370 likes | 591 Views
Why bother about Protecting the Confidentiality & Security of HIV Information?. Eddy Beck, Evidence, Monitoring & Policy Department, UNAIDS, Geneva. Main objectives of HIV programs & services. Reduce the number of people being infected with HIV
E N D
Why bother about Protecting the Confidentiality & Security of HIV Information? Eddy Beck, Evidence, Monitoring & Policy Department, UNAIDS, Geneva
Main objectives of HIV programs & services • Reduce the number of people being infected with HIV • Improve the quantity and quality of life of people living with HIV
Universal Access • The current program under which the UN family is currently focussing its efforts • Followed on from “3 by 5” • Wider context of the Millenium Development Goals • Scaling up prevention, treatment, care and support services. • National targets set by countries, involving professionals, civil servants, politicians and members of civil society
Criteria of success of any intervention, program or service • Effectiveness: the outcome and impact of a certain intervention, program or services • Efficiency: the resources required to achieve an certain outcome or impact. • Equity: who benefit from the intervention, program or services? • Acceptability: how acceptable is the intervention, program or service to users and providers?
In order to optimize service provision, individual level data provides a very important source of information • to improve services provided for individuals and where possible provide integrated ‘seamless’ services. • Use individual level information for monitoring, evaluation and surveillance
Developing the ‘Third One’ in countries To assist countries to develop their HIV information systems, the international community has been assisting countries in developing some of the basic building blocks for national HIV information systems
GLOBAL AGENCIES, DONORS INDICATOR DATABASES: CRIS/HEALTH MAPPER DevINFO/ KIDS etc. NATIONAL MINISTRIES, SUB-NATIONAL, LOCAL ADMINISTRATORS Monitoring XML INDICATOR REGISTRY Evaluation HL7 / XML XML / HL7 ACADEMICS, NGOs INDUSTRY etc. HMIS HIV DATA WAREHOUSE OTHER DATA SOURCES eg SOCIAL SECURITY, VITAL STATISTICS, LABOUR, ECONOMIC STATISTICS CENSUS DATA, STUDIES, DHS etc HL7/ PAPER HEALTH FACILITY COMMUNITY
The amount data being collected and stored is increasing enormously, affecting people’s lives in many ways. • A story from the field ……Tanzania
Another story from the field…. ……….United Kingdom ………………
Missing discs from HM Revenue & Customs Office • In November 2007, two computer discs holding the personal details of all families in the UK with a child under 16 went missing – this involved 7.3 million families & 25 million individuals. • The Child Benefit data on them included name, address, date of birth, National Insurance number and, where relevant, bank details of 25 million people.
Missing discs from HM Revenue & Customs Office 2 • A password protected disc containing a full copy of HMRC's entire data in relation to the payment of child benefit was sent to the National Audit Office, by HMRC's internal post system operated by the courier TNT on two separate occasions. • Each time, the package was not recorded or registered and on these two occasions the data “failed to reach the addressee in the NAO."
Geneva 2006 Workshop • A three-day Workshop was held in Geneva, Switzerland 15th-17th May 2006, • The Workshop’s aim was to develop draft guidelines on protecting the confidentiality and security of HIV information, and to produce a plan to field test them within countries. • It was attended by a multidisciplinary group of health professionals, country representatives and community members, including people living with HIV. • It involved plenary sessions and small and large group work.
GUIDELINES on PROTECTING the CONFIDENTIALITY and SECURITY of HIV INFORMATION: Proceedings from a Workshop 15-17 May 2006, Geneva, Switzerland INTERIM GUIDELINES 15 May 2007 http://www.unaids.org/en/HIV_data/Confidentiality_HIV_information/default.asp
The purpose of defining information confidentiality and security principles is to ensure that data are used to serve the improvement of health, as well as the reduction of harm, for all people, healthy and not healthy.
