Privacy in the EU Institutions

Opinion of 27 April 2009 on a notification for prior checking on the management of the medical data of children attending the inter-institutional crèches and kindergartens managed by the OIB (Case 2009-088)
On 27 April 2009, the EDPS adopted an opinion on the prior checking of the management of the medical data of children attending the inter-institutional crèches and kindergartens managed by the OIB. Given the particularly sensitive nature of the data being processed, the EDPS recommends that a specific legal basis should be put in place for the processing of data relating to health in the context of the crèches and kindergartens, and that at the very least the unambiguous consent of data subjects should be obtained to the medical monitoring of the children and the processing the data relating to their health by the medical service in the crèches and kindergartens. The EDPS also recommends that only data which is strictly necessary for the purposes of the processing operation should be collected, and therefore invites the medical service to re-evaluate whether the data collected on the medical form and during attendance at the crèches and kindergartens is proportionate. Regarding the storage of the medical files, the EDPS recommends that a storage period which is in proportionate to achieving the purposes of the processing operation should be adopted.

Opinion of 22 April 2009 on the notification for prior checking regarding "Junior Experts in Delegation" (Case 2008-754)

The purpose of the processing operation in this case is to examine the eligibility of candidates put forward by the Member States for the Junior Experts in Delegation (hereinafter "JED") programme, select JEDs, determine who will be offered a posting to a delegation, ensure proper implementation of all aspects of their two-year contract and evaluate their performance in discharging their duties within the delegation. This processing operation therefore falls within the scope of the prior checking procedure within the meaning of Article 27(2)(b) of Regulation (EC) No 45/2001.

Any person who submits an application for a JED post, any referees named by applicants or any person indicated by the JED as the person to contact in the event of an accident/emergency and, where applicable, the JED's spouse.

In its recommendations, the EDPS emphasised inter alia that the Commission should:

• reword as soon as possible the sentence on the candidates' right of appeal against the decision of the selection panel, in order to indicate more clearly the available channels and procedures for appeal;
• remove the requirement to submit a photograph with the application form without prejudice to the formal identification of the data subject at a later stage in the selection process; 
• indicate that the sentence "Other elements to be taken into consideration" on the application form is optional and reword it so that it specifies that the information provided should be strictly relevant to the candidate's university and professional career;
• insert a note in both the application form and in the information sheets stating that the data subjects themselves should inform their referees, the persons to be contacted in the event of an emergency and their spouses that their data might be processed in the course of the processing operation.

Answer to a notification for prior checking relating to events organisation (Case 2009-040)

Answer to a notification for prior checking related to the use of mobile phone by staff going on mission (Case 2009-162)

Opinion on the Recommendation for a Council Regulation amending Regulation (EC) No 2533/98 concerning the collection of statistical information by the European Central Bank, OJ C 192, 15.08.2009, p. 1