Data protection

Can the Italian healthcare system process sensitive personal data without explicit patient consent?

Emilio De Giorgi

On 27 March 2018, a draft of the legislative decree (Draft Decree) that is expected to replace the Italian Privacy Code following the entry into force of the EU General Data Protection Regulation (GDPR) was published.  The Draft Decree anticipates important novelties regarding the way in which medical facilities will have to handle the processing Read More

Belgium: Digital platform for medical files to be launched

Tine Carmeliet

In early January 2018, the Belgian Minister of Health published an announcement on the creation of a digital platform called the “Personal Health Viewer”. The goal of this digitalisation initiative is to engage patients in the management of their own health. In particular, the platform will enable patients to access their own medical file online and Read More

Dutch Supreme Court approves electronic exchange of patient data via healthcare infrastructure

Iradj Nazaryar

In December 2017, the Dutch Supreme Court ruled  that the electronic exchange of patient data via the so-called healthcare infrastructure is lawful. The infrastructure is a platform for the electronic exchange of patient data. The platform allows the observer of a general practitioner (GP), that is, a GP who temporarily replaces another GP, to access Read More

Dutch Data Protection Authority publishes guide on cloud storage of patient data

Iradj Nazaryar

The Dutch Data Protection Authority (DPA) recently published a guide intended for healthcare providers about the cloud storage of patient data. The guide provides a practical interpretation of the DPA’s Guidelines on personal data protection (2013) which indicate how healthcare providers can fulfil data protection obligations. The key points within the guide refer to: Patient Read More

WP 29 releases an extensive opinion on data processing at work

Inge Vanderreken

The EU’s “Article 29 Working Party” (WP29) has adopted new guidance on the processing of personal data in the employment context (the New Opinion). This New Opinion complements their 2001 opinion and 2002 working document. WP29 is the Data Protection Working Party established by Article 29 of Directive 95/46/EC. It is an independent European advisory Read More