Monday, 27 July 2009

RFID in EU healthcare : privacy concerns an obstacle

Healthcare / medicine is one area where RFID chips could be put to good, potentially life-saving, use (in contrast with identity cards) – as long as RFID use is implemented and managed properly, of course.

I’ve just come across an interesting April 2009 study by RAND Europe prepared for the European Commission’s DG INFSO (DG Information Society and Media’s H1 unit (ICT for health): Study on the requirements and options for Radio Frequency Identification (RFID) application in healthcare.

The study provides:

“an assessment of the main drivers, obstacles and uncertainties surrounding the deployment of RFID in healthcare in Europe. It identifies the most promising RFID applications in the healthcare delivery domain by reviewing the costs and benefits, as far as possible, and assessing enablers and obstacles to full deployment of RFID. Finally, the report provides an evaluation of the current market for RFID in healthcare in Europe and its future potential.

The analysis is based on a thorough review of academic and grey literature and available data sets, a Delphi survey of experts followed by semi-structured key informant interviews, and seven case studies of RFID applications across Europe and the US.”

This chart, figure 4 “Importance of uncertainties to successful implementation of RFID and easiness to overcome these potential obstacles” extracted from pg. 41 for news reporting purposes only, is particularly interesting:

On privacy, which the study classed as an “information security risk” issue:

“10. Negative perceptions among different categories of users still exist and need to be taken seriously. It requires a continuous,frank and open sharing of information about potential societal risks associated with the use of these tools, for example privacy breaches. The sharing of information, nevertheless, should involve all interested stakeholders and users of healthcare delivery organisations…[p.xxii]

…The main concerns expressed by citizens are related to the uncertain impact of RFID exploitation on privacy. The consultation resulted in a clear request for development of a combination of technical measures and a legal framework to prevent abuse…

Industry is interested in using RFID for innovative applications, but is holding
back because of uncertainties with regard to future demands in terms of privacy protection measures and standards [p.27]

… The Delphi identified the three most important uncertainties, or potential obstacles, for successful implementation in the future as issues concerning ‘reliability’, ‘data integrity’ and ‘privacy’ of RFID applications.[p.39]”

See 2.3.5 on page 43 for the main discussion on “Identifying and addressing privacy concerns”.

For other recent developments on technology and healthcare in the EU, see also Telemedicine for the benefit of patients, healthcare systems and society, COMMISSION STAFF WORKING PAPER SEC(2009)943 final, June 2009 (summary and more generally EU telemedicine and EU ehealth), and the Virtual Physiological Human project.

©WH. This work is licensed under a Creative Commons Attribution Non-Commercial Share-Alike England 2.0 Licence. Please attribute to WH, Tech and Law, and link to the original blog post page. Moral rights asserted.