scholarly journals Public administration’s challenges in order to guarantee the fundamental right of personal data protection in the post-COVID-19 era

2020 ◽  
Vol 7 (1) ◽  
pp. 167-192
Author(s):  
José Luis Dominguez Alvarez
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Health Data ◽  
Essential Elements ◽  
Economic Changes ◽  
Digital Rights ◽  
Personal Data Protection ◽  
Health Authorities ◽  
Technological Tools ◽  
Harmful Effects

The irruption of COVID-19 has led to a multitude of deep-seated transformations, which go beyond the purely sanitary sphere, leading to major socio-economic changes, among which the evolution of traditional forms of administrative intervention or the empowerment and/or acceleration of the advances derived from the digital (re)volution stand out for their extraordinary importance. Thereby, in recent months we have witnessed the implementation of numerous initiatives aimed to alleviate the harmful effects of the pandemic by developing technological tools based on processing categories of specially protected personal data, such as health data, which raises important questions from the perspective of privacy and digital rights. The aim of this study is to carry out a detailed analysis of some essential elements, necessary to achieve the difficult balance between the promotion of technological instruments that contribute to control the effects of COVID-19 increasing the resources available to health authorities, and safeguarding the fundamental right of personal data protection.

scholarly journals Impact of the European General Data Protection Regulation (GDPR) on Health Data Management in a European Union Candidate Country: A Case Study of Serbia (Preprint)

2019 ◽  
Author(s):  
Branko Marovic ◽  
Vasa Curcin
Keyword(s):  
European Union ◽  
Health System ◽  
Data Protection ◽  
Personal Data ◽  
Health Data ◽  
Candidate Country ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
General Data ◽  
The Eu

UNSTRUCTURED As of May 2018, all relevant institutions within member countries of the European Economic Area are required to comply with the European General Data Protection Regulation (GDPR) or face significant fines. This regulation has also had a notable effect on the European Union (EU) candidate countries, which are undergoing the process of harmonizing their legislature with the EU as part of the accession process. The Republic of Serbia is an example of such a candidate country, and its 2018 Personal Data Protection Act mirrors the majority of provisions in the GDPR. This paper presents the impact of the GDPR on health data management and Serbia’s capability to conduct international health data research projects. Data protection incidents reported in Serbia are explored to identify common underlying causes using a novel taxonomy of contributing factors across aspects and health system levels. The GDPR has an extraterritorial application for the non-EU data controllers who process the data of EU citizens and residents, which mainly affects private practices used by medical tourists from the EU, public health care institutions frequented by foreigners, as well as expatriates, dual citizens, tourists, and other visitors. Serbia generally does not have well-established procedures to support international research collaborations around its health data. For smaller projects, contractual arrangements can be made with health data providers and their ethics committees. Even then, organizations that have not previously participated in similar ventures may require approval or support from health authorities. Extensive studies that involve multisite data typically require the support of central health system institutions and relevant research data aggregators or electronic health record vendors. The lack of a framework for preparation, anonymization, and assurance of privacy preservation forces researchers to rely heavily on local expertise and support. Given the current limitation and potential issues with the legislation, it remains to be seen whether the move toward the GDPR will be beneficial for the Serbian health system, medical research, protection of personal data and privacy rights, and research capacity. Although significant progress has been made so far, a strategic approach is needed at the national level to address insufficient resources in the area of data protection and develop the personal data protection environment further. This will also require a targeted educational effort among health workers and decision makers, aiming to improve awareness and develop skills and knowledge necessary for the workforce.

