skip to Main Content
BY THE DUTCH DATA PROTECTION AUTHORITY: Draft Law On The Exchange Of E-data For The Health Assistance, Risk Of Damages To The Health Professional Secrecy

BY THE DUTCH DATA PROTECTION AUTHORITY: draft law on the exchange of e-data for the health assistance, risk of damages to the health professional secrecy

This post is also available in: Italiano Español Français

The Dutch Data Protection Authority (AP) has some objections on the draft law on the exchange of health e-data. This draft law obliges health operators to exchange electronically personal data of patients in specific situations. The AP see the risk that health operators are obliged to breach their health professional secrecy in the practice. It is affirmed by the legislative opinion that AP has left to the Health, Welfare and Sport Ministries.

Situations in which health operators will be obliged to exchange data by an electronic way will be successive determined in administrative general orders (AMvB). The draft law imposes also requirements to the ITC systems which with will be exchanged data.

The AP has the following objections to the draft law

Risks of breaches of the professional secrecy

The AP identifies the risks that health operators are in a coercive position, which shall affect their health professional secrecy. Because if it is explicated in detail which data a health operator shall exchange electronically, practically there are only two options.

Which are: exchange electronically all the prescribed data or, if the health operator considers that are too much data in the specific case, do not exchange any data. Both options are undesirable.

The advice of the AP is to mention this risk in the explication notes of the draft law and mention with which measures it is possible to prevent the risk.

Security requirements are spreading out

Health juridical security standards will not find anymore feedbacks in the Decree on the Electronic Processing of Data based on Health (Begz), but they are also in different ordinances based on the draft law.

The AP recommends that all the security requirements are reunited in a statutory regulation. In order that requirements will be easy to find, connected and coherent.

SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DEI PAESI BASSI – AP

Back To Top