Privacy regulations for the brussels health network regarding the exchange of data between health providers
1. Some definitions
- The Brussels Health Network: the medical data-sharing network established by the Brussels Association for Medical Telematics (asbl Abrumet). It is a Hub of the (federal) eHealth platform. The names Brussels Health Network or Abrumet are used interchangeably in this document.
- EPR or electronic patient record: computerised file containing all of the data regarding the management of the patient. The EPR is composed of the medical notes and record, nursing care record and the administrative file .
- Hub: regional entry point to the (federal) eHealth platform for member service providers and care establishments.
- Patient: the actual person to whom healthcare is dispensed, at his/her request or not, as defined by the Act of 22nd August 2002 relative to the rights of the patient or any person exercising the patient’s rights as their representative pursuant to the Act and any other applicable legislation.
- Treatment relationship: the care relationship entered into between a professional practitioner and a patient .
- Care-related relationship: link established between a care provider and a patient .
- GDPR: regulation 2016/679 from the European Parliament and the Council dated 27th April 2016 relative to the protection of natural persons regarding the processing of personal data and the free movement of such data, repealing directive 95/46/EC (General Data Protection Regulation) and the Belgian framework law.
- Patient Rights Act: Act of 22nd August 2002 relative to patient rights.
- Healthcare providers: the care dispensers and care institutions stated in article 2, 3° of the decree relating to the electronic health data exchange platform.
- Care provider: any person or party providing care to a patient.
- Medical profile: medical field in which the care provider works (surgery, general medicine, physiotherapy, etc.).
- Item of data: any information relative to the patient. An item of data may also consist of a whole document.
- Publication: viewing via the Brussels Health Network of an item of data, whether contained in an EPR or not.
- Legal representative: person designated pursuant to an applicable piece of legislation for the purpose of representing and defending the interests of the patient. The legal representative acts in the name of and on behalf of the patient.
- Unique identifier: unique sector-specific personal identification number in the health field stated in article 7, §3 of the decree relative to the platform for exchanging health data.
- Health data: item of data processed in the context of the care dispensed, as stated in article 2, 2° of the decree relative to the platform for exchanging health data.
- Data safe: a service for hosting the details of health providers without an appropriate IT infrastructure, in the aim of enabling them to participate in the health data-sharing system stated in article 5, §1, 3° of the decree relative to the electronic platform for exchanging health data.
[i] Agence Nationale d’Accréditation et d’Évaluation en Santé (ANAES)
[ii] Voir le Règlement du partage de données de santé entre les systèmes de santé connectés via le répertoire de références de la plate-forme eHealth approuvé par la section santé du Comité sectoriel de la sécurité sociale et de la santé par sa délibération nr. 14/016 du 18 février 2014, modifiée le 9 juin 2015.
[iii] Voir le Règlement du partage de données de santé entre les systèmes de santé connectés via le répertoire de références de la plate-forme eHealth approuvé par la section santé du Comité sectoriel de la sécurité sociale et de la santé par sa délibération nr. 14/016 du 18 février 2014, modifiée le 9 juin 2015.
The Brussels Health Network is an initiative by care providers, working together within the Brussels Association for Medical Telematics (asbl Abrumet). This project came about from the desire to collaborate between hospitals and general medicine circles in the Brussels Capital Region (the ‘Fédération des Associations de Médecins Généralistes Bruxellois’ and the ‘Brusselse Huisartsen Kring’), who are the founder members of asbl Abrumet. All Brussels hospitals are represented in the association, all sectors combined (public/private/university).
The Brussels Health Network is a network for sharing electronic medical data, linking all Brussels and Belgian hospitals with non-hospital care providers. It enables users to list central patient data (results of tests/examinations, medical reports, correspondence, etc.). The network’s main mission is to strengthen communication between health providers with the constant aim of improving the quality of the care dispensed to patients.
Thanks to this network, only those care providers who treat and advise patients may view the electronic medical data relating to those patients, securely and at any time.
Only care providers with a treatment or care-related link with a patient may access their shared electronic medical information, subject to the patient’s agreement. The term ‘treatment or care-related link’ encompasses any care provider involved in the continuity of a patient’s care. This includes providers specialising in analysis and medical imaging.
The Brussels Health Network is also a Hub within the (federal) e-Health platform system and is a subcontractor of the health providers in the sense of the GDPR in terms of the exchange of personal health data via the network.