La cesión de datos de salud fuera del ámbito sanitario. Análisis de supuestos concretos en que la información sanitaria se transmite para el cumplimiento de fines distintos al de la protección de la salud de las personas

2011 ◽  
pp. 17-101
Author(s):  
Unai ABERASTURI GORRIÑO ◽  
Iñaki LASAGABASTER HERRARTE
Keyword(s):  
Health Care ◽  
Data Protection ◽  
Personal Data ◽  
Health Data ◽  
Personal Data Protection ◽  
Joint Interpretation ◽  
Health Care Legislation

LABURPENA: Osasunari buruzko datuak transmititzeko modurik ohikoena datuen lagapena edo komunikazioa da. Datuak hertsiki osasunaren alorrean transmititzen direneko kasuak alde batera utzita, osasunari buruzko datuak beste alor batzuetara ere transmiti daitezke. Hainbat arauren interpretaziotik abiatuta ondoriozta daitekeenez, zenbait kasutan posible da datuak tratatzeko ohiko tokitik ateratzea, beste interes batzuk asetze aldera. Askotan, hainbat instantzietan zalantzan jarri dute zer kasutan eta zer baldintzatan transmiti daitezkeen osasunari buruzko datuak osasunaren alorretik kanpo. Zalantza horiek argitzeko, beharrezkoa da osasunari buruzko arautegira, datu pertsonalak babesten dituenera eta askotariko gaiak erregulatzen dituen sektoreko arauetara jotzea. RESUMEN: La fórmula más común de transmitir los datos de salud la constituye la cesión o comunicación de datos. Dejando a un lado los supuestos en que los datos se transmiten dentro del ámbito estrictamente sanitario, los datos de salud pueden cederse fuera de este entorno. Partiendo de una interpretación conjunta de diferentes normas puede llegarse a la conclusión de que en determinados casos es posible sacar los datos sanitarios de su lugar común de manipulación con el fin de satisfacer otros intereses. Muchas veces se ha cuestionado desde diversas instancias en qué casos y cumpliendo qué condiciones pueden transmitirse los datos de salud fuera del ámbito estrictamente sanitario. Será necesario atender a la normativa sanitaria, a la reguladora de la protección de los datos de carácter personal y a determinada normativa sectorial dedicada a regular aspectos muy variados para tratar de resolver las citadas interrogantes. ABSTRACT: The most common way of transfer of health data is the assignment or communication of data. Leaving aside those cases where data are transfered within a strictly confined health care sphere, the data on health can be transfered beyond that area. From a joint interpretation of several provisions we can come to the conclusion that in some specific cases data on health can be extracted from its common place for the purpose of meeting other different interests. It has many times been questioned by different instances in which cases and meeting which criteria data on health might be transferred beyond the strictly health case sphere. It will be necessary to pay attention to the health care legislation, to the legislation on personal data protection and to some sectorial rules devoted to regulate a variety of aspects so as to solve the aforementioned questions.

DIGITAL RIGHTS — NEW GENERATION OF HUMAN RIGHTS?

2019 ◽  
Vol 14 (5) ◽  
pp. 141-167
Author(s):  
NATALIA V. VARLAMOVA
Keyword(s):  
Human Rights ◽  
Latin American ◽  
Data Protection ◽  
Personal Data ◽  
Right To Privacy ◽  
Digital Rights ◽  
Personal Data Protection ◽  
The Right To Privacy ◽  
Right To Be Forgotten ◽  
The Right

Among the digital rights, besides the right for internet access that was the subject of consideration in the first part of the article, there are also a right to per-so nal data protection and a right to be forgotten (right to erasure).The right to personal data protection is usually enshrined at the supranational and national levels and is protected by the courts as an aspect of the right to privacy. As an independent fundamental right of a constitutional nature the right to personal data protection is enshrined in EU law. Nevertheless, all attempts to doctrinally justify the existence of certain aspects of this right, beyond the claims to the right to privacy, can not be considered successful. The Court of Justice of the EU, while dealing with the relevant cases in order to determine whether certain methods of processing personal data are legitimate, also refers to the right to privacy, considering these rights to be closely interrelated. The right to personal data protection provides additional (including procedural) guarantees of respect for privacy, human dignity and some other rights, but the purpose of these guarantees is precisely the content of the providing rights. The right to be forgotten (right to erasure) is one of the positive obligations with regard to the personal data protection. This right implies correction, deletion or termination of the processing of personal data at the request of their subject in the presence of a reason for this (when the relevant actions are carried out in violation of the principles of data processing or provisions of the legislation). Analogs of this right are the Latin American orders of habeas data, as well as the right of a person to demand the refutation of information discrediting his honor, dignity and business reputation, in case of their inconsistency with reality under civil law and the legislation on mass media. In digital age the importance of this right is increased by the fact that information posted on the Internet remains easily accessible for an indefinite, almost unlimited, time.This caused the extension of the right to be forgotten to information that is consistent to reality, but has lost its relevance and significance, however, continues to have an adverse impact on the reputation of the person concerned. At the same time, the realization of the right to be forgotten in respect of information posted online is connected with a number of technical problems that require legal solutions.In general, digitalization does not create new human rights of a fundamentally different legal nature. It only actualizes or smooths certain aspects of long-recognized rights, transfers their operation into the virtual space, creates new opportunities for their realization and generates new threats to them. Ensuring human rights in modern conditions involves the search for adequate legal solutions, taking into account the opportunities and limitations generated by digital technologies.

