data protection and health information
Throughout this report one can see the need to have
comparable information on health and health-related behaviour of the
population, diseases and health systems at European level, in order to enable
solid evidence-based decision making. It is necessary to collect data on
equity, health among population groups such as children, elderly and ethnic
minorities, morbidity and chronic diseases, use of cross-border health
services, and patient safety. In order to satisfy these needs, feasible health
information systems based on individual level data are required.
Data protection issues are the main dilemma with regard to
using person identifiable health data in public health monitoring. Health data
require a high level of protection due to their sensitive nature. On the other
hand, the public interest of health monitoring at population level can be
regarded as overriding the privacy interests of the individual. Data Protection
legislation should reflect this delicate balance between the rights of the
individual and the needs of the society. In a European context, the EU
Directive on Data Protection (Directive 95/46/EC) is of major importance in
this regard (EU, 1995).
Article 8 of the Directive on the processing of sensitive
data (e.g. health data) states that such processing is in general prohibited.
Subsequently, some exemptions to this prohibition are formulated. In the
context of public health monitoring, the first relevant exemption is explicit
consent from the data subject (paragraph 2(a)). The second exemption is given
in paragraph 3: processing of person identifiable health data is allowed where
this processing is required for the purpose of preventive medicine, medical
diagnosis, the provision of care or treatment or the management of health care
services. Thirdly, paragraph 4 states that subject to the provision of suitable
safeguards, Member States may, for reasons of substantial public interest, lay
down additional exemptions either by national law or by decision of the
All EU Member States have transposed Directive 95/46/EC .
Nevertheless, the Network of Competent Authorities (NCA; one of the
implementing structures of the EU Public Health Programme) became aware of
problems in the field of public health monitoring due to data protection
legislation, implying that a harmonised situation had not been reached as yet
in this area. The NCA therefore in 2005 established a Work Group on Data
Protection, which was to study the extent and nature of the problem, and to
develop a statement on the appropriate implementation of the Directive in the
context of public health monitoring.
The Work Group carried out an explorative survey among
public health researchers, data protection experts and the national Data
Protection Offices. This exercise resulted in a (non-exhaustive) overview of
problems encountered in public health monitoring, and of differences between
the different national data protection systems with regard to processing person
identifiable health data for public health purposes. Major problems identified
in the field were the inability to link different databases at subject level,
and the obligation to obtain informed consent from each data subject for the
collection of registered data. For what concerns data protection systems, most
Member States have more or less copied Article 8 as described above, though
there are national Data Protection Acts which have no provisions similar to
paragraphs 3 and/or 4. Despite this seemingly successful transposition, the
survey made clear that the actual possibilities for the use of person
identifiable health data for public health purposes differ to great extents,
implying that there is a lot of confusion on how to interpret the Directive and
the national laws. The Work Group believes that the current situation does not
allow to have a suitable health Information system at European level as
described above. The inability to link different databases at subject level
poses a threat to data quality, as double counting of events cannot be
prevented, and also as people who have died or emigrated cannot be identified.
Moreover, enabling linkage will help governments to develop efficient and
adequate policies through a better identification of risk groups. Recent technical
developments, connecting different sources at subject level via encrypted
communication, are very promising, as they allow for the safe reutilisation of
existing databases. As these new technologies were not foreseen at the time the
Directive was written, the Work Group urges the European Commission to assess
whether the existing legal framework can accommodate the current technical
Most importantly, however, there needs to be guidance on
the interpretation of the Directive, i.e. the (im)possibilities for public
health monitoring following from the Directive need to made clear. Obviously
there is the possibility to obtain explicit informed consent from the data
subjects. However, in a public health context this is very costly and infeasible.
It has indeed been shown that opt-in systems seriously complicate the operation
of registries relying on clinician notification or access to medical records .
More important from an evidence base-point of view, such an approach will,
through selection bias, seriously jeopardise the validity of data which are
supposed to be at population level .
Paragraph 3 of Article 8 might provide a legal basis for
data processing for public health monitoring without explicit consent from all
data subjects. However, the Article 29 Working Party, an independent EU
Advisory Body on Data Protection and Privacy, believes that ‘preventive
medicine, medical diagnosis, the provision of care or treatment or the
management of health-care services’ only refers to individual patient care.
Thus, only paragraph 4 can be used as the basis for public health monitoring .
If this interpretation were to be officially adopted, the Directive in itself
could never result in a harmonized public health field, as it will be up to the
Member States to decide whether and how they want to allow for data processing
for public health purposes. Given this consequence, the Work Group does not
favour such an interpretation of paragraph 3. Moreover, they feel that the
interpretation of the Article 29 Working Party is illogical, as the analyses of
population based data are a necessity for the development of adequate
prevention and management of health care services at individual level..
In any case, clearness is needed and hence the European
Commission is strongly encouraged, in consultation with Member States and other
relevant stakeholders, to come to a recommendation on the interpretation of the
paragraphs of Article 8 of the Directive relevant for public health monitoring.
After all, the Commission is bound by The Treaty (Articles 3p and 152) to
contribute to the attainment of a high level of health protection, to improve
health, to prevent disease, and to obviate sources of danger to health. Without
proper public health monitoring systems at national, and subsequently at
European level, these goals will never be reached.