Electronic Health Record Sharing System (eHRSS) is established under the Electronic Health Record Sharing System Ordinance (Cap. 625) (eHRSSO). It is operated by the Electronic Health Record (eHR) Office, which is under the Food & Health Bureau and led by the Commissioner for the Electronic Health Record (eHRC). The eHR Office shall commit and take reasonably practicable steps to protect the privacy, confidentiality and security of the personal information in accordance with the requirements of the Personal Data (Privacy) Ordinance (PDPO) and the guidance provided in the information leaflets and other publications issued by the Office of the Privacy Commissioner for Personal Data as well as any other relevant requirements under the laws of Hong Kong.
All personal data contained in eHRSS is sensitive data requiring appropriate care and protection. eHR Office has adopted a series of policies, guidelines and best practices for the collection, retention, uses, disclosure, protection and facilitation of access and correction of personal data contained in the eHRSS to ensure compliance with the law:
Collection of personal data
- Personal information shall be collected from healthcare recipients (HCRs), substitute decision makers (SDMs), or authorised persons (APs), healthcare providers (HCPs) and authorised users for particular purposes.
- Personal data for identifying and contacting the persons concerned (e.g. name, identity document number, contact information…etc.) shall be collected upon their registration in the eHRSS.
- Personal health data of any HCR may be shared by the HCPs with Sharing Consent1 given voluntarily by the HCR and in relation to sharing of his/her health data in eHRSS.
- Categories of personal health data collected and shared in eHRSS shall be specified by the eHR Office.
Retention of personal data
- The personal data shall be retained for uses in accordance with the eHRSSO. Different retention periods shall be applied to different kinds of personal data collected and held by the eHRSS in accordance with its Data Retention Policy defined by the eHR Office.
- Personal data which is no longer necessary for the purpose for which it is to be used shall be erased.
Uses of personal data
Any personal data shall be used as permitted in accordance with the eHRSSO for:
- Improvement of efficiency, quality, continuity or integration of healthcare provided to the HCR;
- Research and statistics that are relevant to public health or public safety subject to prescribed conditions;
- Disease control and surveillance by the Department of Health, the Hospital Authority or a health officer under Prevention and Control of Disease Ordinance (Cap. 599); and
- Such purposes of use as permitted by or under the laws of Hong Kong e.g. uses of handling registration or withdrawal in eHRSS, court proceedings, criminal investigation, etc.
Disclosure of personal data
Except with prior consent by the persons concerned, eHR Office shall not transfer or disclose any collected personal information to any third party except as stated below:
- healthcare providers who have obtained sharing consent from the persons for sharing of their personal data for healthcare;
- person carrying out research and statistics approved in accordance with the requirements under eHRSSO;
- the Department of Health, the Hospital Authority or a health officer under Prevention and Control of Disease Ordinance (Cap. 599) to carry out disease control and surveillance;
- person to whom we are required to make disclosure under any law or court order applicable in Hong Kong e.g. court proceedings, criminal investigation, referral to authority for investigation, etc.;
- person or entity whom we may appoint in writing to assist in performing a function and exercising a power of eHRC pursuant to eHRSSO; and
- personnel, agent, adviser, auditor, contractor or service provider engaged by us to provide services or advice (e.g. technical, security or data processing service…etc.) in connection with our operations.
Security of personal data
eHR Office shall take reasonably practicable steps to ensure the security of personal data and to protect it against any unauthorised or accidental access, processing, erasure, loss or use.
Sharing of information from minors or adults and is incapable of giving consent
Joining consent2 and sharing consent shall be given by appropriate SDM as required under the eHRSSO.
eHRSS is developed and maintained by the eHR Office. Any third-party service provider shall not have access to personal data stored in the eHRSS except when such access is carried out under the supervision of the eHR Office or a contractual agreement with the eHR Office, whereby clear security and confidentiality requirements and obligations exist and such arrangements shall comply with the requirements under DPP2(3) and DPP4(2) of the PDPO.
Data Access Request (DAR) and Data Correction Request (DCR)
- Any person or a relevant person on behalf of the person, may make a request to be informed where his / her personal data is held and to be supplied a copy of such personal data, and a correction of inaccuracy (if any) in the eHRSS in accordance with the PDPO.
- Requestors for DAR and/or DCR are advised to use request forms for supplying necessary information in relation to the requests.
- A non-excessive fee is chargeable by the eHR Office for complying with a data access request.
- When handling a DAR or DCR, the eHR Office shall check the identity of the requestor to ensure that he/she is the person legally entitled to make the DAR and/or DCR.
- Please note that the eHR Office may refuse to comply with a DAR and/or DCR in the circumstances specified in the PDPO.
- DCR for HCR's personal data (e.g. name, identity document number, date of birth and gender…etc.) in eHRSS may be handled by either the eHRC or any registered healthcare providers with registration function according to the relevant guidelines issued by the eHRC.
- DCR for health data of the HCR in eHRSS may be referred to and handled by respective healthcare provider who has contributed such data to the eHRSS.
- A person can submit DAR and DCR to:
Electronic Health Record Registration Office
Address: Unit 1193, 11/F, Kowloonbay International Trade & Exhibition Centre, 1 Trademart Drive, Kowloon Bay, Hong Kong Hotline: 3467 6300 Fax: 3467 6099 Email: firstname.lastname@example.org
Data Protection Officer
Electronic Health Record Registration Office
|Address:||Unit 1193, 11/F, Kowloonbay International Trade & Exhibition Centre, 1 Trademart Drive, Kowloon Bay, Hong Kong|
1 Sharing consent given by the HCR or the SDM (if applicable) is for the prescribed healthcare provider to share the data of the HCR through the eHRSS with other prescribed HCR(s) who also have obtained a sharing consent from the HCR or the SDM. 2 Joining consent given by the HCR or the SDM (if applicable) is for the eHRC to share data with prescribed healthcare providers who has obtained sharing consent from the HCR or the SDM.