Abstract
Informed consent bears significant relevance as a legal basis for the processing of personal data and health data in the current privacy, data protection and confidentiality legislations. The consent requirements find their basis in an ideal of personal autonomy. Yet, with the recent advent of the global pandemic and the increased use of eHealth applications in its wake, a more differentiated perspective with regards to this normative approach might soon gain momentum. This paper discusses the compatibility of a moral duty to share data for the sake of the improvement of healthcare, research, and public health with autonomy in the field of data protection, privacy and medical confidentiality. It explores several ethical-theoretical justifications for a duty of data sharing, and then reflects on how existing privacy, data protection, and confidentiality legislations could obstruct such a duty. Consent, as currently defined in the General Data Protection Regulation – a key legislative framework providing rules on the processing of personal data and data concerning health – and in the recommendation of the Council of Europe on the protection of health-related data – explored here as soft-law – turns out not to be indispensable from various ethical perspectives, while the requirement of consent in the General Data Protection Regulation and the recommendation nonetheless curtails the full potential of a duty to share medical data. Also other legal grounds as possible alternatives for consent seem to constitute an impediment.
Similar content being viewed by others
Avoid common mistakes on your manuscript.
Introduction
Due to recent developments in the wake of the Corona-crisis, pleas for a nuanced reconsideration of the significant status assigned to the individual autonomy of patients in the practices of health care and health research, especially regarding the governance of patient data, may gain support quickly. In current privacy, data protection and confidentiality legislation, (informed) consent by the individuals involved plays an important role as one of the legitimising grounds for processing personal data, including personal health-related data. The requirement of consent is mostly based on a normative background theory of personal autonomy. In this article, we will discuss several possible ethical-theoretical justifications for a moral duty of personal health related data sharing. We will not argue why one or the other of these should be considered to be more convincing than the other. Instead, we will indicate which forms the implementations of the different justifications might take, and identify the impediments that existing relevant and applicable privacy, data protection and confidentiality laws might raise against these. Where we refer to a duty to share data, we will at first indiscriminately do so, and only later on distinguish between what might be called a basic or universal duty (applying in principle to everyone) and what might be called a supererogatory duty (motivated by a personal or group-owned ideal or aspiration, applying only to those who cherish the ideal or aspiration). In this analysis, we will pay special attention to the consent requirement with its latent normative autonomy theory in the background, but we will also discuss other legal bases as possible alternatives for the grounds for lawful processing of personal data than consent. Throughout this paper, we are not referring to legal obligations that are binding on the basis of laws, contracts or other legal arrangements, but to moral duties. We are first and foremost interested in whether and in what ways the existing legal framework in the field of privacy, data protection, and confidentiality impedes the implementation of such duties.
A data sharing duty and personal autonomy
The notion of autonomy dominant in current theoretical and practical ethics might be best referred to as a Millian one, after the philosopher John Stuart Mill (1806–1873). Although Mill did not himself develop a theory or notion of autonomy as such, many of his ideas about the respect owed to the individuality and freedom of persons (Mill, 1977, pp. 217, 224, 260–291, 294–299, 803, 939) are the main ingredients of current conceptions of patient autonomy also underlying its most important embodiment, i.e. the requirement of informed consent. In the Millian view, the preferences of the patient as authentic and original locus of control are quintessential. This would translate to the health care context as meaning that treatment and care ought to be subject to the agreement of the patient, as must be the use for research purposes of data and materials of the patient, full stop.
This predominant Millian view of autonomy is to be distinguished from what we prefer to call a Kantian view. Kant (1724–1804) actually coined and developed the notion of autonomy, which maybe is best referred to as a moral notion of autonomy, as the typically human capacity to impose moral rules upon oneself, in other words: the capacity to assume moral responsibilities, to engage in moral duties. In a Kantian view of patient autonomy, the patient’s will is primordial but not in the way that the Millian view and the doctrine of informed consent suggest. In the Kantian view, the patient’s will is not a purely subjective will as in the Millian view, but a will informed by moral principles. The patient’s will is deemed important, not just because it simply is the expression of his or her subjective preferences but because it is deemed good that the patient does what is right and good and that he or she does so freely.
Advocates of a view of patient autonomy that is more nuanced than the predominant Millian one may not always refer to themselves as proponents of a Kantian view of autonomy. Their perspectives can have diverging, in some respects even opposing, moral philosophical backgrounds. What most of them have in common, nonetheless, is the view that during the last five decades, doctors’ and nurses’ obligations on the one hand and rights of patients on the other, have received too much attention at the cost of responsibilities of patients for their own medical condition and vis-a-vis care providers and the care system (Brazier, 2006; English, 2005; Schmidt, 2007; see also: Buetow, 2014; Davies & Savulescu, 2019). The theoretical justifications put forward for the assignment of patients’ responsibilities are of different types. They can be utilitarian, deontological or communitarian (English, 2005). At times, the justification of the patients’ responsibilities follows considerations of reciprocity. Patient responsibility is then established on the basis of their receiving benefits from the (public) healthcare systems, itself often founded on solidarity (Brazier, 2006, pp. 401–402). Mostly, the patients’ responsibilities are considered to primarily relate to the patients’ own treatment, e.g. duties to provide correct and relevant information enabling care providers to make accurate diagnoses, and to provide the correct treatment correctly et cetera. In addition, authors put forward duties not to offend or harm the care providers or relevant third parties. A prima facie ethical duty to partake in (bio-)medical research has very hesitantly been put forward based on the principle of fairness or the responsibility not to harm others (Harris, 2005). Another line of reasoning starts from the assumption that (bio-)medical research creates the public good of knowledge (Schaefer et al., 2009). This knowledge is considered to benefit any citizen as it enables medical advances (e.g. the creation of vaccines), and necessitates the contribution of everyone (Schaefer et al., 2009).
