European Data Protection Supervisor
European Data Protection Supervisor

Health

Health

The General Data Protection Regulation (GDPR) recognises data concerning health as a special category of data and provides a definition for health data for data protection purposes. Though the innovative principles introduced by the GDPR (privacy by design or the prohibition of discriminatory profiling) remain relevant and applicable to health data as well, specific safeguards for personal health data and for a definitive interpretation of the rules that allows an effective and comprehensive protection of such data have now been addressed by the GDPR. Processes that foster innovation and better quality healthcare, such as clinical trials or mobile health, need robust data protection safeguards in order to maintain the trust and confidence of individuals in the rules designed to protect their data.

Filters

Pages

30/04/2013
30
Apr
2013
27/03/2013
27
Mar
2013

eHealth Action Plan 2012-2020

Opinion on the Communication from the Commission on 'eHealth Action Plan 2012-2020 - Innovative healthcare for the 21st century'

Tags:
27/02/2013
27
Feb
2013
08/02/2013
8
Feb
2013

In vitro diagnostic medical devices

Opinion on the Commission proposals for a Regulation on medical devices, and amending Directive 2001/83/EC, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009 and a Regulation on in vitro diagnostic medical devices

Tags:
19/12/2012
19
Dec
2012

Clinical trials on medicinal products

Opinion on the Commission proposal for a Regulation on clinical trials on medicinal products for human use, and repealing Directive 2001/20/EC

Tags:
29/06/2012
29
Jun
2012
28/03/2012
28
Mar
2012

Cross-border threats to health

Opinion on the proposal for a decision of the European Parliament and of the Council on serious cross-border threats to health

Executive summary of the EDPS OpinionPDF icon
03/12/2010
3
Dec
2010

2009 Annual Report - A year of major importance for the fundamental right to data protection

The report shows that 2009 was of major importance for the fundamental right to data protection.

This is due to a number of key developments: the entering into force of the Lisbon Treaty, ensuring a strong legal basis for comprehensive data protection in all areas of EU policy; the start of a public consultation on the future of the EU legal framework for data protection; and the adoption of a new five-year policy programme for the area of freedom, security and justice ("Stockholm Programme") with the emphasis on the importance of data protection in this area.

The EDPS has been highly involved in these fields and is determined to pursue this course in the near future. 

You can obtain a paper version of this Annual Report on EU Bookshop

Full text of the Annual Report:PDF icon
26/04/2010
26
Apr
2010

Early Warning Response System ("EWRS") - European Commission

Opinion of 26 April 2010 on a notification for prior checking on the Early Warning Response System ("EWRS") (Case 2009-0137)

07/09/2009
7
Sep
2009

EudraVigilance database - EMEA

Opinion of 7 September 2009 on a notification for prior checking regarding the EudraVigilance database (Case 2008-402)

EMEA manages the EudraVigilance database whose originates from National Competent Authorities, Market Authorization Holders and sponsors of clinical trials.  The purpose of the database is to evaluate suspected adverse reactions to medicinal products for human use. The EDPS considers that the processing is lawful to the extent that EMEA follows the recommendations included in the Opinion, particularly those regarding the data quality principle.

The EDPS recommended, among others, that EMEA:

  • Engages in an examination of the possibility to minimize the personal data recorded in ICRs as well as of the possibility to anonymise or pseudoanonymise personal information contained in ICRs;
  • Considers whether a  limited conservation period would fulfill the purposes sought by the data processing;
  • Adopts the security measures described in this Opinion.
19/05/2009
19
May
2009
22/04/2009
22
Apr
2009

Pharmacovigilance

Opinion on the proposals for a Regulation and for a Directive on pharmacovigilance, OJ C 229, 23.09.2009, p. 19

17/03/2009
17
Mar
2009
05/03/2009
5
Mar
2009

Organ transplantation

Opinion of 5 March 2009 on the proposal for a directive on standards of quality and safety of human organs intended for transplantation, OJ C192, 15.08.2009, p. 6

05/03/2009
5
Mar
2009

Organs donation and transplantation: EDPS calls for enhanced security measures at national and cross-border levels

Today, the European Data Protection Supervisor (EDPS) adopted an opinion on the Commission's proposal for a Directive on standards of quality and safety of human organs intended for transplantation. The proposal provides for national quality programmes to advance organs donation and transplantation, including a traceability mechanism to ensure that all organs can be traced from donation to reception and vice versa.

12/12/2008
12
Dec
2008
03/12/2008
3
Dec
2008

EDPS opinion on patient's rights: specific data protection dimension of cross-border healthcare needs to be addressed in more concrete terms

On 2 December 2008, the European Data Protection Supervisor (EDPS) adopted an opinion on a proposal for a Directive on the application of patients' rights in cross-border healthcare. The proposal aims at establishing a Community framework for the provision of cross-border healthcare within the European Union (EU) for those occasions where the care patients seek is provided in another Member State than in their home country.

02/12/2008
2
Dec
2008

Cross-border healthcare

Opinion on the proposal for a Directive on the application of patient's rights in cross-border healthcare, OJ C 128, 06.06.2009, p. 20

04/06/2008
4
Jun
2008

Medical check-ups - CPVO

Opinion of 4 June 2008 on the notification for prior checking regarding pre-employment and annual medical check-ups (Case 2007-176)

This opinion concerns the pre-employment and annual medical check-ups organized at the CPVO. The recommendations of the EDPS include the following:

Regarding data quality, the scope of data collected on the medical overview form and the information included on the certificate of fitness should be revised to comply with the principles of relevance and proportionality.  As to the conservation of the data, a reasonable, definite time frame must be established by the CPVO for the conservation of each category of employee and candidate medical data held by the CPVO. On information to data subjects, clear and specific information needs to be provided to data subjects regarding all items listed under Articles 11 and 12 of the Regulation. With respect to the pre-employment medical check-up, the EDPS also recommends the additional information on anti-discrimination referred to in point 3.8.4 of the Opinion. Finally, with regard to processing data on behalf of controllers, the service contracts concluded with the CPVO Physician and the CPVO Medical Centre should be modified to address data protection aspects pursuant to Article 23 of the Regulation. Instructions should be provided to the processors to comply with the minimum data protection safeguards recommended in this Opinion.

19/09/2007
19
Sep
2007

Pages