For best experience please turn on javascript and use a modern browser!
You are using a browser that is no longer supported by Microsoft. Please upgrade your browser. The site may not present itself correctly if you continue browsing.
uva.nl
Law Centre for Health and Life LHCL

Corrette Ploem on privacy protection and control of data in healthcare

19 January 2024

While our medical data has always been important for healthcare delivery and scientific research, the rise of AI and other new technologies, such as health apps and the latest DNA-techniques, has made that role much greater. At the Association for Health Law's Autumn 2023 meeting, Corrette Ploem, of the Law Centre for Health and Life, underlined the importance of privacy protection and control in relation to the ever-increasing data sharing within healthcare, especially now that the European Union seems to be placing particular emphasis on the importance of data sharing for technology development.

European Health Data Space

The EU has ambitious plans for data sharing. It is currently working on a European Health Data Space (EHDS): a secure and interoperable digital space for sharing and using health data. The EU hopes to reach an agreement on this in the first quarter of 2024. At the heart of the plan is that hospitals and other healthcare institutions will be required to make patient data available through the EHDS so that it can be accessed from any member state for care, research and policy. Remarkably, in the original version of the EHDS, patients had no say at all about such availability; under pressure from the European Parliament and others, they can now at least 'object' to the sharing of their data. 

Data protection in the Netherlands

In her presentation, Ploem stressed the importance of having as much say as possible and clear legislation anchoring it. Preferably, she argued, patients' say on what happens to their health data should be regulated in one central law.  

I am thinking in particular of the WGBO, the regulation in the Civil Code that formulates the duties of the care provider and the rights of the patient. Corrette Ploem

In her plea for control over one's own data, Ploem referred to its foundations: professional secrecy and the right to protection of informational privacy. She also pointed to the need for self-regulation.   

Legislation provides the formal frameworks within which considerations must be made by doctors and other healthcare professionals. These frameworks, as mentioned, are important, but certainly not sufficient. To bring legislation 'to life' in practice, concrete ground rules and guidelines are needed. Corrette Ploem

Finally, Ploem also raised the point that there can be no question of absolute control over one's own data. Of course, other values within society also need protection, such as that of generating new knowledge and insights within medicine. But nevertheless, institutions and healthcare providers have a 'duty of effort' to give patients as much say as possible within the frameworks of law and self-regulation.

You do not win people's trust by relativising control over their own data in the light of the importance of, for example, knowledge generation through research; rather, you win trust by recognising the importance of control and shaping it as well as possible. Corrette Ploem
Prof. mr. M.C. (Corrette) Ploem

Faculty of Law

Gezondheidsrecht

m.c.ploem@uva.nl