scholarly journals EL CONSENTIMIENTO PARA TRATAMIENTO DE DATOS PERSONALES DE SALUD EN TIEMPOS DEL COVID-19

2020 ◽  
pp. 145-164
Author(s):  
RAÚL VÁSQUEZ RODRÍGUEZ
Keyword(s):  
Data Processing ◽  
Data Protection ◽  
Personal Data ◽  
Emergency Situation ◽  
Health Data ◽  
Fundamental Rights ◽  
Health Protection ◽  
Personal Health ◽  
Constitutional Development ◽  
Personal Data Protection

El presente artículo se centra en la interacción entre los derechos fundamentales a la protección de los datos personales y a la protección de la salud, en el marco de la lucha contra el covid-19 en el Perú. Se inicia el estudio con el desarrollo constitucional de tales derechos, para luego revisar sus respectivas normas legales, teniendo como objetivo esclarecer una de las herramientas básicas que permiten superar los conflictos que se presenten entre ambos en la presente circunstancia de emergencia nacional por el covid-19, concerniente al consentimiento para el tratamiento de datos personales. Adicionalmente, se estudiarán dos casos de tratamiento de datos personales en acciones de prevención del covid-19, que evidencian la pacífica coexistencia entre los derechos constitucionales y los intereses surgidos de la actual situación sanitaria. This paper focuses on interaction between fundamental rights of personal data protection and health protection, in the frame of fighting against covid-19 in Peru. This research begins with constitutional development of those rights, in order to review their related laws, having like an objective clarifying one of their basic legal resources which allow overcome any struggling between those rights during the current emergency state due to covid-19, related to c onsent for personal health data processing. In addition, twocases of personal data processing in preventing covid-19 actions will be studied, which show a peaceful interaction between aforementioned rights and interests arising from current emergency situation.

scholarly journals Impact of the European General Data Protection Regulation (GDPR) on Health Data Management in a European Union Candidate Country: A Case Study of Serbia

10.2196/14604 ◽  
2020 ◽  
Vol 8 (4) ◽  
pp. e14604 ◽  
Author(s):  
Branko Marovic ◽  
Vasa Curcin
Keyword(s):  
European Union ◽  
Health System ◽  
Data Protection ◽  
Personal Data ◽  
Health Data ◽  
Candidate Country ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
General Data ◽  
The Eu

