Best Practice Management of Sensitive Patient Health Information of Medical Records for a Legally Compliant Use by the Medical Device Industry (Preprint)

Abstract

A development was mainly possible thanks to the intensive research and development cooperation between companies and medical institutions. An anonymization process must be at place to avoid any personal health information leakage when transferring data between medical institutions and medical technology companies.

Our aim in this study is the production process of how to securely share inpatient data with medical technology companies.

A designed process flow where the anonymization of patient data is guaranteed prior to any external sharing. This process flow has been also successfully implemented by an University Hospital (Clinic) in Ankara to ensure compliance with the highest patient security standards. These data were CT / MRI scans in pre-, intra-, and postoperative phases.

It has also been proven under real-life circumstances that the described process can indeed be applied for secure patient data transfer without PHI leak in a safe and effective manner.

The patient security process meets the strictest criteria for properly anonymized patient data. Also, this method requires only a minimal overhead from the clinician's perspective that comes with the additional benefit of increased readiness for supporting the efforts of the MedTech industry and playing an active role in shaping the future of MedTech development.