Skip to Main Content
Accurate and reliable information sharing is essential in the healthcare domain. Currently, however, information about individual patients is held in isolated medical records maintained by numerous separate healthcare providers. Accurately linking this information is necessary for planned nationwide Electronic Health Record systems, but this must be done in a way that not only satisfies traditional data confidentiality requirements, but also meets patientspsila personal privacy needs. Here we present an architecture for linking electronic medical records in a way that gives patients control over what information is revealed about them. This is done through the use of indirect pseudonym identifiers. We then explain how this architecture can be implemented using existing technologies. A case study is used to show how our architecture satisfies data accuracy needs and patientspsila privacy requirements.