How patient participation now emerges in the field of privacy and how this can be
increased: The case of the Maasstad Hospital
Health Care Management, Erasmus School of Health Policy and Management
Digitalization of Health Care Governance
Rotterdam, June 12th, 2022
Word count: 13233 including in-text references
, 2
Preface
[personal]
, 3
Abstract
Introduction and theoretical framework: Standards and regulations have been drawn
up for patient privacy in the digitization of care to guarantee the security of personal data, and
patient participation is considered important in healthcare, because it increases the quality of
care. The aim of this study is to present advice to increase patient participation in the context
of patient privacy, to guarantee the privacy of the patient according to the standards,
regulations and preferences of the patient in the rapid digital developments. In this context,
eHealth is defined as the organization and delivery of health services and information using
the Internet between the Maasstad Hospital and her patients. Furthermore, this research takes
the NEN 7510, GDPR, ISO/IEC 27701:2019 and patient participation into account.
Methodology and results: To reach the aim of the study, questionnaires were
conducted to patients at the Maasstad Hospital, and employees of the hospital were asked for
the interviews. Respondents for the questionnaires were randomly selected. Respondents for
the interviews were selected as long as they did not work for the department Information
Management. The responses to the questionnaires were analyzed using frequencies and a
Kruskal-Wallis One-Way ANOVA test, and the interviews were analyzed by open, axial and
selective coding. The results showed that the practical privacy measures resulting from the
ISO/IEC 27701:2019 is suitable for the patients, but that patient participation on the aspects
involved in choices, good information and good support is not sufficient.
Conclusion: Based on the results, the Maasstad Hospital should pay more attention to
the patient’s involvement and inform them in their practical privacy measures. On this basis,
the patient’s perspective should be taken into account, by involving them in the design of
processes of practical privacy measures, according to relevant rules and regulations. Another
advice is to provide information to patients, so they gain knowledge about privacy. The lack
of good information can be addressed by providing an informative leaflet or displaying
information on the website or patient portal. In all cases, it must be taken into account that the
text is easy to understand and not too long. This can help patients make informed choices and
can ensure greater support for certain practical privacy measures. Furthermore, increasing
patient participation is possible by embedding the IGJ eHealth assessment framework in the
NEN 7510.
Discussion: This research is a confirmation and complementation of the existing
literature on patient participation in combination with privacy, because it supports previous
research and provides concrete advice. Follow-up research can focus on respondents that are
only patients, older patients for the interviews and other hospitals or areas.
, 4
Table of contents
Chapter 1. Introduction..........................................................................................................................5
1.1 Problem statement.......................................................................................................................6
1.2 Aim of study, research questions and relevance..........................................................................7
1.2.1 Aim of study...........................................................................................................................7
1.2.2 Research questions................................................................................................................7
1.2.3 Societal relevance..................................................................................................................8
1.2.4 Scientific relevance.................................................................................................................8
1.3 Reading guide...............................................................................................................................9
Chapter 2. Theoretical framework........................................................................................................10
2.1 Basic concepts............................................................................................................................10
2.2 Relevant laws and regulations....................................................................................................12
2.3 Health and Youth Care Inspectorate’s eHealth assessment framework.....................................13
2.4 Practical privacy measures resulting from the ISO/IEC 27701:2019...........................................15
2.5 The framework...........................................................................................................................16
Chapter 3. Research methods..............................................................................................................18
3.1 Data gathering............................................................................................................................18
3.1.1 Semi-structured interviews..................................................................................................18
3.1.2 Conducting questionnaires...................................................................................................19
3.2 Data analysis...............................................................................................................................20
3.3 Ethical considerations.................................................................................................................20
3.4 Validity and reliability.................................................................................................................21
Chapter 4: Results.................................................................................................................................24
4.1 How is patient participation, in the context of the eHealth assessment Dutch national
framework of the IGJ, experienced by patients in the Maasstad Hospital?......................................25
4.2 How do patients look at the practical privacy measures resulting from the international ISO/IEC
27701:2019?.....................................................................................................................................30
Chapter 5: Conclusion...........................................................................................................................42
Chapter 6: Discussion...........................................................................................................................45
References............................................................................................................................................47
Appendices...........................................................................................................................................49
Appendix I: Topic list interviews (Dutch)..........................................................................................49
Appendix II: Questionnaire for patients (Dutch)...............................................................................51
increased: The case of the Maasstad Hospital
Health Care Management, Erasmus School of Health Policy and Management
Digitalization of Health Care Governance
Rotterdam, June 12th, 2022
Word count: 13233 including in-text references
, 2
Preface
[personal]
, 3
Abstract
Introduction and theoretical framework: Standards and regulations have been drawn
up for patient privacy in the digitization of care to guarantee the security of personal data, and
patient participation is considered important in healthcare, because it increases the quality of
care. The aim of this study is to present advice to increase patient participation in the context
of patient privacy, to guarantee the privacy of the patient according to the standards,
regulations and preferences of the patient in the rapid digital developments. In this context,
eHealth is defined as the organization and delivery of health services and information using
the Internet between the Maasstad Hospital and her patients. Furthermore, this research takes
the NEN 7510, GDPR, ISO/IEC 27701:2019 and patient participation into account.
