Patient consent - EESZT Információs portál

Your health data and documents registered within the EESZT can only be viewed by your general practitioner and treating physician. Pharmacy systems can only access prescription data. You can grant access to your health data and to continuously monitor it electronically on our site and at the Government Customer Service in person through various settings.

The EESZT can be customised with patient consent

your health data and documents can be viewed by only your general practitioner and treating physician.
pharmacists can only retrieve prescription data,
you can set when to receive e-mail notifications from the system in relation to a given EESZT event,
you can continuously keep track of who requests access to your data,
you have the option to set access restrictions for the visibility of your health data managed by the EESZT.

Patient consent relating to health data is a citizen’s right and responsibility. In order to protect personal data, the system allows every citizen to control access to their data entered into the National eHealth Infrastructure (EESZT) in the future. The option of digital patient consent is provided under provisions of Act XLVII of 1997 on the processing and protection of health care and related personal data as amended by Act CCXXIV of 2015.

Within the framework of your patient consent, your authorisations or restrictions determine the scope of your health data accessed by your general practitioner and treating physician(s), and the given pharmacists who can access your prescription data generated within one year. It is therefore particularly important to take prudent and responsible decisions relating to the settings.

Digital patient consent options

You can set the appropriate patient consent status and can modify it any time.
In the data processing log you can view the list of EESZT operations relating to your health data (queries, uploading of data and documents) and their details in chronological order. You have the option to filter the list by period. What can you see in the log?
- time of the operation,
- name of the physician or pharmacist executing the operation,
- unique identifier of the operation,
- name of the health care institution and organisation unit executing the operation, and name of the pharmacy,
- type of operation,
- aspects of Digital Patient Consent relating to the operation (e.g. whether access is authorised),
- documents relating to the operation,
- operation identification code.
You may provide information on restriction: You can decide whether your general practitioner, treating physician or pharmacist should receive information on your restriction of access to your specific data.
You can provide notifications: You can provide the e-mail address to receive notifications from the system, if your general practitioner or treating physician uploads any of your data or patient documents (e.g. medical records, prescriptions) to the EESZT.
You can provide the phone number of the person to be notified in the case of an emergency: You can provide the phone number of the person to be notified in case of a health emergency to the authorised health care institution.

How can you grant patient consent?

You may grant digital patient consent on the EESZT Public Portal, on the following website: www.eeszt.gov.hu. Logging in to the portal requires entry of your username and password related to your personal client gateway, and your TAJ (social security) number. If you do not have client gateway access please enquire as to the application procedure and register.

You may also grant patient consent at the Government Customer Services in person, for which it is necessary to present the document proving personal identity (personal identification card, driving licence or passport) and your TAJ card.

How can you regulate access to your data with patient consent statuses?

With a general status, access to your most sensitive health data is generally restricted. Only physicians of the given field of expertise have access to your documents related to:

psychiatric,
addictive,
sexually transmitted,
and HIV/AIDS

diseases.

You can overwrite the basic status at any time with individual rules, but by returning to this page, you can also invalidate rules set elsewhere. The categories used by the EESZT do not cover all diseases occurring within the health care network and all documents. You can regulate access to data falling outside of the categories through detailed patient consent, based on the source of the given document.

By use of the simplified patient consent status, you can have access to documents relating to a given field of specialisation:

authorised (accessible to all persons querying data),
restricted (no querying person has access),
blocked, but authorised in case of professional matching (accessible only to treating physicians falling in the medical-professional category of the given care).

If a basic status was valid earlier, here you can change settings to switch to a regulated status. The categories used by the EESZT do not cover all diseases occurring within the health care network and all documents. You can regulate access to data falling outside of the categories through detailed patient consent, based on the source of the given document.

By setting a combined patient consent status, you can set combined access provisions for querying persons, data of types of documents and disease categories, and in relation to sources of facilities. In this status you can

grant authorisation (determine exceptions),
impose restrictions (determine blocking rules).

Combined sets of rules can also be defined among the provisions “AND” the relationship available here.

The examples below illustrate the Combined Patient Consent Status:

Example 1: I prohibit the Department of Internal Medicine of the Example Hospital to access my medical records falling into the gynaecological category, if these were issued by the Department of Gynaecology of the Sample Hospital.

Example 2: I authorise Dr John Physician (stamp No. 12345) to access my medical records falling into the addictology category if these were issued by the Example Hospital.

Example 3: I prohibit all employees of Example Hospital from accessing any of my medical records.

Example 4: I authorise Dr John Physician (stamp No. 12345) to access all my documents issued by the Example Hospital.

When selecting full blocking of access status, all users on the health provider side are blocked from accessing your data registered within the EESZT.

The listed 3 types of statuses can be freely set in unlimited number and directions.

You may not regulate documents of unfilled ePrescriptions and unvalidated eReferrals.
In relation to emergency care, in justified urgent cases stipulated by law, the treating physician may access your data notwithstanding any stipulated regulations, which is logged by the system in each case, therefore its justification can be subsequently verified in each case.

Special permission

If you would like to grant authorisation to your treating physician to access your documents on grounds of an examination or treatment notwithstanding the set restrictions, you may do so by issue of a 24-hour special permission for the given calendar day and to the name of the physician concerned.

How can you go about this?

on the digital patient consent platform, on the Public Portal (www.eeszt.gov.hu)
in situ, at the physician, in writing (the legal representative may also perform this at the examination location). Documents downloadable and printable for the written 24-hour permission:
- Declaration: if you grant access to your health data and documents stored in your own EESZT for the given treating physician for a given calendar day, notwithstanding digital patient consent restrictions.
- Record: if you grant 24-hour access for the treating physician to the health data and documents of a person, on behalf of whom you act as legal representative.

Other patient consent options

eProfile data processing: You can set regulation you deem appropriate in relation to the processing of your health data concerning the eProfile and modify these at any time. Options for regulating eProfile data:

Authorisation of sending and querying,
Blocking of sending new data,
Full blocking.

Pharmacological history: You can grant access to data of pharmaceutical products filled within one year for pharmacists:

Authorisation (default),
Blocked.

To promote effective and safe pharmacological treatment, and cost-effective pharmacological therapy, the pharmacist may access data generated within one year in relation to your pharmacological treatment through the EESZT (except for data on pharmaceutical products used for treating mental and behavioural disorders, and sexually transmitted diseases). The pharmacist can access the name, quantity of the pharmaceutical product, and the time of prescription filling. You may modify patient consent at any time.