Practical Guidelines for use of eHRSS
This Code of Practice (COP) is an administrative document issued by the Commissioner for the Electronic Health Record (“the Commissioner” or “eHRC”) under section 52 of the Electronic Health Record Sharing System Ordinance (Cap 625) (“eHRSSO” or “the Ordinance”).
This COP provides good practice and recommendations while eHRSSO stipulates legal requirements in using Electronic Health Record Sharing System (“eHRSS” or “the System”).
This COP issued by eHRC is different from documents / codes with similar titles issued by other regulatory bodies for governing conduct and behaviour of healthcare professionals or by the Office of the Privacy Commissioner for Personal Data (PCPD) for overall protection of personal data under the Personal Data (Privacy) Ordinance (PD(P)O) (Cap 486).
This COP helps eHRSS users and participants (in particular healthcare provider’s executive, administrative, technical staff and healthcare professionals) to better understand the operation of and the requirements for using eHRSS. It sets out the major principles, standards and best practices for using eHRSS in a secure and proper manner and it should not be regarded as exhaustive.
This COP is for reference and it is not mandatory to comply with all the requirements and recommended best practices set out in it. Healthcare providers and healthcare professionals may find alternative ways other than those recommended in this COP which also enable them to meet the relevant requirements in eHRSSO. However, not otherwise engaging in appropriate practices may lead to security or privacy incidents and put the participants at risk of not able to continue to use the system.
Mere non-compliance with this COP by itself does not render the person to any criminal proceeding unless such action of breach in itself constitutes an offence under eHRSSO or other ordinances.
Section 2 - COP for Management Executives, Administrative and Technical Staff using eHRSS provides general and practical guidance for Management Executives, Administrative and Technical Staff working in Healthcare Providers (HCPs) who have participated in eHRSS.
Section 3 - COP for Healthcare Professionals using eHRSS provides general and practical guidance specific for Healthcare Professional using eHRSS for sharing health information for providing healthcare to Healthcare Recipients (HCRs).
Use of Code of Practice
Reading this COP facilitates understanding and compliance with eHRSSO and other relevant ordinances to safeguard healthcare recipients’ privacy and confidentiality for using eHRSS. In compiling this COP, reference has been made to similar guidelines issued by various authorities and renowned organisations in overseas countries where electronic medical or patient record systems have been implemented (See Annex 4.1).
Participants are recommended to read this COP in conjunction with eHRSSO, PD(P)O (Cap 486) and other references quoted throughout this document. Other useful references include guidelines, notices, newsletters and relevant updated information issued by the Electronic Health Record (eHR) Office (See Annex 4.8). Participants are also reminded to refer to the Code of Practice and Guidance issued by the Office of the Privacy Commissioner for Personal Data (PCPD) regarding protection of personal data privacy (See Annex 4.9).
eHRC may, from time to time revise the whole or any part of this COP and publish further guidelines and other requirements for operation of eHRSS.
Definition of Terms
Authorised Person (AP)Means a person who is authorised by the healthcare recipient to handle registration and consent matters on behalf of the healthcare recipient under the requirements of the Electronic Health Record Sharing System Ordinance (Cap 625)
Commissioner for the Electronic Health Record (eHRC)Means the public officer appointed under the section 48 of eHRSSO (Cap 625) to operate and maintain eHRSS
Data Access Request (DAR)Means a request under section 18 of PD(P)O (Cap 486)
Data Correction Request (DCR)Means a request under section 22(1) of PD(P)O (Cap 486)
Electronic Health Record (eHR)Means, in respect of any registered HCR, the record of data and information of the registered HCR (or any part of it) kept in eHRSS; and the record of data and information in relation to a HCR who was once registered, but is no longer registered, that was kept in eHRSS
Electronic Health Record Office (eHR Office)Means the administrative office set up under the eHRC or engaged by the eHRC for operation and administration of the Electronic Health Record Sharing System
Electronic Health Record Sharing System (eHRSS)Means the information infrastructure for keeping of records of registered HCRs and sharing and using of data and information contained in those records
Electronic Health Record Sharing System Ordinance (Cap 625) (eHRSSO)The Ordinance provided for the establishment of eHRSS, the sharing and using of data and information, and the protection of eHRSS, data and information; and to provide for incidental and related matters
Health DataMeans the data and information relating to the health condition of, or to the healthcare provided or to be provided to, the recipient
Healthcare Providers (HCP)Means a person that provides healthcare
Healthcare Recipient (HCR)Means an individual for whom healthcare has been performed, is performed, or is likely to be performed in Hong Kong
Healthcare Recipient Index (HRI) DataMeans the personal particulars of the recipient that identifies the recipient for the operation of the System
IdentifiableMeans the identity of the healthcare recipient is ascertainable from the data and information
Joining ConsentJoining Consent given by the healthcare recipient or the substitute decision maker (if applicable) is for the eHRC to share data with prescribed healthcare provider which has obtained sharing consent from the healthcare recipient or which provides healthcare services by referral
Non-identifiableMeans identity of the healthcare recipient is unascertainable from the data and information
PD(P)OPersonal Data (Privacy) Ordinance (Cap 486) (PD(P)O)
Persona DataMeans any data, according to PD(P)O (Cap 486)
- relating directly or indirectly to a living individual;
- from which it is practicable for the identity of the individual to be directly or indirectly ascertained; and
- in a form in which access to or processing of the data is practicable
Prescribed Healthcare ProvidersMeans:
- the Department of Health;
- the Hospital Authority;
- a registered healthcare provider
Privacy CommissionerMeans the Privacy Commissioner for Personal Data established under section 5(1) of the PD(P)O
Sharable DataMeans both the index data and the health data of the healthcare recipient
SharingMeans the act of providing or obtaining any sharable data of a registered healthcare recipient through the System
Sharing ConsentMeans the consent for sharing given by registered HCR to registered HCP under section 12 of eHRSSO
Substitute Decision Maker (SDM) (see Section 4.2)Means an eligible person giving consent on behalf and in the name of the healthcare recipient under the requirements of eHRSSO
SystemMeans the Electronic Health Record Sharing System
System DataMeans the data generated and kept in the system under operation, including access logs, record transaction logs and audit logs
UseIn relation to data or information in an electronic health record, includes disclosure or transfer of the data or information