Abstract:
Privacy in health information system is important to ensure the confidentiality of sensitive and personal information belongs to individual remain intact. There are numerous cases of unauthorised intrusions of personal health information occurred but no legal action can be exerted due to the absence of a privacy act in Malaysia. Therefore, a preliminary observation has been conducted to review the current privacy implementations in management of personal health information at Malaysian government hospitals. Analysis was conducted based on OECD Fair Information Practices Guideline which has been the benchmark of most of the privacy and data protection legislation in the world. Interviews were conducted with key personnel in medical informatics and legal expertise using Privacy Impact Assessment (PIA) technique as guidance. The findings of the observation were then compared with the existing health information privacy acts. Then, recommendations were made to include those findings in the proposed privacy law or policy in Malaysia.