In a recent report released by the law firm Bech-Bruun on personal data protection, it was revealed that a large group of IT employees in the US have access to personal health records of patients in Denmark via the Health Platform.
The Health Platform
The Health Platform is an e-journal documenting the health records of patients that serves as a point of reference for doctors to treat many illnesses and diseases, as well as resolving critical cases.
Commissioned by the Danish Capital and Zealand regions, the report specified that records from the Health Platform are currently available to the support staff at Epic, a company that fulfills a similar purpose in the US and UK as the Health Platform in Denmark.
The report highlights that “the transfer of personal data to other countries” involves a great threat to the nation’s privacy and security.
Pia Kopke, the Capital’s deputy director of IT, medico and telephony, confirmed the news but added that the access being given is limited and that only a select few Epic employees can see the entire data.
“[The report] shows that the Health Platform poses a significant risk to patients and also the employees’ privacy,” said Thomas Ploug, a medical ethics professor at Aalborg University.
“In Denmark, health data is protected by EU data protection regulations. The problem with personal health information being sent to the United States is that there are not the same controls and sanctions as there once was,” commented Kent Kristenses, a health professor at the University of Southern Denmark.
An investigation into the case has been initiated by the Data Inspectorate.