B. Stanberry, THE LEGAL AND ETHICAL ASPECTS OF TELEMEDICINE - 2 - DATA PROTECTION, SECURITY AND EUROPEAN LAW, Journal of telemedicine and telecare, 4(1), 1998, pp. 18-24
The electronic record may be subject to abuses that can be carried out
on a large scale and cause great damage. A wide range of data protect
ion and information security measures will need to be taken to ensure
the quality and integrity of such records. A European Union directive
was formally adopted in 1995 which sets the obligations of those respo
nsible for data processing as well as a number of important rights for
individuals. The responsible teleconsultant or medical officer, as th
e data controller, must make sure these measures are enforced. In the
case of the transmission of medical records to another location, the o
riginal data controller may remain liable for abuses. But as different
elements of the records are spread throughout the different departmen
ts of a hospital or across different geographical locations, it may be
come difficult to ascertain who is responsible for protecting and cont
rolling what. To this end, the designation of liability by contractual
means, between the hospitals and remote users of a telemedicine netwo
rk, would be the dearest and most straightforward way of achieving uni
formity and predictability in terms of the distribution of responsibil
ity for data protection and security.