|
Work item:
|
H.862.9 (ex F.HR-AP)
|
|
Subject/title:
|
Framework for access permission of health data in digital health platform
|
|
Status:
|
Determined on 2025-10-17 [Issued from previous study period]
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2025-10 (Medium priority)
|
|
Liaison:
|
IHE, HL7, ISO TC215
|
|
Supporting members:
|
ETRI, Republic of Korea
|
|
Summary:
|
In digital health, a wide range of health-related data is generated through various means, such as wearable devices, environmental sensors, and mobile applications. The health data generated from wearable devices and sensors are biometric measurements, activity records, behavioural patterns, and other passively collected personal health data. Mobile applications collect self-reported data such as health status, personal goals, and medication intake. These types of health data can be stored in the digital health platform and used to support healthcare services, wellness monitoring, and other personalised health promotion activities.
Recently, observational data measured by personal health devices in the daily life have been increasing dramatically. This type of data is valuable in estimating an individual’s health condition and can serve as a useful reference for face-to-face encounters with healthcare professionals.
The health data generated within healthcare organizations is protected under regulatory policies and accessed only with strict permission. However, there is no standardised method to protect and manage access to the health data collected outside healthcare settings. Data such as weight, physical activity, and dietary habits are still considered sensitive and handled with appropriate access controls. A standardized approach for granting access permission to health data is necessary to enable its use in various applications, including personal health management, lifestyle improvements, and health-related research.
The framework for access permission enables the digital health platform to grant access to the health data based on factors such as the intended purpose of usage, the role of the data recipient, relationship with the data owner, consent from the data owner, and the context in which the data is utilised. The purpose of this framework is to ensure that the health data is accessed and used securely, prioritising privacy, and data protection.
This draft Recommendation provides guidelines and a framework for managing access permissions to health data within the digital health platforms. This framework is intended to control and manage access to the health data. The exchange of information related to requesting and granting access permissions can be realised using the existing health IT standards, such as HL7 FHIR, to ensure that the practical issues related to interoperability are effectively addressed.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2023-08-21 14:38:05
|
|
Last update:
2025-11-05 10:59:27
|
|
