Patient data is valuable both for patient care and for research purposes. However, access to that data should be in accordance with the wishes of the patient. This proposal suggests an all-or-nothing approach to granting read access to patient data.
Access to patient data should be restricted to authorized parties in accordance with the wishes of the patient or their legal representative.
While the initial recording of patient data requires temporary knowledge of that data, it does not imply patient consent for authorizing future reading. The contribution of data should be decoupled from access to data – as far as practically achievable, it is a write-only operation.
Goal: allow restricted access to data during capture
All patient data is by default inaccessible to all parties. Explicit consent is required to gain read access to patient data.
Goal: to explicitly authorize access to patient data
Data export routines should respect the authorization constraints on patient data, filtering out data which has not been explicitly marked as available to the export consumer.
Goal: only export data which has been explicitly marked with patient consent