Free movement of health data and data protection implications

25.08.2017

On 21st August 2017 the European Commission published responses to the question regarding the free movement of data in the EU including health data.
Notwithstanding the principals of free movement within the European Union, there are still examples of local restrictions on cross-border movement of data, particularly in the life sciences and healthcare sectors, and in response to a question within the European Parliament on how free movement will be generated the European Commission has published their response.
A member of the European Parliament had noted that “a major milestone for the EU would be to create a digital single market based on the free flow of data within Europe”, adding that “there is a need to safeguard the security of this data and to secure the users trust in e-services”. The European Commission responded by stating that the current Data Protection Framework in the EU and the new General Data Protection Regulation (GDPR) focus only on personal data and not non-personal information and further that there are still many laws on a Member State basis that restrict the movement of certain types of data including personal data.
The European Commission confirmed that having carried out research into restrictions on the free movements of data it is recognised that such obstacles are outdated and disproportionate regulatory requirements.
The European Commission is working with Member States to ensure that citizens can transfer their basic medical information electronically when receiving treatment in another Member State and use e-prescriptions to get their medication dispensed. The European Commission intends to adopt a communication in 2017 addressing the need and scope for further measures in the area of digital health and care in line with the GDPR and other legislation on patients’ rights and e-identification.
Finally as regards the general lack of trust in the use of e-services, especially across National borders due to cyber security concerns, the European Commission indicated that it is working on a cyber security package to be proposed in September 2017 to address the risks due to cyber-attacks and to increase confidence and trust in the digital economy.

Robert Bond

Related Articles