Abstract
This chapter provides an overview of the most important issues surrounding the data protection in the context of personalised medicine. It analyses the existing regulatory framework at EU level and interpretations provided in the relevant judgments of the Court of Justice of the EU. It proceeds with identifying the potential gaps and challenges, especially concerning the application of eHealth system.
In order to be able to offer each of our patients a course of treatment perfectly adapted to his illness and to himself, we try to obtain a complete, objective idea of his case; we gather together in a file of his own all the information we have about him.
(Sournia 1962)
Author “Nada Bodiroga Vukobrat” is deceased at the time of publication.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Joined cases C-92/09 (Volker und Markus Schecke GbR) and C-93/09 (Hartmut Eifert) v Land Hessen, EU:C:2010:662.
- 2.
Joined cases C-293/12 and C-594/12, Digital Rights Ireland Ltd v Minister for Communications, Marine and Natural Resources and Others and Kärntner Landesregierung and Others, EU:C:2014:238.
- 3.
Case C-362/14, Maximillian Schrems v Data Protection Commissioner, EU:C:2015:650.
- 4.
Case C-212/13, František Ryneš v Úřad pro ochranu osobních údajů, EU:C:2014:2428.
- 5.
Case C-212/13, Ryneš, para. 29.
- 6.
Case T-343/13, CN v European Parliament, T-343/13, EU:C:2015:926.
- 7.
S. and Marper v. the United Kingdom, ECHR App. No. 30562/04 and 30566/04, Judgment of 4.12.2008; see more in Horak and Bodiroga-Vukobrat (2017).
- 8.
Treaty of Lisbon amending the Treaty on the European Union and the Treaty Establishing the European Community, OJ C 306 of 17 December 2007, for the latest consolidated version thereof see Consolidated versions of the Treaty on European Union and the Treaty on the Functioning of the European Union, OJ C 202, 7.6.2016; Charter of Fundamental Rights of the European Union, OJ C 202, 7.6.2016.
- 9.
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, OJ L 281, 23.11.1995, p. 31 and Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ L 201, 31.7.2002, p. 37.
- 10.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.5.2016.
- 11.
Article 29 Data Protection Working Party (2017) Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679 (wp248rev.01) (hereinafter: DPIA Guidelines), adopted on 4 April 2017, http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=611236, pp. 10–18.
- 12.
DPIA Guidelines (2017), pp. 10–18.
- 13.
Cases C-158/96, Raymond Kohll v Union des caisses de maladie, EU:C:1998:171; C-120/95, Nicolas Decker v Caisse de maladie des employés privés, EU:C:1998:167; C-368/98, Abdon Vanbraekel and Others v Alliance nationale des mutualités chrétiennes (ANMC), EU:C:2001:400; C-157/99, B.S.M. Geraets-Smits v Stichting Ziekenfonds VGZ and H.T.M. Peerbooms v Stichting CZ Groep Zorgverzekeringen, EU:C:2001:404; C-385/99, V.G. Müller-Fauré v Onderlinge Waarborgmaatschappij OZ Zorgverzekeringen UA and E.E.M. van Riet v Onderlinge Waarborgmaatschappij ZAO Zorgverzekeringen, EU:C:2003:270; C-372/04, The Queen, on the application of Yvonne Watts v Bedford Primary Care Trust and Secretary of State for Health, EU:C:2006:325; C-173/09, Georgi Ivanov Elchinov v Natsionalna zdravnoosiguritelna kasa, EU:C:2010:581.
- 14.
Mileu Ltd. – Time.lex (2014) Overview of the national laws on electronic health records in the EU Member States and their interaction with the provision of cross-border eHealth services. Final report and recommendations, http://ec.europa.eu/health/ehealth/docs/laws_report_recommendations_en.pdf.
- 15.
Commission Implementing Decision of 22 December 2011 providing the rules for the establishment, the management and the functioning of the network of national responsible authorities on eHealth (2011/890/EU), OJ L 344, 28.12.2011.
- 16.
The 2008 Commission recommendation on cross-border interoperability of electronic health record systems defines the terms ‘electronic health record’ as “a comprehensive medical record or similar documentation of the past and present physical and mental state of health of an individual in electronic form, and providing for ready availability of these data for medical treatment and other closely related purposes”;
‘electronic health record system’ as a system for recording, retrieving and manipulating information in electronic health records; and
‘patient’s summary, emergency data set, medication record’ as subsets of electronic health records that contain information for a particular application and particular purpose of use, such as an unscheduled care event or ePrescription. See European Commission (2008).
