritise information systems. The quality and comprehensiveness of the information derived from the processing of care provision is now paramount.Health institutions must be capable of ensuring optimum traceability of care activities (medical prescriptions, paramedical care, inpatient pricing, etc).
The political will to implement the electronic health record (DMP) and develop healthcare networks requires interoperable information systems for sharing information about patients.
At the heart of this process, patients must be assured that the handling of their data is in accordance with legislation and complies with rules of professional conduct. Therefore, it seems necessary to highlight the importance of appointing a data protection officer within health institutions.
Will the amendment to European Directive 95/46 and the certification procedures require a data protection officer to be appointed systematically in every institution?
A data protection officer, tasked with ensuring that all the personal data processed is identified, compliant and updated, is an indispensable stakeholder who will allow health institutions to use the computerized patient record in a fully secure manner.
The different tasks they perform on the ground will enable officers to make other staff aware of their role. These tasks are part of a process of continuous improvement and proper risk management. They will allow each person’s competences to evolve, so that the data protection officer representing the institution can guarantee that it complies with the legislation in force. Officially appointed data protection officers have a privileged relationship with France's data protection commission, because of the dedicated telephone support and website area available to them.
Once the law on hospital reform and on patients, healthcare and the regions was passed on 21 July 2009 (law no 2009-879), a genuine transformation of care services was set in motion.
One of the key aspects of the law is the strengthening of local cooperation between public health institutions. It provides for the creation of a new type of functional cooperation: regional hospital communities.
With the implementation of regional hospital communities, a new question emerges: could a single data protection officer cover several hospitals? It is now essential to analyze the possibilities of having a single, “shared” data protection officer, as well as their remit, and the relevance of their role in the new forms of organization.