The Brussels Health Network is responsible for consistent processing and the creation of the unique patient identifier required for the exchange of health data within the network.
Participating in the Brussels Health Network is voluntary. As a result, the Brussels Health Network can never guarantee the exhaustive nature of the patient’s data. Publication of the Sumehr (Summarised Emergency File) by the general practitioner (GP) is desirable, but not mandatory.
3. Data Processed by Brussels Health Network
Abrumet retains the data required for the proper operation of the Brussels Health Network and which is used to validate requests for action, both from patients and from health providers.
This data consists of:
- data relating to patients:
- identification of patients,
- memorisation of their informed consent for sharing health data in the context of the continuity of care,
- the references to decentralised medical records,
- access logs,
- data about care providers and health providers:
- the identification of care providers,
- memorisation of their membership,
- references to decentralised medical data,
- access log,
- number of consultations per GP,
- number of Sumhers published per GP,
- number of patients registered per GP,
- number of Sumhers linked to the number of patients,
- e-mail address to be used for all communication in the event of a security breach
4.1 FRATEM (Walloon health network)
In view of the expertise developed by the Regional Federation of Medical Telematics Associations, referred hereinafter as FRATEM, in relation to the design and implementation of an electronic health data exchange platform, ABRUMET has called on FRATEM to:
- make the Hub, Data Safe and Portal developments of the Walloon Health Network available to ABRUMET
- provide a second-level maintenance and support service for these developments
- make the hardware and software infrastructure available in order to host ABRUMET’s Hub, Data Safe and Portal in the production, test and UAT environment
- coordinate the management of this infrastructure and the availability of specialist human resources to manage this infrastructure.
FRATEM presents sufficient guarantees regarding the implementation of appropriate technical and organisational measures in a secure environment.
To enable health providers who do not have the material resources for hosting data relating to the health of their patients to share this health data, the Brussels Health Network makes a secure data ‘safe’ available to them.
To make this happen, EASI, a Belgian provider of cloud solutions, security and management solutions, has been brought in as a subcontractor (https://www.easi.net/fr).
EASI offers a whole range of guarantees regarding the implementation of appropriate technical and organisational measures in a secure environment.
5. Data hosting
A Brussels Health Network central server contains only one index of health data per patient, which is not centralised within the Brussels Health Network. In fact, these indices remain hosted on the servers of the health providers or in the data safe.
Health data is published by the health providers and is:
- kept by hospitals and medical laboratories, or
- stored in the data safe.
This documents details the functions made available to the health providers and patients via the Brussels Health Network’s secure platform.
6. Management of access rights by the Brussels Health Network
6.1 Care providers
The aim is to define whether a care provider has permission (i.e. may or may not) carry out an action (e.g. to view) on an item of data for a specific patient, based on a particular context (attending physician or on-call doctor, for example).
For permission to be granted:
- The patient must have consented explicitly to the sharing of his/her data via the Brussels Health Network.
- A care provider must have declared the item of data to be relevant for an exchange.
- This declaration must not be accompanied by a general or specific exclusion of the care provider.
- The care provider must have explicitly agreed to these regulations, which imply consent to the connection contract of the Brussels Health Network.
- The care provider must have the right to carry out the action (view) for this type of data. Specific rights are required to enable different types of care provider to access different categories of health data. It should be remembered that these are “default” access rules and that there are also access variation mechanisms at the level of each document.
- The care provider must have declared a care-related or treatment relationship with the patient (attending physician or on-call doctor, for example). When a care professional refers his/her patient to another care professional, he/she can declare a treatment relationship between his/her patient and this other health professional with the informed consent of his/her patient or at his/her patient’s request.
- “Partial” access to Sumehr more specifically means access to elements of medication and vaccination, allergies, intolerances to medication and medical risk factors. This access is subject to the existence of an individual treatment relationship with the care provider in terms of the Brussels Health Network.
- “Patient note” means any note made by the patient in addition to the journal notes. In particular, this covers the “Health summary declared by the patient” and the “BeCoag” passport made available by haemophilia patients wishing to do so via the BeCoag portal.
- If access is denoted as “limited”, it means that the health professional’s access is limited to the documents issued by a professional of the same category. Beyond this access “by profession”.
- Access denoted as “limited*” shows that nurses, physiotherapists, occupational therapists and speech therapists can access documents for all 4 of these categories
- The line “Other (general rule)” covers all documents, such as discharge letters, contact reports, transfer letters and so on, which are not the subject of a specific line.