Acclaim for responsibilities such as these might expand in the near future. Already for some decades and reinforced by the containment measures relating to the Corona-crisis, we are witnessing the gradually accelerated introduction of digital care often accompanied by claims about medical self-management and necessary changes in the roles of patients and care providers. We might be entering an era in which the patients will not merely be assigned responsibilities with regard to their own treatment or duties to respect and not to harm the care providers, but in which they also will be considered to have positive responsibilities towards the care system. Duties to make their medical data available for health and care research (see, for instance, Cohen, 2018; Riso et al., 2017; Porsdam Mann et al., 2016) seem to be natural candidates. The improvement of healthcare services, research, and public health is considered to depend on patient data. Questions concerning moral responsibilities or moral duties of patients to transfer data concerning health can be expected to arise much more often in the near future.
Various ethical theories (in particular, deontological, utilitarian, communitarian ones, and ethics of care) may deliver different approaches to the justification of a moral duty of patients to transfer their health data. Such a responsibility of patients logically would also have consequences for the responsibilities of care providers in cases where for the sharing of data to make any sense, the data involved must be further transferred to other healthcare providers, researchers or other organisations who also possibly will have to transfer the data further to others, et cetera. These professionals will act either on the basis of a direct duty in its own rights – e.g. a duty based on the expected professional benefit from data transfers such as improving the accuracy of research – or on the basis of a derivative duty, i.e. one that is logically building on the patients’ responsibilities.Footnote 1
In this article, we will not so much discuss the status and justification of such responsibilities or duties. We will defer our judgment in this respect. Rather, we will ask: how would a moral duty of patients to transfer (health) data for the benefit of health care, research, and public health improvement in the health sector sit within the currently existing confidentiality, privacy, and data protection legislations? The current European and national legislations somehow appear to obstruct a possible moral duty, as they impose strict conditions on transmitting health-related personal data. The following sections will focus on identifying how these legislations impede a possible duty to share data rather than how they facilitate it. In doing so, we will distinguish between a basic duty and a supererogatory duty (Beauchamp & Childress, 1994, pp. 211, 483), as we will explain further on.
Transferring data
The European health care system is currently undergoing a transformation towards increased digitalisation through eHealth services (European Commission, 2018b). Although a commonly accepted definition of the term ‘eHealth’ does not exist (Eysenbach, 2001; Boogerd et al., 2015), it certainly comprises several types of internet and communication technologies through which data about patients can be collected and transferred. For instance, within the doctor-patient interaction, information about the patients’ health may typically be collected through medical devices, such as sphygmomanometers or other CE certified health monitoring applications. Commercial devices such as wearables (e.g. fitness trackers, smart watches) or apps and sensors on smart phones (e.g. pedometers) gain in significance due to the growing consumer interest (Piwek et al., 2016). Other tools facilitate the communication between different care professionals and professionals and patients, such as eHealth platforms and electronic health records (European Commission, 2018b). Even developments such as the open access movement and crowdsourcing (Wazny, 2018) are sometimes used to facilitate access to (health) data to various stakeholders in order to strengthen research, healthcare, and public health. In the context of all of these eHealth services, the processing of health data relies on the sharing of information and thus implies the exchange of data between different actors (e.g. patients, physicians) or organisations (e.g. research institutes, governmental authorities). In one way or another, they may make the data available upon request or use automatic means to exchange the necessary information.
Against this backdrop, patients might provide their data directly or indirectly for different purposes. They might do so, as will be the case most often, for the benefit of their own treatment or care. They might do so as well, however, for the benefit of other patients’ treatment and care, or for the sake of public health and the care system in general.
In order to understand the collaborative setting that underlies the transmission of the patients’ data for the benefit of healthcare, research, and public health in general, one may consider that the transfer of health data may basically take three different forms.
First, individuals may share information about their health with their physicians who conduct the patient anamnesis and physical examination. This enables the healthcare provider to identify the patients’ medical condition in order to make an adequate diagnosis. Here, the patient data is being collected by healthcare providers, possibly in collaboration with other doctors, in the course of the patients’ medical treatment.
The data collected may then, in a subsequent step, be transferred further to other stakeholders for the purpose of either the patients’ own treatment, research and/or public health (or a combination of these).
Second, patients or volunteering citizens who wish to partake in scientific research may make their health data available for the investigation of diseases, treatments or drugs by providing access to their medical records for the purpose of medical research and public health. Alternatively, patients or volunteering citizens may participate in person in medical studies or provide body samples (e.g. blood, tissues) for clinical research where researchers collect health data about their research participants directly without any connection to their treatment. The use of health data can furthermore contribute to epidemiological research investigating the health of the population.
Third, data collected by care providers or researchers can be further transferred to other care providers, researchers and/or other organisations. For instance, patient data may be exchanged to facilitate further research collaboration with researchers or specialists as from the pharma industry attempting to follow up on potential effects from the patients’ drug consumption. Researchers may exchange the patients’ data with third parties (e.g. government agencies) to facilitate the re-use of the data for the purpose of medical research, public health or the improvement of healthcare overall.
These forms of data sharing are not mutually exclusive. The combination of all the individual stakeholders involved in patient data transfers may vary depending on factors such as the purpose for which the data processing activities are undertaken and the eHealth technologies deployed in the countries concerned. The variety in eHealth systems adopted within and across states still seems to create an obstacle for many healthcare professionals to access and exchange health information about their patients efficiently (European Commission, 2018a). The diverging national approaches to regulating health data exchange add a further layer of complexity, particularly in cross-border data sharing.
Different implementations of a duty to transfer
A duty to transfer health data could directly or indirectly relate to all of these forms and could be facilitated through a range of digital tools. Patients do not necessarily need to disclose all of the relevant data one by one themselves. Healthcare providers and researchers are typically the ones who collect health information about their patients or research volunteers; be it during the anamnesis or from observations that care providers and researchers have made. In addition to disclosing some data orally or in writing to caregivers or researchers themselves, patients might as well simply agree in some form or other to having the data transferred by whatever means to (other) caregivers and researchers, in order to implement the duty.