Pursuing this goal involves an ongoing process of refining the balance between: • maximizing of benefits – benefits that can and should come from the wise and fullest use of data, and • protection from harm – harm that can result from either malicious or inadvertent inappropriate release of individually identifiable data.
Security against access is not an end in itself; • Legitimate access to essential data must also be secured. • Appropriate policy, procedures, and technical methods must be balanced to secure both individual and public protections.
Interrelated Concepts related to Data Protection • Privacy , which is both a legal and an ethical concept. The legal concept refers to the legal protection that has been accorded to an individual to control both access to and use of personal information and provides the overall framework within which both confidentiality and security are implemented. • Confidentiality, which relates to the right of individuals to protection of their data. • Security which is a collection of technical approaches that address issues covering physical, electronic, and procedural aspects of protecting information.
Technical Issues Covered Technical Guidelines: • Types of data (identifiable, anonymized, psuedo-anonymized) • Organization and procedures • Collection of personally identifiable data • Storage of confidential data • Use of data • Dissemination of information • Disposal of information
Response to the Interim Confidentiality and Security Guidelines • Has been very positive • Both from middle- and lower-income countries • Also from high-income countries
Developments since the 2006 Workshop • Interim Guidelines published on the 15th May 2007 and available on the UNAIDS web-site • Country Questionnaire was developed based on the Guidelines. • Country assessment tool is in the process of being developed – MACRO • Country workshops started – Botswana • Workshop was recently held on developing Unique Health Service Identifiers
Country Questionnaires • Questionnaire was developed based on the Interim Guidelines. • Two versions were developed: one for countries which claimed that they had already developed such guidelines and a second for countries which had not. • Content of the questionnaires were the same but questions were phrased differently; • Both questionnaires were piloted, revised and translated into French, Spanish, Portuguese and Russian
Country Questionnaires • Questionnaires were sent to 80 UNAIDS country offices, covering 98 countries, with the request to engage country PEPFAR staff, country professionals or other relevant local informants. • 78 completed questionnaires were returned; • 21 from countries claimed to have developed guidelines (G-countries) and 57 which had not developed them (NG-countries).
Country Questionnaires • covered three broad areas • existence of privacy laws in the country • Existence of HIV information system • Technical aspects • For the analyses, the 54 questions were aggregated under 6 broad areas, which enabled an aggregate standardized country score to be calculated: • Information infrastructure • Country policies • Data collection • Data storage • Data access • Data transfer
Results No significant associations were found between country scores and • HIV prevalence, • GNP per capita; • OECD country classification; • PEPFAR country; Significant associations were observed between scores and being a G- or NG-country
Conclusions • Comparison between G- and NG-countries to some extent reflected ‘reality’ versus ‘wish-list’; • None of the G-countries did have guidelines to the extent as described in the Interim Guidelines. • The adaptation, adoption and implementation of the Interim Guidelines will require resources, which may be problematic in some low-resource situations. • The Interim Guidelines are based on an human-rights approach, which may - not yet - be operative in all countries
Unique Health Service Identifier Workshop • Held in Montreux 24th-26th February 2008; • Grounded on the Interim Guidelines and a large number of the attendees of the 2006 Workshop attended and the format used was very similar • Main outcome that participants agreed for the need for countries to develop unique health service identifiers, leaving the way open for including other services – social, labour, educational services – at a later stage. • Should be separate from a national ID number
Next steps • Publish the country findings in more detail • Publish the proceedings of the Unique Health Service Identifier Workshop • Need a follow up meeting to focus on the technical aspects of country health service identifiers • Work with select number of ‘pilot countries’ to facilitate the adaptation, adoption and implementation of the Confidentiality + Security and Health Service Identifier Guidelines • Needs to be integrated with the development of the country health information system
Finally ……… ……. the greatest threats to information systems are generally not from outside attack, but rather from issues inherent in the system design and implementation. • These threats fall into two categories: non-availability of data due to system failure and user errors.