- Access denoted as “conditional” serves a reminder that access to documents relating to psychiatric matters is limited to health professionals accredited specifically and distinctly for this field.
- The “SafeLink – Covid19” report is a report generated through the “Covid 19 – eMonitoring First Line” application, in line with the “Privacy Statement” for that application.
Patients may manage access rights via their “private space”, as detailed in articles 7.4 and 7.7 below.
7.1 Informed consent from the patient for the sharing of his/her health data
Apart from the messaging flows currently managed through existing solutions, for data flows included in the secure technology of the Brussels Health Network, no sharing of data may take place before the patient has given his/her explicit and informed consent.
The patient’s informed consent for the sharing of his/her health data can be declared either by the patient or his/her legal representative, or by a doctor, pharmacist, nurse, dentist, hospital or health fund.
Consent given by the patient for the sharing of data within the Health Network also applies for the federal portal at https://masante.belgique.be. To be clear, the data published on the Brussels Health Network will also be accessible via the federal portal at https://masante.belgique.be in compliance with the rules set out in these regulations.
Registration of consent can be made via various channels, including the federal portal at https://masanté.belgique.be or through one of the Belgian health networks (hub). As a hub, the Brussels Health Network is part of the policy of national consent registrations, using the means set out in the next point.
7.2 Registration of the patient on the secure Brussels Health Network platform
The patient becomes an active user of the Brussels Health Network when he/she registers with one of the hubs on the (federal) e-Health platform. This registration process includes the recording of the consent mentioned above, if it has not been given elsewhere.
The patient must be over 16 years of age to register with the Brussels Health Network and be able to access their shared health record. Before this age, registration is carried out by the legal representative.
This registration allows access to the private space on the Brussels Health Network website.
Registrations can be made:
- Directly by the patient on the website using his/her Belgian eID or via ITSME
- By any care provider,
- By a care institution.
- By the Brussels Health Network administrative office, based on written requests from patients, accompanied by a front/back copy of the patient’s identity card. In the case of legal representation, the request must be accompanied by a front/back copy of the legal representative’s identity card, as well as a document proving the identity of the patient represented and the status of the representative.
7.3 Revocation of the patient’s registration
The patient can revoke his/her registration at any time:
- either directly via his/her “private space” on the Brussels Health Network website
- or via his/her attending physician.
- or via the hospital
- or by sending a signed revocation request to the Data Protection Officer of the Brussels Health Network (email@example.com). This request must be accompanied by a front/back copy of the identity card of the person making the request. Revocation only becomes effective when it has been processed by the Brussels Health Network.
The system will soon enable the patient’s death to be registered, which will modify access to his/her records, in accordance with the applicable legislation, including the Act of 22.08.2002 to patient rights and the GDPR.
7.4 Supervision of access rights by the patient
The way in which access rights are opened to care providers is set by these regulations.
Via his/her “private space” on the Brussels Health Network website, the patient can access the list of care providers who have accessed the patient’s records. Patients can also obtain this list, or more detailed information from the Data Protection Officer at the Brussels Health Network (firstname.lastname@example.org) by sending a signed written request or electronically signed e-mail, accompanied by a front/back copy of the patient’s identity card or, if the patient is declared represented on the Brussels Health Network, his/her representative’s identity card.
The patient can block access to his/her data to one or more card providers, either directly via his/her “private space” on the Brussels Health Network website, or by sending a signed written request or electronically signed e-mail, accompanied by a front/back copy of the patient’s identity card or, if the patient is declared represented on the Brussels Health Network, his/her representative’s identity card to the Data Protection Officer (email@example.com) of the Brussels Health Network. This action can also be taken, although only by the patient, using the federal eHealthConsent app. Exclusions of providers made at a federal level and at the level of the Brussels Health Network are synchronised.
In the same way, the patient can block the publication of one or more items of data relating to him/her by contacting the author of the document directly.
7.5 Access to his/her documents by the patient
Subject to the exceptions stated in the applicable legislation, including the Act of 22.08.2002 relative to patient rights and the special terms set by the health providers in the best interests of patients, the patient can access the contents of health data shared once it has been posted on the Brussels Health Network by the care providers who are the authors of that data.
Any care provider who is the author of the information can decide not to make all or part of the health data accessible to the patient, albeit while complying with the applicable legislation, including the Act of 22.08.2002 relative to patient rights and the GDPR.
