Asset Publisher

Sharing of patient data is streamlined with the authorisation for outsourcing service providers

Blog Written on 17.05.2019 All blogs

Authorisation for outsourcing service providers is a functionality in the Patient Data Repository of the Kanta Services, through which the outsourcing service organisers and providers are able to share the required patient data quickly and safely.

Outsourcing services and voucher-based provision of services have become more widely used in healthcare over the past ten years. Organisations responsible for arranging the service do not always have the resources or opportunity to provide the service themselves, in which case they can purchase the service from an outsourcing service provider. 

Often, the problem with outsourcing services is the sharing of patient data between the organiser and the provider of the service. Patient documents created in the outsourcing service pertain to the patient register of the organiser responsible for the service. The patient register includes all of the patient’s medical records, test results, reports and other similar documents, which the service provider must deliver to the service organiser’s register. The outsourcing service provider must also obtain the necessary patient data from the service organiser for the purpose of patient care.

Authorisation for outsourcing service providers can be used patient-specifically, i.e. a service required by an individual patient is purchased from an outsourcing service provider.

“Patient data has been sent, e.g. by post, encrypted email or telephone. Sending and archiving of data between different locations is not only laborious, but also expensive. These days, as a result of electronic patient information systems, all healthcare service providers are capable of electronic saving of data, and it is safe to share patient data via the Patient Data Repository of the Kanta Services,” explains Project Manager Tarja Räty of the National Institute for Health and Welfare.

Authorisation for outsourcing service providers, the new functionality in the Patient Data Repository, enables electronic requesting and sharing of patient data in outsourcing service processes. The outsourcing service provider is given authorisation to access the patient documents of the service provider on an OSVA form, which is saved in the Patient Data Repository by the service organiser. At the same time, the service provider is given authorisation to save the created documents directly in the service organiser’s register. 

An illustration of a handshake between a doctor and a patient.

“Until now, the practices in outsourcing service situations have been fairly diverse. The new system prevents overlapping work processes and data security risks, and enables automated sharing of data between the service provider and the service organiser. The use of the authorisation for outsourcing service providers is a big step towards seamless sharing of patient data between various healthcare supply chains and service providers,” says Taru Saastamoinen, Development Manager, Digital Services at Mehiläinen.

When is authorisation for outsourcing service providers used?

Authorisation for outsourcing service providers can be used patient-specifically, i.e. a service required by an individual patient is purchased from an outsourcing service provider. In addition to a patient-specific outsourcing service, the authorisation can also be used at the population level, in which case the patients are not specified in advance, but the authorisation applies to the entire population of, e.g. a certain municipality.

Authorisation for the outsourcing service provider has been utilised since the beginning of April when a free-of-charge remote appointment service was opened to all residents in Tornio, Kemi and Keminmaa. The round-the-clock remote appointment service is provided by Mehiläinen. 

“The service is provided via a chat link where the resident receives care and assessment by a healthcare service provider and, if necessary, referral to treatment,” says Taru Saastamoinen.

What is required for the deployment of the authorisation for outsourcing service providers?

The outsourcing service organiser and provider must be users of the Patient Data Repository. In addition, their information systems must have the feature required for the authorisation for outsourcing service providers. Before the functionality is deployed, the information systems must carry out the deployment test determined by Kela.

“The first deployment tests have already been carried out, and the majority of patient information systems are almost there. We believe that some deployments will be carried out before the summer, with the bigger wave taking place in the autumn,” explains Tarja Räty with regard to the time schedule of deployment.

Räty also points out that a sufficient amount of time is also needed for preparing for the deployment of the functionality. “The service organisers and providers should consider how the authorisation for outsourcing service providers will change their operating methods. The preparations should already be under way to enable deployment of the functionality in the autumn at the latest. It is amazing how much technical work is involved in introducing new features of the patient information systems.”

The remote appointment system produced by Mehiläinen also required finetuning by both parties during preparation and deployment. In Länsi-Pohja, cooperation had already been carried out, which made it easier to perform the preparations required by the deployment. Tornio, Kemi and Keminmaa, as well as the information management of the Länsi-Pohja healthcare district are actively involved in the deployment of the authorisation for outsourcing service providers. Other elements were also intended for the system in addition to the national specifications so that doctors can avoid unnecessary extra work.

“Other processes, such as invoicing and reporting, are also related to the healthcare supply chains. These aspects must also be considered in connection with deployment to ensure a smoother entity,” says Taru Saastamoinen.

Further information

Authorisation for outsourcing service providers