Secure e-Health: managing risks to patient health data.

e-Health, as an inter-jurisdictional enterprise, presents risks to patient health data that involve not only technology and professional protocols but also laws, regulations and professional security cultures. The USA Patriot Act is one example of how national laws can shape these concerns. Secure e-Health therefore requires not only national standardization of professional education and protocols but also global interoperability of regulations and laws. Some progress in this regard has been made in the European context; however, even here developments are incomplete, and nothing similar has been accomplished on a global scale. Professional health information organizations must take the lead in developing appropriate high-level principles for professional certification and security protocols and in harmonizing these on a global basis, so that they can provide a firm and consistent foundation for international treaties. Such developments should occur in concert with other health professions, so that coordinated requirements are integrated into revisions of the relevant codes of ethics. This presentation identifies and addresses some of the ethical and legal issues and proposes a series of recommendations.