In this context, we may differentiate between two forms in which a duty of patients to share data could exist: one being a basic duty and the other being a supererogatory duty. A basic or universal duty obliges every moral agent, as it sets minimum standards for morally desirable actions. A supererogatory duty binds actors in principle based on moral reasons that they themselves accept as good reasons or should accept as good reasons (Beauchamp & Childress, 1994, pp. 211, 483; Heyd, 1982, pp. 113–125; Urmson, 1958; see, for critical discussion: Pybus, 1982). Especially the latter can set higher standards for a moral duty to share data where individuals impose an obligation based on their personal moral ideals, but supererogation comes with restrictions. Such a moral obligation is very individual to a person and does not apply universally to every single moral agent (Heyd, 1982, p. 136). Supererogatory actions may be morally praiseworthy yet optional contributions to improving other people’s well-being (Heyd, 1982, pp. 138–139; Beauchamp & Childress, 1994, pp. 211, 483–485).
The different moral outlooks referred to in the previous section may require different implementations of an alleged duty to transfer health data. From a Kantian or deontological perspective, it might at first sight seem to be important that individual patients can individually consent to individual transfers, as freely doing what is good is more important than just doing what is good. This straightforward interpretation seems to fit very well with what we referred to as the ‘Millian’ view of autonomy in which individual consent is of utmost importance. Kant himself, however, would probably have allowed for approaches without actual consent, in situations where a legal rule would apply that can be considered to comply with moral convictions.Footnote 2 We will refer to the latter view as the contractualist Kantian view in the rest of this paper.
Care ethics’ nature encompasses characteristics such as being there for someone, having compassion for people, helping others (Beauchamp, 1991). These are relational traits that make people attentive to the needs of others. Caring has therefore been understood to be a response or reaction to the need of the other person (Beauchamp, 1991, p. 286). This feature does not necessarily require explicit positive agreement with each and every caring act, as, characteristically, the freedom of acts from a virtue may rest on a choice for types or categories of acts.
Communitarian values may offer reasons for the sharing of health data ultimately based on a conception of the common good (MacIntyre, 1981, pp. 210–227; Beauchamp, 1991, pp. 270–271; Beauchamp & Childress, 1994, pp. 77–78). For communitarians, communal initiatives are important, such as an effort to maintain the functioning of a healthcare system or the improvement of the delivery of health services. These kinds of initiatives thrive on collective commitment and can therefore override the need for the patient’s approval.
From a utilitarian perspective, things are different. Whether an action or practice is morally good will be assessed on the basis of their consequences, i.e. the benefit they generate for the people and their well-being (Beauchamp, 1991). Health data sharing can, according to many, benefit many people in society by the advancement of medicine, such as through the development of new therapy methods or medication. If sharing of health data is perceived as benefiting the majority of a society (European Commission, 2020), the individual’s agreement to the transmission of their health-related data may be considered to be not important. From a utilitarian perspective, automation of the transfers might even be preferred as it would most efficiently contribute to the overall greatest utility for the most individuals involved. The utilitarian approach does not so much rely on consent as a legal basis for health data transfers but rather requires clearly defined legal grounds that justify the transfer of health data for the benefit of society. Moreover, since it might be disadvantageous to the full use of data (van Veen, 2018) a utilitarian might even elude the requirement of consent entirely.
Utilitarianism as a normative theory of obligation may naturally lead to the conclusion that all actions benefiting a vast majority will become mandatory, and, thus, qualify as a basic duty (Beauchamp & Childress, 1994, p. 489). Where a moral outlook other than the utilitarian requires voluntariness as a pre-requisite for an action, a moral duty of patients to share data may persist in form of a supererogatory duty instead of a basic duty, and vice versa. Supererogatory actions will be performed by those who experience the necessary dedication or are driven by strong virtues (Heyd, 2019). A caring person, for instance, will be devoted to share data with the aim of serving others. A clear distinction between duty and supererogation is, however, hardly possible at all times (Beauchamp & Childress, 1994, pp. 489–490; Heyd, 1982, pp. 73–75; Heyd, 2019). People themselves driven by ideals might as well say that they consider themselves to be compelled to share data as if it were a basic duty where it is virtuous to do so.
The current legal context
Whilst it might be highly desirable to unlock the full potential of using data for the societal good, there is an obvious tension between a moral duty of patients to transfer health data for improving healthcare, research, and public health, and the protection of the patients under the confidentiality, privacy, and data protection legislations. The confidentiality, privacy, and data protection legislations build a framework for the legal protection of individuals regarding the sharing of sensitive information shaped by various ethical values such as respect for one’s privacy or dignity. In the attempt to support data sharing by individuals who aspire to do so for the well-being of others, the law may create impediments to a moral duty of patients to share data.
The data protection legislation is already the result of data subjects’ rights being balanced with societal interests, including the economic interests of improving health care, research, and public health are taken into consideration. On a European level, the General Data Protection RegulationFootnote 3 for Member States of the European Union, and the recommendation of the Council of Europe on the protection of health-related dataFootnote 4 are of particular importance. Both frameworks introduce provisions on the processing of health data (data concerning health as per article 4(15), recital 35 General Data Protection Regulation and health-related data as defined per article 3 Council of Europe recommendation, respectively), thereby governing the transmission of health data.
The General Data Protection Regulation establishes several data protection principles and rules to be followed by data controllers and data processors when sharing (health) data, and provides patients with data subjects’ rights. Other mechanisms under the regulation provide further protection such as the obligation to notification of data breaches to the supervisory authority or communication of data breaches to data subjects when a personal data breach is likely to result in a high risk to the rights and freedoms of the data subject (articles 33, 34), and/or the conduct of a data protection impact assessment (article 35)Footnote 5. In addition, cybersecurity requirements aim at maintaining the confidentiality of data through safeguards (i.e. technical and organisational measures), thereby constituting a pre-requisite for health data transfers. The General Data Protection Regulation does not introduce a legal definition for the term data sharing. It rather provides a non-exhaustive list of examples in article 4(2) on how data transfers or data sharing can be conducted, such as through ‘disclosure by transmission, dissemination or otherwise making available’.