As of May 2018, all relevant institutions within member countries of the European Economic Area are required to comply with the European General Data Protection Regulation (GDPR) or face significant fines. This regulation has also had a notable effect on the European Union (EU) candidate countries, which are undergoing the process of harmonizing their legislature with the EU as part of the accession process. The Republic of Serbia is an example of such a candidate country, and its 2018 Personal Data Protection Act mirrors the majority of provisions in the GDPR. This paper presents the impact of the GDPR on health data management and Serbia’s capability to conduct international health data research projects. Data protection incidents reported in Serbia are explored to identify common underlying causes using a novel taxonomy of contributing factors across aspects and health system levels. The GDPR has an extraterritorial application for the non-EU data controllers who process the data of EU citizens and residents, which mainly affects private practices used by medical tourists from the EU, public health care institutions frequented by foreigners, as well as expatriates, dual citizens, tourists, and other visitors. Serbia generally does not have well-established procedures to support international research collaborations around its health data. For smaller projects, contractual arrangements can be made with health data providers and their ethics committees. Even then, organizations that have not previously participated in similar ventures may require approval or support from health authorities. Extensive studies that involve multisite data typically require the support of central health system institutions and relevant research data aggregators or electronic health record vendors. The lack of a framework for preparation, anonymization, and assurance of privacy preservation forces researchers to rely heavily on local expertise and support. Given the current limitation and potential issues with the legislation, it remains to be seen whether the move toward the GDPR will be beneficial for the Serbian health system, medical research, protection of personal data and privacy rights, and research capacity. Although significant progress has been made so far, a strategic approach is needed at the national level to address insufficient resources in the area of data protection and develop the personal data protection environment further. This will also require a targeted educational effort among health workers and decision makers, aiming to improve awareness and develop skills and knowledge necessary for the workforce.

Importance of Personal Data Protection Law for Commercial Air Transport

2017 ◽  
Vol 2017 (1) ◽  
pp. 35-44
Author(s):  
Dawid Zadura
Keyword(s):  
Data Protection ◽  
Public Information ◽  
Personal Data ◽  
Air Transport ◽  
Civil Aviation ◽  
Aviation Industry ◽  
Personal Data Protection ◽  
It Systems ◽  
Data Protection Law ◽  
The Law

Abstract In the review below the author presents a general overview of the selected contemporary legal issues related to the present growth of the aviation industry and the development of aviation technologies. The review is focused on the questions at the intersection of aviation law and personal data protection law. Massive processing of passenger data (Passenger Name Record, PNR) in IT systems is a daily activity for the contemporary aviation industry. Simultaneously, since the mid- 1990s we can observe the rapid growth of personal data protection law as a very new branch of the law. The importance of this new branch of the law for the aviation industry is however still questionable and unclear. This article includes the summary of the author’s own research conducted between 2011 and 2017, in particular his audits in LOT Polish Airlines (June 2011-April 2013) and Lublin Airport (July - September 2013) and the author’s analyses of public information shared by International Civil Aviation Organization (ICAO), International Air Transport Association (IATA), Association of European Airlines (AEA), Civil Aviation Authority (ULC) and (GIODO). The purpose of the author’s research was to determine the applicability of the implementation of technical and organizational measures established by personal data protection law in aviation industry entities.

Problems of establishment and development of the Institution of personal data protection in the Russian Federation: historical-legal aspect

2020 ◽  
pp. 28-35
Author(s):  
Yanis Arturovich Sekste ◽  
Anna Sergeevna Markevich
Keyword(s):  
Russian Federation ◽  
Data Protection ◽  
Information Technologies ◽  
Legal Aspect ◽  
Personal Data ◽  
Legal Regulation ◽  
Private Life ◽  
Russian Society ◽  
Personal Data Protection ◽  
The Russian Federation

The subject of this research is the problems emerging in the process of establishment and development of the Institution of personal data protection in the Russian Federation. Special attention is turned to the comparison of Soviet and Western models of protection of private life and personal data. The authors used interdisciplinary approach, as comprehensive and coherent understanding of socio-legal institution of personal data protection in the Russian Federation is only possible in inseparable connection with examination of peculiarities of the key historical stages in legal regulation of private life of the citizen. After dissolution of the Soviet political and legal system, the primary task of Russian law consisted in development and legal formalization of the institution of protection of human and civil rights and freedoms, first and foremost by means of restricting invasion of privacy by the state and enjoyment of personal freedom. It is concluded that the peculiarities of development of the new Russian political and legal model significantly impacted the formation of the institution of personal data protection in the Russian Federation. The authors believe that the Russian legislator and competent government branches are not always capable to manage the entire information flow of personal data; therefore, one of the priority tasks in modern Russian society is the permanent analysis and constant monitoring of the development of information technologies.

Sign in / Sign up

Export Citation Format

Share Document