Cookies on this website

We use cookies to ensure that we give you the best experience on our website. If you click 'Accept all cookies' we'll assume that you are happy to receive all cookies and you won't see this message again. If you click 'Reject all non-essential cookies' only necessary cookies providing core functionality such as security, network management, and accessibility will be enabled. Click 'Find out more' for information on how to change your cookie settings.

Background: Routinely collected clinical data is increasingly used for health service management, audit, and research. Even apparently anonymised data are subject to data protection. The relevant principles were set out in a treaty of the Council of Europe and subsequent policy has been based on these. However, little has been written about implementing policy and the role of health informaticians in this process. Objective: To define the elements of an effective implementation policy; the role of the health informatician in protecting processed clinical data. Methods: We performed a literature review of bibliographic databases, a manual search of the major medical informatics associations' websites, relevant working groups and an affiliated journal. Fifty-four papers relevant to implementation were identified. Results: The effective implementation of policy requires consideration of technical, organisational, personnel and professional issues. However, there is no clearly defined formula for successful implementation of data protection policy. Conclusions: Patients and professionals need a system they can trust, and processes that can be easily incorporated into everyday practice. The lack of a core generalisable theory or strong professional code in health informatics limits the ability of the health informaticians to implement policy. © 2005 Elsevier Ireland Ltd. All rights reserved.

Original publication




Journal article


International Journal of Medical Informatics

Publication Date





261 - 268