As a soft law instrument, the Council of Europe recommendation provides guidelines on the processing of health-related data, inter alia, for reasons of public health (e.g. to ensure the quality and safety of medical treatment, health products and medical devices), or the public interest (e.g. scientific research) (article 5a). The recommendation provides more concrete guidelines when referring to the exchange and sharing of health-related data by means of digital tools (article 2.1) in the public and private sector. In particular, the recommendation entails specific provisions regarding the sharing of health-related data for the purpose of providing and administering health care in article 8, whereby article 8.4 specifically highlights ‘the use of an electronic medical file and of an electronic mailbox allowing for the sharing and exchange of health-related data’. Moreover, it introduces norms that are applicable to the communication of data for purposes other than providing and administering health care in article 9. This provision covers the further sharing of health-related data with recipients who are authorized by law. The recommendation does not clarify the terms ‘exchange’, ‘data sharing’ or ‘communication’, but, similarly to the General Data Protection Regulation, introduces a non-exhaustive list of examples in article 3 which indicates that the exchange, data sharing or the communication of data can be considered as a data processing activity, such as the disclosure or making available of data. Moreover, it introduces rights of the data subject, which can also deviate from the General Data Protection Regulation.
However, the balancing of the confidentiality, privacy, and data protection legislations may need to be reconsidered in order to achieve the goals of enhancing the healthcare system, research, and society overall, following the moral reasons that are behind a moral duty to share data.
A legislative fragmentation within and between EU Member States or European countries with regard to the processing of health data may constitute an obstacle to the opportunity to exercise a moral duty to health data transfer. Firstly, the General Data Protection Regulation foresees a ban with permit reservation allowing only the exceptional processing of data concerning health (articles 9(2–4), 6 General Data Protection Regulation), while the Council of Europe recommendation legitimises the processing of health-related data only if one of the legitimate bases set down in article 5 apply. However, not clearly defined concepts, such as the notion of public interest, public health, or research, can aggravate the sharing of data due to legal uncertainty as to under which circumstances such a duty can be exercised. A moral duty, however, may permit health data transfers as a key condition and might require a clearly defined legal landscape for its implementation. Secondly, data protection legislation provides Member States the possibility for introducing further conditions with regard to the processing of health data and for derogations. The conditions permitting the processing of health data, however, may vary among Member States, which can challenge the proper exercise of a moral duty that generally grants the freedom to transfer data on a national and European level for various purposes.
Moreover, it may not always be evident what type of data constitutes health data, as the diversity of collected data and the possibility to link data seems to blur the line between health and non-health data (Vayena et al., 2018, pp. 67–68; Vayena & Madoff, 2019; Mulder, 2019; The Article 29 Working Party, 2015). The Article 29 Working Party (now known as the European Data Protection Board) described data generated in a professional and medical context concretely as ‘medical data’ that forms part of the broader defined concept of ‘health data’. It defined ‘medical data’ as ‘all data related to […] diagnosis and/or treatment by (professional) providers of health services, and any related information on diseases, disabilities, medical history and clinical treatment. This also includes any data generated by devices or apps […]’ (The Article 29 Working Party, 2015, p. 2). The General Data Protection Regulation and the Council of Europe recommendation serve the protection of ‘data concerning health’ (article 4(15), recital 35 General Data Protection Regulation) and ‘health-related data’ (article 3 Council of Europe recommendation), respectively, in general regardless of whether the data has been collected in the medical context. The changes made in the latest version of the Council of Europe recommendation may support this approach, as it replaced the term ‘medical data’ with the more general term ‘health-related data’ in its latest version, thereby prompting for the need to widen its scope of application. However, not only special categories of data, such as data concerning health, imply a high degree of sensitivity due to their nature. Also, non-sensitive (or non-health) data has the potential to reveal information about a citizen’s health due to data mining enabled by big data. For instance, some technologies collect administrative data (e.g. address, location), which, at first glance, does not constitute health data. However, as it is being processed in the medical context, it can implicitly reveal information about one’s health. The discussions regarding the development of the Corona Tracing App reflect the difficulties of how data, which may not be considered health data at a first glance, can provide sensitive information about someone’s health (EDPB, 2020a). If (non-)personal data can serve the improvement of care, the inclusion of these data types into the scope of application of a moral duty can be essential. Nonetheless, personal data and health data are subject to different levels of protection under the data protection framework. The adequacy of such a distinction may be questionable where (non-)personal data can reveal information about one’s health. However, as the data protection regulation foresees different levels of protection, a clear demarcation between the notion of non-health data and health data can be germane to facilitate a moral duty to transfer health data.
Also, various data protection principles potentially impede the exercise of such a duty. The principle of data minimization and the concepts of data protection by design and by default may restrict the availability of (health) data for data exchange. However, access to all data ought to be facilitated in order to endorse healthcare, research, and public health when intending to implement a moral duty. Since the data protection legislation is not applicable to the processing of anonymised data, the exchange of anonymised data could be a solution to the problem in order to endorse the sharing of anonymised data. Nonetheless, awareness has been raised about the possibility to single out, to link non-identifiable data to individuals, and to interfere personal data about an individual by using big data analytic techniques (Fazlioglu, 2019). This leads to the risk of the misuse of health data through private entities (e.g. employer, insurance company), and transferring data thus requires a comprehensive approach concerning the implementation of appropriate safeguards (technical and organisational) (Hohmann & Benzschawel, 2013). This may also put the ‘doctor-patient-privilege’ or medical secrecy, which obliges healthcare professionals to preserve confidentiality as regards to the information they have obtained in the course of their care provision (Council of Europe, 2015, p. 5), at risk when transferring supposedly anonymised data with others. Besides, anonymisation has also been interpreted as a hurdle for research that impairs the quality of certain types of health research such as research for rare diseases (Donnelly & McDonagh, 2019, pp. 100–101).
