EHR and management of access rights to medical records

15 March 2021
  • Share this article :

The issue of the authorization policy for access to a patient’s medical record is an extremely broad topic. There are multiple solutions and several factors need to be taken into account due to the complexity of organizations and the plethora of professions involved.

The aim here is to go over a few basic points, describe some uses that were made possible by the advanced features created by certain SW publishers of the industry, including Evolucare, and provide an opportunity to reflect on the security policy and how it needs to be adapted to the changing practices and regulations.

  • Nadou Yeo, Information Systems Security Manager at Evolucare
  • Lân Guichot, Consultant
  • Romain Le Guilcher, Deputy Managing Director and Communications Director at Evolucare.

The management of access rights to medical records is in fact facing changes in clinical and medical practices and patient care:

  • We have gradually moved from a minimalist patient record to the most exhaustive record possible, covering the maximum number of specialties.
  • Patient care is evolving towards a logic of pathway which seeks to eliminate gaps between the episodes or stages of care in favor of a continuum of care approach across a particular area. Since this coordination requires the collaboration of the various departments, it is necessary to share the information produced by each one.
  • These same approaches are increasingly multipathological and require the sharing of information that is often critical to patient safety between the various episodes of care.
  • The patient has become a “patient/citizen” to be regarded holistically. In other words, taking into consideration both the health aspects and the medical and social aspects of their situation.
  • Healthcare organizations that started out as single entities are becoming multi-entity, for example regional hospital groups, clinic groups, etc.


Given these underlying trends, the current concepts for managing rights need adapting. In fact, it can be said that there are now two main concepts for the management of access rights:

  • Time-based model which allows a particular professional to access a patient’s history up to a given T time of care by said professional. Within a concept of pathways and patient care over time, this model needs to change to allow the physician to continue to monitor their patient beyond the consultation at time T.
  • Location-based model which links the patient to the physical location of their care. The emergence of telehealth requires this notion of hosting to be adapted accordingly.


A connection-based model would make it possible to accommodate these new requirements in terms of patient care: viewing of this nature would link a patient to a patient care team comprising professionals from various disciplines focused on one patient, within one approach and with continuity of care.

However, there are still two facts we must address which somewhat complicate the matter:

  • That of “moving” personnel, people who change services as the need occurs – more and more common in times when services are overwhelmed or in a pandemic like the one we are currently facing – and that we cannot include in all teams to give them rights to access all records. In such scenarios, it may be worth implementing solutions that recognize the setting from which the professional signs in to the IS and accesses the patient record by linking a workstation to a location and to specific rights over records.
  • The GDPR, which requires the patient’s informed consent to the sharing of their data, and which could hinder the rollout of digital tools or even result in loss of the opportunity to offer patients better care. To address this, France, for example, has adopted an opt-out rather than opt-in approach for its Shared Medical Record (SMR, DMP in french), thus reducing the risk of lost opportunities given that, in general, only 2% of patients state that they are not willing to share their data or wish to have it erased.


For the sake of completeness, we should address the issue of traceability and logging, which are the safeguards, although underused, against abuses. In practice, by implementing a robust retrospective policy retrospectively from these activity logs to identify abuses and unauthorized access, organizations can create a more open access policy for data by making the professionals accountable, thereby allowing them to access the data they deem necessary for their patient care and by sanctioning them in the event of apparent abuses.


…the last factor we would like to mention is convergence. The healthcare sector is changing rapidly and convergence is in everyone’s minds. It is often considered from the point of view of the convergence of information systems. However, the fact that the care facilities and institutions are not going to merge, but will remain separate entities, each with their own security policy, raises the question of the relevance of a convergence of the IS and prompts us to consider the issue from a different perspective, that of data convergence.