New health law threatens data protection

Information in sensitive health records could be used for better health planning, but opponents argue patients should have greater control over who accesses their files

A storm is brewing over a new executive order which would allow local and regional councils access to sensitive information in people’s health records, such as whether they suffer from sexually transmitted infections or are attending addiction programs.

The executive order is designed to enact an aspect of last year’s health package, in which it was decided that allowing councils “permission to collect and use sensitive information about a patient’s use of health services”, would give them vital information that would allow for better health planning.

But several organisations are critical of the executive order – which has now been sent for public consultation.

“We think the government should repeal the proposal and instead consider the European Commission’s proposal for data reform,” legal expert Anette Høyrup, from consumer council Forbrugerrådet, said. “It will create greater protection of consumer data by allowing them greater control over their information.”

According to Høyrup, data protection should extend further than merely controlling who has access to information. To reduce the risk of abuse, Forbrugerrådet is suggesting that greater protection is added to the physical access of files, rather than leaving it up to council health departments to handle the protection of sensitive information.

Ester Larsen, vice chair of the parliamentary advisory panel Etisk RÃ¥d expressed concern that patient confidentiality is no longer taken seriously. She feared that the proposal would affect the treatment of patients.

“You could easily imagine that some patients suffering from mental health issues or sexually transmitted diseases would choose not to receive treatment in order to prevent having their information shared,” Larsen said. “That’s not the sort of information you want shared with other people.”

The data protection agency, Datatilsynet, did not find the proposal encouraging either.

“We would definitely prefer that this information was not needlessly disseminated to councils and regions,” Datatilsynet head Janni Christoffersen said. “We would rather that sensitive data was only used if it were anonymised. We are not happy with the development, but seeing as parliament has accepted the law, we are now shifting our focus to ensuring that the information is used securely and responsibly.”

But one organisation, the union of patients, Danske Patienter, said that access to the information would allow the health service to offer better value for money.

“But we would rather that the sensitive information would be controlled by a research institute, as they are covered by special rules,” chairman Lars Engberg said. “As an executive order, it’s phrased far too loosely.”

Jonas Dahl, health spokesperson for Socialistisk Folkeparti, said that access to the information would be strictly controlled.

“The ministry is looking at how this can be done intelligently. Nobody wants sensitive information floating about so we have to ensure it is executed in a proper manner.”