The transposition of confidentiality, privacy, and data protection legislations has led to multiple challenges in the area of scientific research, such as a legal fragmentation across countries, or legal uncertainty with regard to the interpretation of broad notions (e.g. the notion of scientific or the concept of health data) (European Parliament, 2019, p.13). Consent is an important legal basis for the processing of personal data in the field of medical research. Yet, doubts have been raised as regards to whether consent could be deemed to be an appropriate legal basis. In its guidelines, the Article 29 Working Party already raised doubts in terms of the use of consent for the processing of patient data in electronic health records, as patients generally do not have ‘a genuine free choice’ when seeking the doctor’s advice under their given medical condition (The Article 29 Working Party, 2007, pp. 8–9). Similarly, the European Data Protection Board confirmed this approach, as consent cannot be ‘freely given’ where an imbalance of power to the detriment of the data subject exists, for instance, when research participants are suffering from bad health (EDPB, 2019, p. 6). Despite these difficulties, the current consent conception has said to impede the re-use, or so-called secondary use, of health data for research and public health purposes. The secondary use of health data typically aims to improve public health for the good of the society (Council of Europe, 2015, p. 11), as, for instance, the data collected for the patients’ treatment can provide valuable insights into public health problems. The Council of Europe recommendation seems to stipulate strict requirements for the health-related data that is ought to be further shared, as such data may merely be communicated to recipients who are authorised by law according to article 9.1 Council of Europe recommendation. More generously, the General Data Protection Regulation generally prioritises the use of health-related data for secondary processing. The regulation, in principle, presumes the compatibility of the reuse of data in healthcare as per article 5(1)(b) General Data Protection Regulation if appropriate safeguards according to article 89(1) General Data Protection Regulation exist (EDPS, 2020, p. 22). The purpose limitation principle, however, limits the reuse of health data to the primary processing where it was based on the individual’s consent. The further processing in this case would require the renewal of the consent or a new legal basis. These obstacles could be particularly relevant for patients who deem to exercise their duty to share health data for the improvement of the healthcare system and research.
Against this background, the recently transposed regulation on European data governance, the so-called Data Governance Act (DGA)Footnote 6, could open new opportunities to enhance the availability of health-related data. The DGA aims at stimulating the sharing of personal and non-personal data between EU Member States by fostering trust through data intermediaries and by introducing so-called European data altruism consent forms. The EU data altruism consent form is meant to create new incentives for the voluntary sharing of personal data for altruistic research purposes that support the general interest, and shall be customized according to the needs of the specific sector at stake (articles 2(16) and 25, recital 52 DGA). The regulation presents only exemplary some objectives of general interest, including healthcare, the improvement of the provision of public services, or scientific research in the general interest. The current draft thus leaves room for interpretation regarding its scope of application, as it remains uncertain what constitutes a ‘general interest’ or an altruistic purpose. The data altruism consent, in principle, appears to open the door for altruistically motivated data processing activities which could potentially enable patients to perform their possible duty to share health data for enhancing care, research, and public health.
Is the current legal framework an impediment to the duty to transfer?
Confidentiality, privacy, and data protection legislation may impede the exercise of a moral duty of patients to transfer data when seen from the perspectives of some moral outlooks, such as for instance utilitarian ones. They may, however, also simply peacefully cohabit and offer opportunities and possibilities for specific implementations of such a duty. While from the straightforward Kantian perspective, actual consent as it is currently conceived of in the relevant laws may be a crucial instrument to preserve one’s moral autonomy and responsibility, that same consent conception might sit awkwardly with a contractualist Kantian approach and other views of a moral duty to share. Furthermore, depending on whether one interprets a duty as a basic or a supererogatory one, such a distinction can impact how the law affects a duty to share data. As we have shown above, a supererogatory duty is restricted to voluntary actions.
The use and re-use of health-related data, as we have attempted to describe above, can take place in different forms, but often requires researchers to obtain approval from patients and research participants for the processing of their health data for research for other purposes than the original one.
Recital 33 of the General Data Protection Regulation acknowledges that it may not always be possible to clearly identify the purpose at the time of data collection and, therefore, preserves some flexibility regarding the specification of consent, allowing participants to agree to have their data processed for certain areas of scientific research. This recital seems to introduce the concept of broad consent, which is said to expedite the use of data concerning future (yet unspecified) research in genomic research, as researchers would simply be required to interact with their research participant once in order to obtain consent (Hallinan, 2020). Broad consent could in general enable the future, yet not foreseeable, flow of (health) data without too many obstacles. The purpose, however, still needs to be ‘well-described’ and vaguely outlined reasons (e.g. for the purpose of ‘future research’) do not suffice the purpose limitation principle (EDPB, 2020b, p. 13). The European Data Protection Board suggests that recital 33 is not ought to overrule the consent requirements and requires even ‘a stricter interpretation and […] a high degree of scrutiny’ when reading the recital in light of Article 9 General Data Protection Regulation (EDPB, 2020b, p. 29). This approach possibly leads to a tension between the consent requirement and the need for a more flexible further use of health-related data that was originally collected on the basis of consent.
Dynamic consent has been considered as a mechanism that preserves an individual’s autonomous decision-making by providing patients with more control over their personal data. The concept of dynamic consent foresees that the patients’ consent is sought on an ongoing basis for new research activities (Budin-Ljøsne et al., 2017). Refreshing consent at appropriate intervals seems also to be the preferred approach suggested by the European Data Protection Board, as it takes into account the purpose limitation principle (EDPB, 2020b, pp. 22, 29). Some legal scholars propose to revisit the definition of consent and offer a more flexible approach compared to the existing requirements of specific, informed consent in order to preserve an individual’s autonomy (Ploug & Holm, 2016). Giving individuals the freedom to engage more or less on their own condition in health data sharing could be endorsed furthermore through the concept of ‘meta-consent’. The concept of ‘meta-consent’ strives for an expanded involvement, whereby individuals themselves determine the specificities of the consent request, in particular when they should be asked for consent and how, in order to take control over the exchange of their data depending on their personal preferences or choice (Ploug & Holm, 2016, pp. 724–725).
Although the concepts of dynamic consent or meta-consent offer promising solutions for the active involvement of patients and research participants, researchers might need to invest a lot of time and efforts to obtain consent from their patients for new research project, taking away too much of the researchers’ organisational capacities. Furthermore, the multitude of data exchange possibilities, that may take place over years, could challenge patients’ to keep up with the variety of data flows, which might hinder them to make autonomous decisions (Budin-Ljøsne et al., 2017, p. 7). The recent implementation of the DGA regulating the European data altruism consent form demonstrates the need for mechanisms which enable altruistic data sharing.
