The introduction of recent legislation regarding data protection is reassuring for the Maltese. Professionals are legally obliged to manage client data in strict confidentiality. But identifiable health information could still be at risk.

The World Medical Association (WMA) has come out strongly on this issue ever since it became aware that health data was being compiled by individual firms, research institutions and governments world-wide, where there would be a link with genetic data leading to the identification of patients who had not consented to the use of certain information for purposes other than for their own interest.

In its first Geneva Declaration in 1948, the WMA stated that “physicians should ‘preserve absolute confidentiality about his patient even after the patient has died’.”

Speaking to The Malta Independent on Sunday, Dr Appleyard, who was invited by the Medical Association of Malta to give a talk to its members last Monday, said that, since Malta is joining the EU and re-thinking its Data Protection requirements, it should ensure the safeguards set out in the WMA declaration are respected.

The confidentiality of patient records forms part of the ancient Hippocratic oath, and is central to the ethical tradition of medicine and health care. Given the immense sensitivity of health-related information, it is imperative that professionals in this sector are clear about their use of personal data, Dr Appleyard said.

“If you go to a doctor and pour your heart out to him, the last thing you want is for everybody in the street to know exactly what you have done,” he said. “WMA has set international standards for medical professionals on the protection of personal health database. The reason behind this is to protect primarily the patient.”

Confidentiality is extremely important. However, difficulty arises when personal health information is used for larger databases.

“It is a question of when you require that information, see how it is used, who uses it, and who is responsible for it,” said Dr Appleyard.

A few years ago in Iceland, the government forged a deal with a private listed research company De Code Genetics to take over the national health data base with links to identifiable genetic data which would enable patients and their medical problems to be identified.

The Icelandic Medical Association (IMA) was alarmed by the security of the proposed system and the potential use of the data for commercial purposes rather than use in the best interest of the patients – which was the original and primary reason for the data to be collected.

It took continuous pressure from the IMA with the support of the WMA for the government to agree to respect the guidelines laid down by the WMA declaration on ‘Ethical Considerations’.

“Now is the time for these issues to be considered carefully and clearly – instead of being faced by a damaging scandal after which decisions tend to be forced by the particular circumstance revealed at the time, rather than the broader issues,” said Dr Appleyard.

Now that the Human Genome has been mapped, companies dealing with genetic data, pharmaceutical companies and other research institutes require genetic data also for business purposes. Dr Appleyard said the WMA is not against research but is against the misuse of personal health identifiable data.

“We do not want to stop research. But like everything else it needs controls. Sometimes that information is very sensitive,” he said. “Health information should be led by physicians. The nurse need not know all the information about the patient. We introduced the concept of medically qualified guardians who should have oversight of the personal health databases. Physicians have an ethical duty to see that patient information is not abused – this is an important safeguard.”

WMA is trying to lay down safeguards for the patients. “This is not self serving, we say it is the responsibility of the doctors to make sure that the information is going to be deposited in safe systems. The systems must be secure. Both patients and doctors should have confidence in them. There is no game at all, this is a protection.”

“This is a complex subject no body bothers about it,” continued Dr Appleyard. “It is only when a crisis happens and when some minister is exposed that problems erupt.”

Meanwhile, the Maltese Psychological Association is organising a seminar related to the Data Protection Act. The aim of the seminar is to update MPA members and other professionals in related fields about the implications of this Act. The seminar is also of interest to psychology graduates, social workers, psychotherapists, counsellors and other social welfare professionals as well as students in these fields. The seminar will take place at the Federation of Professional Bodies in Gzira on Friday 16 April at 6.30pm.

The seminar will cover the objectives of the Data Protection Act, specific legal definitions (such as who is a data collector, and who the data subject), legal obligations (such as registration) as well as issues particular to those in the helping professions (for instance: how does the Data Protection Act impinge on professional secrecy, the counselling process and research?)

Interested parties can book by phoning mobile number 7953 7698 daily, between 8am and noon. Non-members attending this seminar will be requested to pay a nominal fee.