EU citizens nowadays have the option to choose cross border healthcare services, based on a number of reasons. These could include the lack of facilities and personnel in the region where a citizen resides, and he/she finds that he/she can acquire a better level of service in another member state. Another reason may be a case of emergency when a citizen is travelling abroad. The Directive 2011/24/EU, which covers the patient’s rights when receiving healthcare in another country, has been into implementation since 2013. This becomes more crucial, since the new GDPR Framework will be in force from May 2018. In addition to managing risks, and since a community of healthcare institutions on an EU level is not yet implemented, trust between hospitals and care centres remains an open challenge. A desired level of trust is only achieved when the necessary structures are in place in order for healthcare organisations and patients to be assured that a certain level of control and traceability of their data for accountability reasons has been achieved. Therefore, assessing cybersecurity and privacy risks that are associated with data exchange, and helping healthcare organisations to mitigate them becomes a crucial aspect towards increasing the aforesaid trust. Cross border healthcare services naturally require the exchange of health data, whether it is medical records or measurement/examination results. This operational and business shift means that risks that must be mitigated are originated from more than a single healthcare organisation. Parties that participate in an exchange of health data need to assess their cybersecurity and privacy risks and mitigate them.
Scenario. An individual from Spain is spending a few days in Sweden for business. While he is enjoying dinner, he starts feeling unwell. He decides to visit a medical centre’s outpatient, where he is initially administered for examination by the centre’s staff. There he provides his European Health Insurance (EHI) Card, which once received by the doctor he is asked some preliminary questions. The doctor logs into the Health Professional Application (HPA) with his credentials and requests for the patient’s history by inputting his full name. HPA communicates with the CUREX Private Blockchain (PrB) to retrieve information regarding the patient’s hospital, which include past transactions, and hospitals privacy and cybersecurity risk information. The HPA initiates a data access request to the Puerta de Hierro Universitary Hospital (HUPHM), in Spain which holds the patients’ history. Having adopted the CUREX Platform, HUPHM has already assessed and managed its cybersecurity and privacy risks, thus achieving a very satisfying readiness level that covers both data security during the transaction process and the patient’s privacy by effectively classifying the information displayed by multiple levels. Having followed the recommendations of the CUREX Optimal Safeguards Tool, HUPHM enforces strong multi-party encryption, with the decryption keys being securely communicated in a later stage to the Swedish hospital. In addition, HUPHM enforces a level of anonymisation to parts of the exchanged health data to ensure adequate privacy levels. A Smart Contract is generated containing the details of the transaction stored in PrB, which will aid in future auditability and forensics in the unlikely case of a privacy or cybersecurity breach.
Once the agreement between the hospitals is complete, the doctor informs the patient and asks for his consent. The patient is able to grant this by using the CUREX Patient Application in his phone. Next, the doctor proceeds to retrieve the patients’ medical history, from HUPHMs’ services. He seeks the patient’s allergy history and heart/lung diseases. HUPHM discloses only this particular information. After ensuring that the patient’s allergy history is clear, he proceeds with the medical consultation and provides a medical prescription for his case. In the end, the doctor greets the patient and proceeds to close the incident by inputting its details to HPA, which in turn will initiate a transaction request to send the relevant examination record to the patient’s hospital.