Under the current legal framework, explicit consent is not the only legal basis available to share health data. The GDPR also embeds other legal grounds, including reasons where the processing is necessary for substantial public interests, public interests in the area of public health, or scientific research (article 9(2)(lit. g, i, j GDPR). One might consider these reasons to be generally altruistic due to their aim of contributing to society as a whole. And yet, these legal grounds still come along with limitations to the full use of health-related data.
The possibilities to process special categories of personal data based on reasons for the substantial public interest (article 9(2)(g) GDPR) seem to be limited due to the absence of a definition in the GDPR. Recital 52 provides some examples as to what constitutes the general ‘public interest’, such as health security or the prevention and control of serious health threats. However, what type of circumstances meet the threshold to make a public interest substantial and whether research falls underneath it has yet to be determined (EDPS, 2020, p. 23).
Moreover, the processing of health data that is necessary for reasons of public interest in the area of public health cover purposes such as the protection against serious cross-border health threats, securing ‘the high standards of quality and safety of health care and of medicinal products and medical devices’ as per article 9(2)(i) GDPR. Furthermore, recital 54 refers to the Regulation (EC) No. 13,338/2008, defining public health as ‘all elements related to health, namely health status, including morbidity and disability, the determinants having an effect on that health status, health care needs, resources allocated to health care, the provision of, and universal access to, health care as well as health care expenditure and financing, and the causes of mortality.’ Recital 54 also clarifies that under the legal ground of article 9(2)(i) GDPR, personal data cannot be ‘processed for other purposes by third parties’.
Again, in terms of the notion of scientific research, the regulation integrates a broad notion according to recital 159 GDPR covering ‘technological development and demonstration, fundamental research, applied research and privately funded research’ as well as ‘studies conducted in the public interest in the area of public health’. Despite its broadness, the European Data Protection Supervisor (EDPS) referred to the legal uncertainty of what falls under ‘scientific research’. This question has been raised especially in terms of product development for the improvement of healthcare (EDPS, 2020, p. 23, referring to German Data Ethics Commission, 2019, p. 13). Further uncertainty persists in relation to the further processing of health-related data based on the compatibility clause according to article 5(1)(b) and recital 50 GDPR. For one thing, it is still unclear whether the use of the compatibility clause is reserved for the initial ‘data collector’. Moreover, the question of whether patient data that was initially collected for the provision of care can be further processed for medical research based on the compatibility clause remains unresolved (EDPS, 2020, pp. 22–23).
Conclusion: corollary drawbacks and advantages of a data sharing duty
Consent has been said to constitute an important instrument to preserve the patients’ autonomy in medicine and research as well as in data processing. At the same time, the current predominant consent conception pervading the Regulation on the processing of personal data is reaching its limits when it comes to facilitating health related data sharing on the basis of an individual’s agreement. The multitude of possible data exchanges potentially affects the willingness of patients to share their personal data over a longer period of time and also challenges patients to keep track of the sharing activities taking place (Budin-Ljøsne et al., 2017; van Veen 2018). Furthermore, the possibility that patients themselves might determine which data to share and with whom entails additional risks for the patients’ safety given that the average patient might not be capable to assess the adverse implications of their decision (Angst, 2009). The complexity of data sharing operations create a lack of control for individuals that the current conceptualization of consent cannot sufficiently address when it comes to the re-/use of the patients’ health data for the improvement of healthcare, research, and public health. However, (re-)using health data based on grounds other than consent faces challenges too.
Existing data protection, privacy and confidentiality legislations are not the only subject for discussion when addressing issues surrounding the topic of health data sharing. The ownership of the technical bearers of the data, e.g. of the medical records and the databases to which they belong, may be problematic (See, for instance, Hall, 2010 and Rodwin, 2010). Another set of issues to be considered comes along with the fact that, in many societies, depending on the specific ways in which health care is structured and funded, organisations in health care are often not very keen on sharing information. This is due to a perceived competitive relationship with fellow organisations, even though – as is often the case in Europe – the organisations are funded by public money. Moreover, even if all privacy, property and perceived competition barriers could be removed, there will still remain a host of technical issues concerning the interoperability of databases and the analyses that have to be performed, not even to mention the organisational and financial issues accompanying these technicalities. Of course, none of these impediments is by definition insurmountable or unalterable. It is important, however, to be aware of the fact that the legal framework concerning privacy, data protection and confidentiality is not the only relevant one deserving further scrutiny. Furthermore, there is the risk that the health data collected about the patient could be processed for other than medical purposes. For instance, law enforcement agencies might search genetic databases for investigative genetic genealogy to identify a suspect’s ancestries, which has been a matter of concern (de Groot et al., 2021).
Despite the existing legal impediments for the sharing of health data, various accounts of a moral duty to transfer health data present some advantages. Such a moral duty takes into account the societal needs of improving healthcare, research, and public health. Consent, as currently defined in the Regulation, does not seem to be indispensable from various ethical perspectives. Four streams of thought in ethics, i.e. a contractualist Kantian theory, an ethics of care, a communitarian and a utilitarian theory, evidently offer new starting points for a profound reconsideration of the current normative framework for the processing of health-related personal data. All of these ethical outlooks suggest that the concept of autonomy is not strictly tied to the subjective will of the patient or research participant, and can provide arguments for data sharing based on altruistic reasons beyond what the current legal framework foresees.
Notes
Support and justification for a direct duty of researchers to transfer data have been expressed on the basis of public health emergencies following a communitarian approach (Langat et al., 2011, pp. 4–11). The justification for a derivative duty may be simply inferred from the justification of the patient’s duty to transfer.
