Healthier SG is an initiative of the Government aimed at transforming the healthcare system of Singapore. One aspect that the Government is looking into to implement Healthier SG is the transformation of data communication and sharing among healthcare clusters, family doctors and community care providers for a more holistic and coordinated care journey. In this regard, the Ministry of Health (“MOH“) intends to introduce the Health Information Bill (“Bill“) in the second half of 2023 to facilitate the proper collection, use and sharing of patient information across different healthcare providers and care settings in a safe and secure manner.
By way of background, the National Electronic Health Record (“NEHR“) was established in 2011 as a central repository of patient summary health records drawn from and shared amongst various healthcare providers. Key health summaries from NEHR such as medications and COVID-19 test results are being shared with patients and caregivers through HealthHub for their health management. There has been an increase in the number of healthcare institutions and organisations that access NEHR over the past years. As such, the enactment of a law on health information will provide patients, residents and healthcare providers with the following benefits:
- Improved functionality of the central NEHR repository. This is achieved through mandatory contribution of summary data to NEHR by licensed healthcare providers, and extending access and/or contribution to prescribed users like retail pharmacists.
- Enhanced legal framework. This will facilitate proactive data sharing across MOH entities, Healthcare Services Act (HCSA) licensees and appointed community partners for better monitoring and follow-up.
- Safeguards for data sharing. This is to protect patient health information and respect patient autonomy.
- Cybersecurity, data security and data protection measures. This will be put in place for purposes of preserving the confidentiality of health information.
Addressing Concerns on Cybersecurity and Data Security
MOH has reached out to key stakeholders to gain a better understanding of their concerns in relation to the Bill. Although most of them were supportive of the Bill and generally agreed with the benefits of data sharing, some expressed concerns in relation to medicolegal liabilities, cybersecurity and data security.
To address these concerns, MOH will provide guidance for healthcare professionals on cybersecurity and data security. For example, MOH will set out cyber and data requirements for healthcare entities. In addition, data intermediaries must ensure that their IT systems and services maintain good cyber hygiene. In terms of training, healthcare staff must be adequately trained in cybersecurity. MOH will also align data security and protection in the healthcare industry with the current policies and standards under the Personal Data Protection Act (PDPA).
Patient Autonomy as Regards Health Information
MOH is cognisant of the fact that health information is personal and patient autonomy relating to his health information must be respected. Given this, MOH is reviewing ways to allow patients greater control over access to their records. This includes situations where patients decide not to access their health records initially but subsequently choose to get hold of the same.
Click on the following link for more information:
- MOH Press Release titled “Reviewing System Enablers to Support Healthcare Transformations – Health Information Bill” (available on the MOH website at www.moh.gov.sg)
For more information, click here to read the full Legal Update.