7.5.1 Intervention by a person of trust
The patient can designate a person of trust of his/her choice, who will guide him/her or take his/her place for consulting the patient’s data shared via the Brussels Health Network. The identity of this person is recorded in the Brussels Health Network (an area is provided for this purpose in the patient’s details).
A person of trust can be registered with the Brussels Health Network
- either by the patient by entering the details of the person of trust’s identity card via the secure portal of the Brussels Health Network;
- or via a care institution or through the administrative manager of the Brussels Health Network based on a form signed by the patient and the person of trust. This request must be accompanied by a front/back copy of the identity card of either the patient or the patient’s person of trust.
7.5.2 Intervention by the patient’s legal representative
When a patient is not able to exercise his/her rights (as in the case of an underage person (minor) who is unable to fully understand his/her interests, or an adult who is unable to express what he/she wants, etc.), his/her representative (legal representative, representative designated by the patient, or representative designated pursuant to the Patient Rights Act, administrator acting for the person) will exercise his/her rights in accordance with articles 12 to 14 of the Patient Rights Act.
This representative, called the “Legal trustee”, can be registered in the patient’s details in the Brussels Health Network. Any request for information must be made in the exclusive interests of the patient. The professional practitioner can refuse access to the patient’s data pursuant to protection of the patient’s privacy under article 15 of the Patient Rights Act.
Registration of the legal trustee with the Brussels Health Network can be carried out:
- either via a hospital, or
- by the administrative manager at Abrumet, based on the form signed by the legal trustee and the supporting documents confirming this role
7.5.3 Minors under 16
The legal representative has access to the shared file of a child under 12 registered with the Brussels Health Network and provided that he is declared as a representative of this child.
For a child aged between 12 and 16 years old, only health professionals having a therapeutic link with the child have access to his computerized health record to the exclusion of any other person, including the legal guardian who can always exercise the rights of the minor via the health actor in accordance with the law of 22 August 2020 relating to the rights of the patient.
7.6 Rights set by the GDPR
Subject to what is stated in these regulations, any request relative to the exercise of the rights of the person in question, as set by the GDPR, must be sent to the data controller, i.e. the health provider. However and to enable the effective exercise of these rights, the request can also be sent to the Data Protection Officer of the Brussels Health Network (firstname.lastname@example.org), who will pass the request on as soon as possible to the relevant data controller to follow up.
7.7 Private space
The Brussels Health Network gives the registered patient access to its “private space” application via its website. By using the “private space” application of the Brussels Health Network, the user fully and unconditionally accepts the privacy regulations and undertakes to comply with them. If the user refuses, he/she will be required to refrain from using the “private space” application of the Brussels Health Network.
Via his/her private space, the patient has access to the following functions detailed in these regulations:
- Revocation of the patient’s registration; (7.3)
- Rules for accessing data via the Brussels Health Network; (7.4,7.5 )
- Exclusion of a professional practitioner for accessing shared data; (74)
- Control of access to shared documents; (7.4, and 11)
- Access to the contents of shared data by the patient; (7.5)
- Registration of a person of trust and a representative (7.5.1. and 7.5.2)
7.7.1 Quality of information
The data available via the “private space” of the Brussels Health Network is deemed correct at the time of its publication by care providers or hospitals, although it may have become inaccurate or out of date at the time the data is viewed. As a result, no guarantee can be given regarding the quality, accuracy or exhaustive nature of each item of information viewed in the “private space” application via the Brussels Health Network website.
The contents of the Brussels Health Network website and the “private space” application (including links) may be adjusted, modified or added to at any time without notice or communication.
The Brussels Health Network declines all liability for damage that may result from the use of information obtained through the “private space” application. This includes, without limitation, all indirect damage, losses, interruption to work, damage to programs or data on the IT system, hardware, software, etc. of the patient. It is the responsibility of the patient to take all precautions to ensure that what he/she selects for his/her use is free of any virus, worm, Trojan horse and other elements that may damage the patient’s data or hardware.
As a result, the patient is entirely responsible for any use that he/she makes of the information obtained via the “private space” application.
7.7.3 Links and redirections
The website and “private space” application contain hyperlinks to other websites, as well as redirections to other sources of information, such as other hubs. These links and sources of information are made available to the user on a purely indicative basis. The Brussels Health Network does not control these hyperlinks and other sources of information featured on these sites and is therefore unable to offer a guarantee of any kind as to the quality and/or exhaustive nature of this information. The Brussels Health Network declines all liability for any damage that may result from viewing the information contained on other or sources of information in general and to which the user is redirected by the “private space” application.
