The concerns about privacy and personal data protection resulted in reforms of the existing legislation in European Union (EU). The General Data Protection Regulation (GDPR) aims to reform the existing measures on the topic of personal data protection of the European Union citizens, with a strong input on the rights and freedoms of people and in the establishment of rules for the processing of personal data. OpenEHR is a standard that embodies many principles of interoperable and secure software for electronic health records. This work aims to understand to what extent the openEHR standard can be considered a solution for the requirements needed by GDPR. A list of requirements for a Hospital Information Systems (HIS) compliant with GDPR and an identification of openEHR specifications was made. The requirements were categorized and compared with the specifications. The requirements identified for the systems were matched with the openEHR specifications, which result in 16 requirements matched with openEHR. All the specifications identified matched at least one requirement. OpenEHR is a solution for the development of HIS that reinforce privacy and personal data protection, ensuring that they are contemplated in the system development. The institutions can secure that their Eletronic Health Record are compliant with GDPR while safeguarding the medical data quality and, as a result, the healthcare delivery.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com