Health and Technology

, Volume 7, Issue 4, pp 401–413 | Cite as

The processing of health information- protecting the individual right to privacy through effective legal remedies

  • Björg ThorarensenEmail author
Original Paper
Part of the following topical collections:
  1. Privacy and Security of Medical Information


The right to privacy generally belongs to constitutionally protected rights and is listed with fundamental human rights in international human rights instruments. Personal health information is particularly important element of private life, and health data is defined and accepted as sensitive personal data. Modern computer and information technology is capable of processing enormous amounts of data concerning health, which entails a growing risk of violations of privacy by both public authorities and private entities. This article addresses the concept of privacy, as a legal term and a human right, and judicial remedies to enforce the right before national authorities. Whereas no single comprehensive federal law exists in the US for instance, regulating the collection and use of personal data, European states have adopted an extensive regulatory framework on the issue. The European Court of Human Rights in Strasbourg has repeatedly confirmed that information about a person’s health is an important element of one’s private life. Accordingly, processing of health information is an interference with the right to privacy, which may however be justified with a reference to public interests such as scientific research, subject to certain legal requirements. Finding a fair balance between the competing public and private interests is a complicated task. A case study will be made of Iceland, where the European treaties and regulations on protection of personal data have been implemented into domestic law. The Icelandic courts have resolved questions related to processing of health data and violations of privacy, and inter alia declared unconstitutional, legislation on the establishment of a centralised health sector database. This illustrates how legislation, accompanied with effective individual access to the courts, may offer legal reliefs to individuals claiming violation of their right to privacy.


Privacy Human rights law Data protection law Health data Enforcement of privacy rights Legal remedies 


Compliance with ethical standards

Conflict of interest

The author declares that she has no conflict of interest.


There is no funding source.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.


  1. 1.
    Rehof LA. Article 12. In: Alfredsson G, Eide A, editors. The universal declaration of human rights. A common standard of achievement. Leiden: Martinus Nijhoff Publishers; 1999.Google Scholar
  2. 2.
    Mathews R. On protecting & preserving personal privacy in interoperable global healthcare venues. Heal Technol. 2016;6:53–73.CrossRefGoogle Scholar
  3. 3.
    Warby M, Moreham N and Christie I. In: Tugendhat and Christie I, editors. The law of privacy and the media. Second edition. Oxford: Oxford University Press; 2011. p 112–113.Google Scholar
  4. 4.
    Joseph S, Schultz J and Castan M. The international covenant on civil and political rights. Cases, materials and commentary. Second ed. Oxford: Oxford University Press 2004, 476–477.Google Scholar
  5. 5.
    Rainey B, Wicks E, Ovey C. Jacobs, White & Ovey. The European Convention on Human Rights. Sixth ed. Oxford: Oxford University Press; 2014. p. 362–3.CrossRefGoogle Scholar
  6. 6.
    Xenos D. The positive obligations of the state under the European convention of human rights, vol. 12. New York: Routlegde; 2012.Google Scholar
  7. 7.
    Tomás Gómez-Arostegui H. Defining private life under the European Convention on Human Rights by referring to reasonable expectations. Cal W Int Law J. 2005;35(2):155. Available at SSRN: Google Scholar
  8. 8.
    Kindt EJ. Privacy and data protection issues of biometric applications: a comparative legal analysis. Dordrecht: Springer Netherlands; 2013. p. 90–2.CrossRefGoogle Scholar
  9. 9.
    Hustinx P. EU Data Protection Law: The Review of Directive 95/46/EC and the Proposed General Data Protection Regulation. 2014, 34. Available at
  10. 10.
    Blume P. Protection of informational privacy. Copenhagen: DJØF Publishing; 2002. p. 91.Google Scholar
  11. 11.
    Blume P. Protection of informational privacy. Copenhagen: DJØF Publishing; 2002. p. 92.Google Scholar
  12. 12.
    Thorhallsson B, Thorarensen B. Iceland’s democratic challenges and human rights implications. In: Carey HF, editor. European institutions, democratization and human rights protection in the European periphery. Lanham: Lexington Books; 2014. p. 225.Google Scholar
  13. 13.
    Thorarensen B. Stjórnskipunarréttur. Mannréttindi [Constitutional Law. Human Rights]. Churchill Way: Codex Publishing; 2008. p. 294.Google Scholar
  14. 14.
    Althingistidindi [Parliamentary Reports] 1999–2000, A, doc.1360.Google Scholar
  15. 15.
    Thorarensen B. Judicial control over Althingi. Altered balance of powers in the constitutional system. Icelandic Review of Politics & Administration. 2016;12(1):23–46.CrossRefGoogle Scholar

Copyright information

© IUPESM and Springer-Verlag Berlin Heidelberg 2017

Authors and Affiliations

  1. 1.Constitutional Law and International Human Rights Law, Faculty of LawUniversity of IcelandReykjavíkIceland

Personalised recommendations