When receiving cross-border healthcare, be sure to record all medical procedures, examinations, medical history and results you receive from a healthcare professional in an EU/ EEA country to ensure continuity of treatment. Regulation (EU) 2016/679 (GDPR) provides more rights to citizens to be better informed about the use made of their personal data, and gives clear responsibilities to people and entities using personal data.
When you are treated in any EU/EEA member state, your healthcare provider must make a medical record of the treatment provided. As a patient, you have the right to a copy of the medical record in order to ensure continuity of care and be treated by a doctor of your choice, also if you continue treatment in another member state. You are entitled to access your personal health data i.e. information on diagnoses, medical test results, evaluations of attending doctors and any treatment or surgical operation you have undergone.
New technologies are offering a wealth of opportunities to collect, use and share health data more efficiently, e.g. to empower patients in managing their diseases, for research, and to improve the quality, safety, and efficiency of healthcare systems. But they pose new challenges for privacy and data security. In May 2016, the European Union adopted a new Regulation (EU) 2016/679 (GDPR) on the protection of personal data. The Regulation provides more rights to citizens to be better informed about the use made of their personal data, and gives clearer responsibilities to people and entities using personal data.
Patients’ fundamental right to protection of their health data is an important issue in diverse contexts such as healthcare, including care given through eHealth or in a cross-border healthcare context, and research (clinical trials, clinical investigations, epidemiological research, patient registries…).
On the one hand, health and genetic data belong to the category of ‘sensitive data’, and benefit from additional protection in EU law. Unauthorized disclosure of personal health information could negatively impact on an individual patient’s personal and professional life.
On the other hand, the processing of health data is fundamental for the good functioning of healthcare services, for patients’ safety, and to advance research and improve public health. Patients’ organizations are also gathering and using patients’ data in their advocacy or research activities. So being able to use patients’ personal data is sometimes important to advance research, healthcare practices or patients’ rights.
Find out more about what GDPR means to patients here.