- 17.
Under the 2008 Commission recommendation on cross-border interoperability of electronic health record systems stakeholders include patients, defined as any natural person who receives or wishes to receive health care in a Member State; and
health professionals, a term which includes a doctor of medicine or a nurse responsible for general care or a dental practitioner or a midwife or a pharmacist within the meaning of Directive 2005/36/EC of the European Parliament and of the Council of 7 September 2005 on the recognition of professional qualifications or another professional exercising activities in the healthcare sector which are restricted to a regulated profession as defined in Article 3(1)(a) of Directive 2005/36/EC; and medical service too. See more about stakeholders in Hartlev (2007, p. 167).
References
Balint M (1957) The doctor, his patient and the illness. Pitman Medical, London
Bensing J (1991) Doctor-patient communication and the quality of care. Soc Sci Med 32(11):1301–1310
Bodiroga-Vukobrat N, Horak H (2016) Challenges of personalised medicine: socio-legal disputes and possible solutions. In: Bodiroga-Vukobrat N, Rukavina D, Pavelić K, Sander GG (eds) Personalized medicine: a new medical and social challenge. Springer, pp 31–53
Buttarelli G (2015) Data protection as a bulwark for digital democracy. Keynote speech at the 6th International e-Democracy 2015 Conference on Citizen rights in the world of the new computing paradigms, Athens, December 10, 2015. https://edps.europa.eu/sites/edp/files/publication/15-12-10_edemocracy_en.pdf
Buttarelli G (2016) A New Year, a new chapter, New Europe, January 4, 2016. https://www.neweurope.eu/article/a-new-year-a-new-chapter/
European Commission (2008) Commission recommendation on cross-border interoperability of electronic health record systems (C(2008) 3282), OJ L 190, 18.7.2008
European Commission (2012) eHealth Action Plan 2012–2020: innovative care for the 21st century. https://ec.europa.eu/digital-single-market/en/news/ehealth-action-plan-2012-2020-innovative-healthcare-21st-century
European Commission (2015) Communication from the Commission to the European Parliament and the Council on the Transfer of Personal Data from the EU to the United States of America under Directive 95/46/EC following the Judgment by the Court of Justice in Case C-362/14 (Schrems), COM(2015) 566 final, Bruxelles, 6.11.2015
Hartlev M (2007) Striking the right balance: patient’s rights and opposing interests with regard to health information. Eur J Health Law 14(2):165–176
Horak H, Bodiroga-Vukobrat N (2017) Can we protect data in digital economy: reality or myth? 4th International Multidisciplinary Scientific Conference on Social Sciences and Arts SGEM 2017, Conference Proceedings, pp 381–386
Robin DiMatteo M (1979) A social-psychological analysis of physician-patient rapport: toward a science of the art of medicine. J Soc Issues 35(1):12–33
Robin DiMatteo M, Taranta A, Friedman HS, Prince LM (1980) Predicting patient satisfaction from physicians’ nonverbal communication skills. Med Care 18(4):376–387
Rynning E (2007) Public trust and privacy in shared electronic health record. Eur J Health Law 14(2):105–112
Siegler M (1985) The progression of medicine: from physician paternalism to patient autonomy to bureaucratic parsimony. Arch Intern Med 145(4):713–715
Sournia J-C (1962) Logique et morale du diagnostic. Gallimard, Paris
White Kerr L (1988) The task of medicine. Dialogue at Wickenburg, The Henry J. Kaiser Family Foundation, Menlo Park
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Vukobrat, N.B., Horak, H. (2019). Patient–Doctor Relationship: Data Protection in the Context of Personalised Medicine. In: Bodiroga-Vukobrat, N., Rukavina, D., Pavelić, K., Sander, G.G. (eds) Personalized Medicine in Healthcare Systems. Europeanization and Globalization, vol 5. Springer, Cham. https://doi.org/10.1007/978-3-030-16465-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-16465-2_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16464-5
Online ISBN: 978-3-030-16465-2
eBook Packages: Law and CriminologyLaw and Criminology (R0)