8. The care provider
8.1 Membership of the care provider
Only care providers who have stated that they agree with these regulations and who have been authorised to access the system may access shared data and post data.
8.2 Registration/membership/accreditation/revocation of professional providers
The care provider is required:
- Either to complete the document in pdf format, sign it and send it to the administration department of the Brussels Health Network.
- Or to complete a registration form online and electronically sign his/her/its application for membership and to designate a guarantor from among the professional providers designated by the Brussels Health Network to play this role.
The guarantor will approve the care provider’s registration to render it effective after checking the care provider’s ability to act within the context of the Brussels Health Network. The care provider will then be authorised to access the Brussels Health Network and its services. Non-hospital specialist doctors who do not practise within a hospital environment may be registered in the Brussels Health Network based their INAMI number.
As far as care providers working in a care institution are concerned, the Medical Director will provide a list of the care providers in his/her institution able to access the Brussels Health Network; this list must be signed (handwritten or electronic signature) by him/her and will state that the care providers on the list have the required capacity to access the Brussels Health Network and accept these Brussels Health Network regulations, as well as the contract for connection to the Brussels Health Network. The Medical Director is responsible for keeping this list up to date and giving notice of any modification to this list.
The administrators of Brussels Health Network can revoke a care provider in the event of this regulation being breached.
The care provider may make amendments to his/her/its details at any time.
By registering, the care provider agrees to be notified by e-mail of any significant security breaches or major modifications to the default settings. The care provider also agrees to receive the Brussels Health Network newsletter.
For care providers working in a care institution and included on the list mentioned above, this notification will be sent to the medical director for the institution.
8.3 Sharing data
Any care provider authorised to access the Brussels Health Network may, in agreement with the patient or the patient’s representative and informed consent having been given, decide whether or not to share data via the Brussels Health Network. The care provider will ensure that only data required for the continuity of care and in line with his/her/its medical profile will be shared on the Network. The care provider will carry out this action as part of a confidentiality arrangement shared with the other care providers who themselves have undertaken only to access data in the very restrictive context of these regulations, in addition to the simple existence of a care-related or treatment relationship with the patient.
The sharing of data may be accompanied by access restrictions: any professional practitioner may, in agreement with the patient or his/her representative, either authorise or block access to this item of data to a specific list of care providers. The party sharing the data has the right to access this data insofar as he/she/it has a care-related or treatment relationship with the patient and where the patient has not blocked the care provider from accessing this data.
The informed consent of the patient applies to the sharing of both future and past data. Care providers remain free to publish the history of the file.
8.4 Viewing data
Any care provider with authorisation to access the Brussels Health Network may access the data posted on the Network on condition that he/she/it has a care-related or treatment relationship with the patient and where the patient has not blocked access to this item of data and/or this care provider.
Viewing data may only be within the very restrictive context of these regulations, in addition to the simple existence of a care-related or treatment relationship with the patient consultation.
The care-related or treatment relationship may be created by the care providers and by the patient or his/her representative. When a care professional refers his/her patient to another care professional, he/she may declare a treatment relationship between his/her patient and this other professional with the informed consent of his/her patient or at the request of this patient. This relationship expires after a certain period of time, defined for each type of relationship. The patient may always revoke it early.
In emergencies, the care-related or treatment relationship is assumed until proof is given to the contrary.
9. Cancelling a reference to an item of data
Data or their reference can be deactivated in the event of an error or at the request of the patient by the professional who published this information.
10. Tracing access
Every action taken on an item of data is traced.
10.1 Viewing the overall trace of accesses
This is the list of care providers who have accessed the patient’s data. For each of them, the Brussels Health Network has a record of the days on which an access was recorded.
10.2 Viewing the detailed trace of accesses
This is the detailed list of all accesses to all data for a patient. For each access, the Brussels Health Network has details of the identity of the person connecting, the exact time the data was viewed, the institution from which the call came and the identification of the document viewed.
11. Data Protection Officer
A Data Protection Officer has been designated by the Brussels Health Network, in line with articles 37 and following of the GDPR.
The DPO may be contacted for all questions or complaints relating to these regulations.
However, for all requests that do not come under its remit, such as requests linked to the exercise of a right granted by the Patient Rights Act, the DPO may pass on the question or complaint to the data controller, which is the only party able to follow it up.