Data protection

Belgium: Digital platform for medical files to be launched

Tine Carmeliet

In early January 2018, the Belgian Minister of Health published an announcement on the creation of a digital platform called the “Personal Health Viewer”. The goal of this digitalisation initiative is to engage patients in the management of their own health. In particular, the platform will enable patients to access their own medical file online and Read More

Dutch Supreme Court approves electronic exchange of patient data via healthcare infrastructure

Iradj Nazaryar

In December 2017, the Dutch Supreme Court ruled  that the electronic exchange of patient data via the so-called healthcare infrastructure is lawful. The infrastructure is a platform for the electronic exchange of patient data. The platform allows the observer of a general practitioner (GP), that is, a GP who temporarily replaces another GP, to access Read More

Dutch Data Protection Authority publishes guide on cloud storage of patient data

Iradj Nazaryar

The Dutch Data Protection Authority (DPA) recently published a guide intended for healthcare providers about the cloud storage of patient data. The guide provides a practical interpretation of the DPA’s Guidelines on personal data protection (2013) which indicate how healthcare providers can fulfil data protection obligations. The key points within the guide refer to: Patient Read More

WP 29 releases an extensive opinion on data processing at work

Inge Vanderreken

The EU’s “Article 29 Working Party” (WP29) has adopted new guidance on the processing of personal data in the employment context (the New Opinion). This New Opinion complements their 2001 opinion and 2002 working document. WP29 is the Data Protection Working Party established by Article 29 of Directive 95/46/EC. It is an independent European advisory Read More

UK ICO investigation into the Royal Free’s use of patient data used as an opportunity to educate

Charlotte Mullarkey

In a case which has wide implications for the health care sector, the UK Information Commissioner’s Office (ICO) has ruled that the Royal Free NHS Foundation Trust failed to comply with the UK Data Protection Act when it provided personal data of about 1.6 million patients to Google DeepMind.  The personal data was provided as Read More