When discussing the idea of an original contract between sovereigns and their people, Kant (1793, Ak. VIII: 297) suggests that both the sovereign and the people can be bound by rules in cases where these rules are such that they could have arisen from a ‘united’ will of the citizens of a whole people, e.g. just because they are considered to be morally right and good, without a need of actual consent.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Council of Europe (2019) Recommendation CM/Rec(2019)2 of the Committee of Ministers to Member States
on the protection of health-related data, adopted by the Committee of Ministers on 27 March 2019 at the 1342nd meeting of the Ministers’ Deputies (hereinafter referred to as ‘Council of Europe recommendation’); the Council of Europe has to be distinguished from the European Union, as the former is an international organization encompassing also non-EU countries.
According to recital 91 General Data Protection Regulation, the processing of personal data concerning patients and clients by an individual physician or healthcare professional shall not be considered as processing on a large scale for which the execution of a DPIA should not be mandatory.
Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act).
References
Angst, C. M. (2009). Protect my privacy or support the Common-Good? Ethical questions about Electronic Health Information exchanges. Journal of Business Ethics, 90, 169–178. https://doi.org/10.1007/s10551-010-0385-5
Beauchamp, T. L., & Childress, J. F. (1994). Principles of Biomedical Ethics. Seventh Edition. New York: Oxford University Press.
Beauchamp, T. L. (1991). Philosophical Ethics: An Introduction to Moral Philosophy. Second Edition. New York: McGraw-Hill.
Boogerd, E. A., Arts, T., Engelen, L. J., & van de Belt, T. H. (2015). “What is eHealth”: Time for an update? JMIR Res Protoc, 4(1), e29. https://doi.org/10.2196/resprot.4065
Brazier, M. (2006). Do no harm – do patients have responsibilities too? Cambridge Law Journal, 65(2), 397–422. https://doi.org/10.1017/S0008197306007161
Budin-Ljøsne, I., Teare, H. J. A., Kaye, J., Beck, S., Bentzen, H. B., Caenazzo, L., Collett, C., D’Abramo, F., Felzmann, H., Finlay, T., Javaid, M. K., Jones, E., Katić, V., Simpson, A., & Mascalzoni, D. (2017). Dynamic consent: a potential solution to some of the challenges of modern biomedical research. BMC Medical Ethics, 18, 4. https://doi.org/10.1186/s12910-016-0162-9
Buetow, S. (2014). Why patients have a moral obligation to give care to clinicians. Journal of Evaluation in Clinical Practice, 20, 890–895. https://doi.org/10.1111/jep.12116
Cohen, G. (2018). Is there a duty to share Healthcare Data? In G. Cohen, H. F. Lynch, E. Vayena, E, & U. Gasser (Eds.), Big Data, Health Law, and Bioethics (pp. 209–222). Cambridge University Press. https://doi.org/10.1017/9781108147972.020
Council of Europe (2015). Introductory report for updating recommendation R(97) 5 of the Council of Europe on the protection of medical data by Malafosse, J.B., T-PD(2015)07. https://rm.coe.int/introductory-report-for-updating-recommendation-r-97-5-of-the-council-/168073510c
Davies, B., & Savulescu, J. (2019). Solidarity and responsibility in healthcare. Public Health Ethics, 12(2), 133–144. https://doi.org/10.1093/phe/phz008
de Groot, N., van Beers, B. C., & Meynen, G. (2021). Commercial DNA tests and police investigations: a broad bioethical perspective. Journal Of Medical Ethics, 47, 788–795. https://doi.org/10.1136/medethics-2021-107568
Donnelly, M., & McDonagh, M. (2019). Health Research, Consent and the GDPR exemption. European Journal of Health Law, 26(2), 97–119. https://doi.org/10.1163/15718093-12262427
English, D. C. (2005). Moral Obligations of patients: a clinical view. Journal of Medicine and Philosophy: A Forum for Bioethics and Philosophy of Medicine, 30(2), 139–152. https://doi.org/10.1080/03605310590926821
European Commission (2018a). Benchmarking Deployment of eHealth among General Practitioners (2018). Final Report. https://op.europa.eu/en/publication-detail/-/publication/d1286ce7-5c05-11e9-9c52-01aa75ed71a1/language-en
European Commission (2018b). Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on enabling the digital transformation of health and care in the Digital Single Market; empowering citizens and building a healthier society COM(2018) 2333 final, 25.04.2018. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM%3A2018%3A233%3AFIN
European Commission (2020). Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, A European strategy for data COM(2020) 66 final, 19.2.2020. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52020DC0066
European Data Protection Board (EDPB) (2019). Opinion 3/2019 concerning the Questions and Answers on the interplay between the Clinical Trials Regulation (CTR) and the General Data Protection regulation (GDPR) (art.70.1.b)). Adopted on 23 January 2019. https://edpb.europa.eu/our-work-tools/our-documents/opinion-art-70/opinion-32019-concerning-questions-and-answers_en
European Data Protection Board (EDPB) (2020a). Guidelines 04/2020 on the use of location data and contact tracing tools in the context of the COVID-19 outbreak. Adopted on 21 April 2020. https://edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-042020-use-location-data-and-contact-tracing_en
European Data Protection Board (EDPB) (2020b). Guidelines 05/2020 on consent under Regulation 2016/679. Version 1.1. Adopted on 4 May 2020. https://edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-052020-consent-under-regulation-2016679_en
European Data Protection Supervisor (EDPS) (2020). A preliminary opinion on data protection and scientific research. 6 January 2020. https://edps.europa.eu/sites/edp/files/publication/20-01-06_opinion_research_en.pdf
European Parliament (2019). How the General Data Protection Regulation changes the rules for scientific research. Study – Panel for the Future of Science and Technology. European Parliamentary Research Service. PE 634.447 - July 2019. Doi: https://doi.org/10.2861/17421
Eysenbach, G. (2001). What is e-health? Journal Of Medical Internet Research, 3(2), e20. https://doi.org/10.2196/jmir.3.2.e20
Fazlioglu, M. (2019). Beyond the “Nature” of data: obstacles to protecting sensitive information in the European Union and the United States. Fordham Urban Law Journal, 46, 271–306. https://ir.lawnet.fordham.edu/ulj/vol46/iss2/2
Opinion of the Data Ethics Commission, German Data Ethics Commission, & Summary, E. (2019). October 2019. https://www.bmj.de/SharedDocs/Downloads/DE/Themen/Fokusthemen/Gutachten_DEK_EN.pdf?__blob=publicationFile&v=1
Hall, M. A. (2010). Property, privacy, and the pursuit of interconnected Electronic Medical Records. Iowa Law Review, 95, 631–664.