Methodology and results: To reach the aim of the study, questionnaires were
conducted to patients at the Maasstad Hospital, and employees of the hospital were asked for
the interviews. Respondents for the questionnaires were randomly selected. Respondents for
the interviews were selected as long as they did not work for the department Information
Management. The responses to the questionnaires were analyzed using frequencies and a
Kruskal-Wallis One-Way ANOVA test, and the interviews were analyzed by open, axial and
selective coding. The results showed that the practical privacy measures resulting from the
ISO/IEC 27701:2019 is suitable for the patients, but that patient participation on the aspects
involved in choices, good information and good support is not sufficient.
Conclusion: Based on the results, the Maasstad Hospital should pay more attention to
the patient’s involvement and inform them in their practical privacy measures. On this basis,
the patient’s perspective should be taken into account, by involving them in the design of
processes of practical privacy measures, according to relevant rules and regulations. Another
advice is to provide information to patients, so they gain knowledge about privacy. The lack
of good information can be addressed by providing an informative leaflet or displaying
information on the website or patient portal. In all cases, it must be taken into account that the
text is easy to understand and not too long. This can help patients make informed choices and
can ensure greater support for certain practical privacy measures. Furthermore, increasing
patient participation is possible by embedding the IGJ eHealth assessment framework in the
NEN 7510.
Discussion: This research is a confirmation and complementation of the existing
literature on patient participation in combination with privacy, because it supports previous
research and provides concrete advice. Follow-up research can focus on respondents that are
only patients, older patients for the interviews and other hospitals or areas.
, 4
Table of contents
Chapter 1. Introduction..........................................................................................................................5
1.1 Problem statement.......................................................................................................................6
1.2 Aim of study, research questions and relevance..........................................................................7
1.2.1 Aim of study...........................................................................................................................7
1.2.2 Research questions................................................................................................................7
1.2.3 Societal relevance..................................................................................................................8
1.2.4 Scientific relevance.................................................................................................................8
1.3 Reading guide...............................................................................................................................9
Chapter 2. Theoretical framework........................................................................................................10
2.1 Basic concepts............................................................................................................................10
2.2 Relevant laws and regulations....................................................................................................12
2.3 Health and Youth Care Inspectorate’s eHealth assessment framework.....................................13
2.4 Practical privacy measures resulting from the ISO/IEC 27701:2019...........................................15
2.5 The framework...........................................................................................................................16
Chapter 3. Research methods..............................................................................................................18
3.1 Data gathering............................................................................................................................18
3.1.1 Semi-structured interviews..................................................................................................18
3.1.2 Conducting questionnaires...................................................................................................19
3.2 Data analysis...............................................................................................................................20
3.3 Ethical considerations.................................................................................................................20
3.4 Validity and reliability.................................................................................................................21
Chapter 4: Results.................................................................................................................................24
4.1 How is patient participation, in the context of the eHealth assessment Dutch national
framework of the IGJ, experienced by patients in the Maasstad Hospital?......................................25
4.2 How do patients look at the practical privacy measures resulting from the international ISO/IEC
27701:2019?.....................................................................................................................................30
Chapter 5: Conclusion...........................................................................................................................42
Chapter 6: Discussion...........................................................................................................................45
References............................................................................................................................................47
Appendices...........................................................................................................................................49
Appendix I: Topic list interviews (Dutch)..........................................................................................49
Appendix II: Questionnaire for patients (Dutch)...............................................................................51
