The processing of data concerning your health is a restriction of your right to privacy. Only certain authorized data users, such as health care providers, may process a person’s medical data. You can learn more about the competent institutions in the Health Services Organisation Act.
About this section
This section is dedicated to the collection, rectification, updating, storage, retention and removal of your medical data. You can also read more about the disclosure and communication of your medical information.
Has my personal data been processed lawfully?
To evaluate whether your medical data has been processed lawfully and whether your privacy has been sufficiently respected, see the questions below. If, in your situation, your answer to one of these questions is negative, your privacy may have been violated. In that case you have the right to complain. Read more about how to complain.
The method for your medical data processing must be allowed by law. You can find a legal basis, for instance, in the Health Services Organisation Act or in the General Data Protection Regulation. If the processing of your data is not allowed by law, the action taken is not legal and your right to private life may have been violated. There is then no need to examine the other questions.
The processing of your medical data has to be aimed at the protection of other legitimate interests. These legitimate interests can, for example, be:
- the protection of your own health
- the protection of public health, namely, the health of other persons
- the allocation of public funds, such as for disability pensions and other financial support in the context of the economic well-being of the country
- medical science
- the prevention, investigation and prosecution of crime etc.
If the processing of your medical data does not serve a legitimate aim, the action taken is not legal and your right to private life may be violated. There is no need to examine the necessity and proportionality of the interference in the use of your medical data.
The method for your medical data processing should be necessary and suitable for the achievement of the legitimate aim. The information required has to be important and relevant.
The following questions should be asked to evaluate the necessity:
a) Is the data excessive in relation to the purposes for which it is being collected and stored?
Medical data should not be excessive in relation to the purposes for which it is being collected and stored and should not be processed further for other purposes that were not initially determined. In such a case, your consent for the subsequent actions is required.
example If proceedings are taken against a doctor due to his/her negligence, the competent authority will collect medical data about the doctor’s patients where they have not been treated according to their state of health. The authority, however, shall only collect the information that is relevant for the proceedings, namely, about the diagnosis and treatment provided by the particular doctor (and not other doctors or institutions) and only for the relevant time period.
b) What is the length of time for which the information is (being) kept?
When the medical data about you which is contained in a database or register is no longer necessary for the achievement of the legitimate aim, this information should be deleted.
example The retention of an individual’s cellular samples and fingerprints is particularly intrusive given the wealth of genetic, identificatory and health information contained therein.
c) Are there other alternative and less restrictive methods available to achieve the legitimate aim?
Both competing interests – your right to private life and the legitimate interests of the state or other persons - have to be balanced against each other, and a fair balance must be found. There have to be sufficient arguments why the interests of others outweighed your rights in the particular case.
The courts would ask the following questions within the balancing process:
a) What is the nature and the amount of the medical information contained in the particular database or register?
For example, cellular samples and DNA have a very highly personal nature. If your data has a particularly sensitive nature and/or is of a large amount, your right to private life has been restricted to a greater extent.
b) What is the range of public authorities and other persons who have access to the stored data?
If the range is relatively broad, your right to private life has been restricted to a greater extent. The institution concerned should ensure that only those persons listed in the law are able to access individuals’ medical data.
c) Are there adequate and effective guarantees against abuse and misuse of your medical data by authorities?
Read more about how to complain and protect yourself in such situations.
Articles 41, 42
Applicable as of 25 May 2018
Recital 35, 53, 63; Articles 4 (15), 6, 9 and 12-15
29 April 2014
17 July 2008
25 February 1997
4 December 2008
28 April 2009
4 June 2013
18 April 2013
9 July 1991
Joint publication by the the EU Agency for Fundamental Rights and the Council of Europe