Hallinan, D. (2020). Broad consent under the GDPR: an optimistic perspective on a bright future. Life Sciences Society and Policy, 16, 1. https://doi.org/10.1186/s40504-019-0096-3
Harris, J. (2005). Scientific research is a moral duty. Journal Of Medical Ethics, 31, 242–248. https://doi.org/10.1136/jme.2005.011973
Heyd, D. (1982). Supererogation: its status in ethical theory. Cambridge University Press.
Heyd, D. (2019). Supererogation. The Stanford Encyclopedia of Philosophy (Winter 2019 Edition), Edward N. Zalta (Ed.). https://plato.stanford.edu/archives/win2019/entries/supererogation/
Hohmann, J., & Benzschawel, S. (2013). Data Protection in eHealth Platforms. In R. Beran (Ed.), Legal and forensic medicine (pp. 1633–1658). Berlin, Heidelberg: Springer. https://doi.org/10.1007/978-3-642-32338-6_81
Kant, I. (1793). Über den Gemeinspruch: Das mag in der Theorie richtig sein, taugt aber nicht für die Praxis. Ak. VIII.
Langat, P., Pisartchik, D., Silva, D., Bernard, C., Olsen, K., Smith, M., Sahni, S., & Upshur, R. (2011). Is there a duty to share? Ethics of sharing Research Data in the context of Public Health Emergencies. Public Health Ethics, 4(1), 4–11. https://doi.org/10.1093/phe/phr005
MacIntyre, A. (1981). After virtue: a study in moral theory. London: Duckworth.
Mill, J. S. (1977). Essays on politics and society. In J. M. Robson (Ed.), The Collected Works of John Stuart Mill, Volume XVIII - Essays on politics and society Part I. London: Routledge and Kegan Paul.
Mulder, T. (2019). The protection of data concerning Health in Europe. European Data Protection Law Review, 5(2), 209–220. https://doi.org/10.21552/edpl/2019/2/10
Piwek, L., Ellis, D. A., Andrews, S., & Joinson, A. (2016). The rise of Consumer Health Wearables: promises and barriers. Plos Medicine, 13(2), https://doi.org/10.1371/journal.pmed.1001953
Ploug, T., & Holm, S. (2016). Meta consent – a flexible solution to the problem of secondary use of health data. Bioethics, 30(9), 721–732. https://doi.org/10.1111/bioe.12286
Porsdam Mann, S., Savulescu, J., & Sahakian, B. J. (2016). Facilitating the ethical use of health data for the benefit of society: electronic health records, consent and the duty of easy rescue. Phil. Trans. R. Soc. A., 374. https://doi.org/10.1098/rsta.2016.0130
Pybus, E. M. (1982). Saints and Heroes. Philosophy, 57(220), 193–199. http://www.jstor.org/stable/4619558193–199
Riso, B., Tupasela, A., Vears, D. F., Felzmann, H., Cockbain, J., Loi, M., Kongsholm, N. C. H., Zullo, S., & Rakic, V. (2017). Ethical sharing of health data in online platforms – which values should be considered? Life Sci Soc Policy, 13(12), https://doi.org/10.1186/s40504-017-0060-z
Rodwin, M. A. (2010). Patient Data: Property, Privacy & the Public Interest. American Journal of Law and Medicine Suffolk University Law School Legal Studies Research Paper Series, Research Paper 10–24. Available at SSRN: https://ssrn.com/abstract=1599192
Schaefer, G. O., Emanuel, E. J., & Wertheimer, A. (2009). The Obligation to participate in Biomedical Research. Journal Of The American Medical Association, 302(1), 67–72. https://doi.org/10.1001/jama.2009.931
Schmidt, H. (2007). Patients’ charters and health responsibilities. British Medical Journal, 335, 1187–1189. https://doi.org/10.1136/bmj.39387.393160.AD
The Article 29 Working Party (2007). Working Document on the processing of personal data relating to health in electronic health records (EHR). Adopted on 15 February 2007. https://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2007/wp131_en.pdf
The Article 29 Working Party (2015). ANNEX ‘health data in apps and devices’ to the letter of the WP29 to the European Commission on the clarification of the scope of the definition of data concerning health in relation to lifestyle and wellbeing apps. https://ec.europa.eu/justice/article-29/documentation/other-document/files/2015/20150205_letter_art29wp_ec_health_data_after_plenary_annex_en.pdf
Urmson, J. O. (1958). Saints and heroes. In A. I. Melden (Ed.), Essays in Moral Philosophy. University of Washington Press.
Van Veen, E. B. (2018). Observational health research in Europe: understanding the General Data Protection Regulation and underlying debate. European Journal of Cancer, 104, 70–80. https://doi.org/10.1016/j.ejca.2018.09.032
Vayena, E., & Madoff, L. (2019). Navigating the Ethics of Big Data in Public Health. In A. C. Mastroianni, J. P. Kahn, & N. E. Kass (Eds.), The Oxford Handbook of Public Health Ethics (pp. 354–367). Doi: Oxford University Press. https://doi.org/10.1093/oxfordhb/9780190245191.013.31
Vayena, E., Dzenowagis, J., Brownstein, J. S., & Sheikh, A. (2018). Policy implications of big data in the health sector. Bulletin Of The World Health Organization, 96, 66–68. https://doi.org/10.2471/BLT.17.197426
Wazny, K. (2018). Applications of crowdsourcing in health: an overview. J Glob Health, 8(1). https://doi.org/10.7189/jogh.08.010502
Acknowledgements
The research for this article was in part performed in a project that received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 814177.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Vedder, A., Spajić, D. Moral autonomy of patients and legal barriers to a possible duty of health related data sharing. Ethics Inf Technol 25, 23 (2023). https://doi.org/10.1007/s10676-023-09697-8
Published:
DOI: https://doi.org/10.1007/s10676-023-09697-8