THE LEGAL AND ETHICAL ASPECTS OF TELEMEDICINE - 2 - DATA PROTECTION, SECURITY AND EUROPEAN LAW

The electronic record may be subject to abuses that can be carried out on a large scale and cause great damage. A wide range of data protect ion and information security measures will need to be taken to ensure the quality and integrity of such records. A European Union directive was formally adopted in 1995 which sets the obligations of those respo nsible for data processing as well as a number of important rights for individuals. The responsible teleconsultant or medical officer, as th e data controller, must make sure these measures are enforced. In the case of the transmission of medical records to another location, the o riginal data controller may remain liable for abuses. But as different elements of the records are spread throughout the different departmen ts of a hospital or across different geographical locations, it may be come difficult to ascertain who is responsible for protecting and cont rolling what. To this end, the designation of liability by contractual means, between the hospitals and remote users of a telemedicine netwo rk, would be the dearest and most straightforward way of achieving uni formity and predictability in terms of the distribution of responsibil ity for data protection and security.