WhatsApp is facing a standoff with the Indian government over end-to-end encryption. The government has implemented the Information Technology (IT) Rules, 2021, which require traceability of messages to identify the 'first originator'. WhatsApp has argued that breaking encryption would violate users' right to privacy and has stated that it would have to cease operations in India if forced to comply with the rules. The company is seeking judicial intervention to challenge the rules as unconstitutional. The government, on the other hand, contends that WhatsApp cannot claim to protect privacy while not complying with the rules, as it could impede law enforcement agencies' ability to track fake messages [fd3bf8a8].
This standoff has raised concerns about the security of patient data in the healthcare sector. WhatsApp is one of the most popular messaging apps used by the NHS in the UK. However, new laws in the UK, such as the Online Safety Act and an amendment to the Investigatory Powers Act, could lead to government surveillance of all encrypted messaging, including WhatsApp. If WhatsApp is restricted or forced to withdraw its services from the UK, there are concerns about the impact on healthcare communication among workers and patient care. Some experts suggest that an end-to-end encrypted NHS-approved app linked to NHS mail could have avoided this problem. Major tech companies, including Meta (owner of WhatsApp and Facebook), Apple, and Signal, have warned that these requirements may lead them to withdraw their services from the UK [5b3f4b65].
In addition to the concerns over WhatsApp's encryption, the Labour Party in the UK has pledged to introduce 'patient passports' if they win the next election. The proposal aims to consolidate patients' medical records into a single digital repository, accessible to both the individual patient and medical professionals involved in their treatment. This initiative addresses the issue of interoperability and is likely to receive public support. Countries like Australia have already implemented similar systems, such as the My Health Record platform, which provides patients with a comprehensive health record accessible digitally. Privacy and data protection are crucial considerations for the success of a patient passport system. Establishing a culture of compliance and ensuring public trust are essential. Efforts should be made to include patients who may face barriers to accessing patient passports, such as language barriers or digital literacy issues. Maintaining an equitable healthcare landscape is vital. The use of data held by the NHS for research purposes should be transparent, and individuals should have the right to opt out. Security is a significant challenge for a data-rich system like patient passports, and contingency plans must be established to ensure healthcare continuity in case of system failure. Despite the challenges, patient passports offer opportunities for driving efficiencies and improving health outcomes [7c8a70c4].
Meanwhile, the Indian government is planning to digitize its immunization program and transform the Co-WIN portal into U-WIN. The U-WIN portal will link and provide immunization records for 30 million newborns and mothers annually, as well as Anganwadi and school health records. It will also be used for booking vaccine appointments, issuing digital certificates of vaccination, and storing them in DiGiLocker. The government plans to issue immunization cards linked to the Ayushman Bharat Health Account. However, there are concerns about the privacy risks associated with the collection and linking of health data through Co-WIN and U-WIN. Limited information is available about U-WIN, and it is unclear whether registration will be mandatory [b15df371].
In Guernsey, a new digital system for patients' health records is expected to cost nearly £3m less than the maximum budget approved by the States four years ago. The cost of creating a single electronic record for each patient was initially estimated at £15-20m. The programme, which has incurred expenditure of £5.1m to date, is on track to be delivered within the agreed cost envelope of £17.3m. The electronic patient record programme was originally aiming for a March 2024 launch, but the timeline was updated to the fourth quarter of 2024. The new system will be provided by IMS Maxims and the Access Group, with training starting in August and operation commencing in October [2d822126].
The Department of Health and Aged Care in Australia is in the process of digitizing its operations. The department has implemented a universal digital health record called MyHealth Record, which aims to provide healthcare providers with a single authoritative source of patient information. Approximately 90% of the Australian population has enrolled in the system, despite concerns about cybersecurity. The digitization process, which began in 2021, is expected to continue until at least 2025. The department is exploring the use of personal sensors and wearable health devices, such as remote fetal monitors, to enhance patient care. Interoperability and the potential for artificial intelligence and emerging technologies in the healthcare sector are also being considered [b57c80af].
In a global context, a recent study conducted at the Karolinska University Library examined the technical and security conditions for a cloud-based, blockchain-protected, encrypted, patient co-owned personal health record (PHR) platform. The study found a lack of prior publication on patient co-ownership of health data or PHRs, and an absence of a global standard in this area. The study emphasized the importance of patient co-ownership of health data and suggested that it could represent a new human rights entity. The study also highlighted the potential of a globally distributed, homomorphically encrypted, and blockchain-protected PHR where patients are co-owners. The study is part of a series of articles on the topic, which includes a global survey, a review of ethics and regulations, a Delphi Summit, and a technical GPOC Sandbox. The study was conducted by Dr. Niklas Lidströmer at the Karolinska Institutet [cc6198ff].
Residents in Emilia-Romagna have until June 30 to object to the automated inclusion of their previous health data and documents before May 19, 2020, in the electronic health file. The objection can be made online through the website www.sistemats.it. The Ministry of Health has launched an information campaign called Electronic Health File 2.0 'Protecting our health' to inform residents about the use of the tool. The campaign is in collaboration with the Department of Digital Transformation of the Presidency of the Council and the Ministry of Economy and Finance. To object to the inclusion of previous data, patients can access the online service 'FSE-Disputing previous data' using digital identity tools such as Spid, Cie, or Cns. Those without digital access can seek assistance from authorized consultants at local health authorities. The electronic health file provides access to health records, the ability to view and print documents, book appointments, pay health tickets, and more. It is accessible through PC or mobile devices using Spid, Cns, or Cie credentials.