Hi, How serious is it really?
Is there anybody with a legal opinion? I only have a laymans opinion about this ridiculous patent. Gerard ps: A few snippets from en CEN/TC251 standard published in 1999. CEN/TC251 ENV 13606: 1. Scope This European Prestandard specifies messages that enable exchange of electronic healthcare record informationbetween healthcare parties responsible for the provision of clinical care to an individual patient. These messages allow information from an electronic healthcare record held by one health professional to be sent to another healthprofessional. The messages specified by this European Prestandard can be used to convey:? a complete copy of a patient's record as stored in one information system; ? parts of a patient's record that form a logically sound extract or summary of that record;? parts of a patient's record used for updating a parallel record on another system. The primary purpose of these messages is to support the provision of care to individual patients. The availability ofconsistent, continuing clinical care, when and where it is needed, requires appropriate and unambiguous communication between clinical professionals. The messages specified by this European Prestandard are designed to meet thisrequirement by enabling users of different clinical information systems to exchange electronic healthcare record information. Implementation of these messages will therefore assist the maintenance of timely and appropriate patientrecords. With a definition of Health care party: -- 3.39. healthcare party. Organisation or person involved in the direct or indirect provision of healthcare services to an individual or to a population. -- Met andere woorden. Hetgeen functioneel beschrven staat is omvat in de CEN voornorm voor het EPD. The concept "Template" is mentioned. Any input screen is a template. And before 1999 this concept was defined and in use. As far as Access Control is concerned Part 3 of the CEN/TC251 ENV 13606 is about the expression of elements needed for access control. 1 Scope This European prestandard specifies data objects for describing rules for distribution or sharing of electronic healthcare records in whole or in part. This European prestandard establishes general principles for the interaction of these data objects with other components and mechanisms within an electronic healthcare record application, thereby controlling the distribution of electronic healthcare records in whole or in part. This European prestandard establishes ways of creating information with associated security attributes. This European prestandard defines a methodology for constructing rules built from defined data objects, capable of being implemented using a range of techniques, to effect the control of sharing of electronic healthcare record data. This European prestandard establishes principles that allow security policies to be implemented and incorporated in order to ensure the safe use of the data. This European prestandard specifies a method for constructing an Access Log, that can be rendered human viewable, that records distribution of the data to which a Distribution Rule is attached. This European prestandard does not specify the mechanisms and functions that take part within the negotiation procedure and therefore fully automate the data distribution process. This European prestandard does not specify the mechanisms and functions that will allow some systems to continuously reauthenticate the data communication session and monitor its integrity. This European prestandard allows the sharing of records distributed in space, time or responsibility. This European prestandard does not specify the data objects and packages represented in an Information System. At this moment I have no time to browse further. But on the website of NIST more is to be found about Role based Access published before 1999. And persons like Bernd Blobel and Ross Anderson wrote about security in health care gf -- <private> -- Gerard Freriks, arts Huigsloterdijk 378 2158 LR Buitenkaag The Netherlands +31 252 544896 +31 654 792800 On 23 Nov 2004, at 03:29, Tim Churches wrote: > There is some concern here in Australia over a patent application > lodged by the Pharmacy Guild of Australia over some rather generic > features of EHRs. These concerns are reported here: > > http://australianit.news.com.au/common/print/ > 0,7208,11467621%5E15319%5E%5Enb%20v%5E15306,00.html > > or here: > > http://snipurl.com/atst > > The application has been lodged under the international PCT (patent > co-operation treaty), and it appears that country level applications > have been lodged in at least the UK, Canada and the US, as well as > Australia. > > At a glance, there would not appear to be much in the way of novelty > in the claims, and several groups here in Australia plan to lodge > objections to the application. Others may wish to object to the > applications in their own countries. If anyone can suggest clear prior > art which was published before April 2002, and ideally before April > 2001, then please let me know (or post details to this list so the > prior art can be shared around). > > The details of the patent application, and a related one filed on the > same date, are as follows: > > "METHOD AND SYSTEM FOR SHARING PERSONAL HEALTH DATA" can be found here: > > http://v3.espacenet.com/textdoc? > CY=ep&LG=en&F=4&IDX=WO02073456&DB=EPODOC&QPN=WO02073456 > > or here: > > http://snipurl.com/atol > > Click on the tabs at the top to see the details of the patent claims. > > The details of the CR Group application for "METHOD AND SYSTEM FOR > SECURE INFORMATION" can be found here: > > http://v3.espacenet.com/textdoc?DB=EPODOC&IDX=WO02073455&F=0 > > or here: > > http://snipurl.com/ator > > The filing dates for both are 14 march 2002, with earliest priority > dates of 14 March 2001. > > Just to whet your appetite, here is Claim 1 of the Pharmacy Guild > application: > > "CLAIMS : 1. A method for a health care provider to obtain personal > health data relating to a consumer, the method comprising the steps of > : the consumer causing personal health data to be stored in a secure > repository, said repository requiring authentication of the consumer's > identity before the consumer is provided access to the repository; the > consumer selecting items of personal health data to share and > identifying a health care provider, or class of health care providers, > to whom access will be provided for those items of personal health > data; a health care provider providing authentication of their > identity to the consumer's secure repository and being provided access > to those items of personal health data of the consumer for which the > health care provider has been identified for sharing; the health care > provider using the personal health data of the consumer to determine > health care advice or the provision of a health care service for the > consumer; and the health care provider recording details of the > consultation and the advice or service provided to the consumer in the > secure repository of health data of the consumer." > > If this patent issues, we (or our govts) may find ourselves having to > pay royalties to the Pharmacy Guild of Australia to use any EHR > applications which meet this description, or having to challenge the > patent in court (expensive). Hence there is value in demolishing it > with prior art in the application stage - assuming that it survives > the examination phase (which it shouldn't, but as we know, the US > patent office seems willing to approve a patent for just about > anything, no matter how obvious or well-known the idea is, and the > Australian patent office managed to issue an innovation patent for the > wheel a few years ago...true!). > > Tim C -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 7884 bytes Desc: not available URL: <http://lists.openehr.org/mailman/private/openehr-technical_lists.openehr.org/attachments/20041124/c2f5c2f3/attachment.bin>