Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde w w w . e l s e v i e r . p t / r p s p
Original
Article
Health
data
privacy
and
confidentiality
rights:
Crisis
or
redemption?
Paula
Lobato
de
Faria
∗,
João
Valente
Cordeiro
EscolaNacionaldeSaúdePúblicadaUniversidadeNOVAdeLisboaandCentrodeEstudosdeSociologiadaUniversidadeNovadeLisboa, Lisboa,Portugal
a
r
t
i
c
l
e
i
n
f
o
Articlehistory: Received31July2014 Accepted15October2014 Availableonlinexxx Keywords: Righttoprivacy Righttoconfidentiality HealthdataHealthdataprotectionandsecurity Patient’srights
Europeandataprotectionlaw
a
b
s
t
r
a
c
t
Althoughwidelyanalyzedbyauthorsandtheoreticallyvaluedbythepublic,therightto healthdataconfidentialityseemstobemoreofanacademicfigurethanarealprotected right. This happens duetointrinsic problems withthe practicalenforcement ofsome patient’srights,butisgettingmorenotoriousincontemporarysociety.
Thisarticledescribestherightstohealthdataprivacyandconfidentialityinitsclassical contours,focusingonareasofconsensusandcontroversyandanalyzingtherecent trans-formationsinsocietythatarecausingacrisisinthesesamerights.Weagreethatthereare reasonstobelievethattherearenonovellegalinstrumentsinHealthLawtoredeemthese rights,exceptforEuropeanDataProtectionLaw.Here,webrieflyanalyzethenewEuropean dataprotectiondraftregulation,whichintendstobringreinforcedtoolsonthisdomain.
Weconcludethatthejuridicalaurathatstillembracestherighttomedicalandgenetic dataconfidentialityinHealthLawandBioethicsseemsnolongertohaveapracticalsense. Inordertoassurethepracticalexistenceofprivacyandconfidentialityinthemedicaland geneticfields,HealthLawneedstodedicatemoreattentiontothisarea.
©2014EscolaNacionaldeSaúdePública.PublishedbyElsevierEspaña,S.L.U.Allrights reserved.
Direito
à
vida
privada
e
à
confidencialidade
de
dados
de
saúde:
crise
ou
redenc¸ão?
Palavras-chave:
Direitoàvidaprivada Direitoàconfidencialidade Dadosdesaúde
Protec¸ãoeseguranc¸adedados desaúde
Direitosdosdoentes
r
e
s
u
m
o
Apesardeamplamenteanalisadopelosautoreseteoricamentevalorizadopelopúblico,o direitoàconfidencialidadedosdadosdesaúdeparecesermaisdeumafiguraacadémicado queumdireitorealmenteprotegido.Talacontecedevidoaalgunsproblemasintrínsecosna aplicac¸ãopráticadealgunsdosdireitosdosdoentes,mastorna-secadavezmaisnotório nassociedadescontemporâneas.
Esteartigodescreve,emprimeirolugar,osdireitosàvidaprivadaeàconfidencialidade dedadosdesaúdenosseuscontornosclássicos,mostrandoasáreasdeconsensoe con-trovérsiasemtornodeles.Emsegundolugar,analisam-seasrecentestransformac¸õesna
∗ Correspondingauthor.
E-mailaddress:pa.lobfaria@ensp.unl.pt(P.L.d.Faria).
http://dx.doi.org/10.1016/j.rpsp.2014.10.001
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
Direitoeuropeudaprotec¸ão dedados
sociedadequeestãoacausarumacrisenessesmesmosdireitos,sendoestacapazdeos transformaroumesmodeoseliminarcomodireitosdosdoentesverdadeiramente respeita-dos.Nestecapítulo,constata-sequeháfortessinaisparaacreditarquenoDireitodaSaúde enaBioéticaosdireitosàvidaprivadaeàconfidencialidadeestãoasofrerumacrisee quenãosetêmcriadoquaisquerinstrumentoslegaisinovadoresemDireitodaSaúdepara osresgatar,aocontráriodoqueacontecenoDireitoEuropeudeProtecc¸ãodeDados.Esta premissalevaàterceirapartedoartigo,ondeseanalisambrevementeapropostadonovo regulamentoeuropeudeprotec¸ãodedadospessoais,cadavezmaispertodeserpublicado, oqualpretendetrazerferramentasreforc¸adasnestedomínio.
Conclui-sequea aurajurídicaqueaindaenvolveosdireitosàconfidencialidadedos dadosmédicosegenéticosemDireitodaSaúdeeBioéticanãopareceterjáumsentido prático,sendoquasecomopromoverumprodutocomenormepotencialmasquenãoexiste nomercado.Aúnicaáreaqueaindasemovenafrentededefesadavidaprivadae da confidencialidadededadospessoaisnanossasociedadeéodireitoeuropeudeprotec¸ão dedados.Noentanto,mesmoqueestefactoapresentenovastendênciaslegaisquepodem ajudaradaraosdireitosdosdoentesàvidaprivadaeàconfidencialidadedosseusdados umpoucomaisdeforc¸a,pensamosque,apesardasmedidaseuropeiasinovadoras,oDireito daSaúdeprecisadesededicarmaisaproduzirumnovopensamentojurídicooperacional paraosdireitosàvidaprivadaeconfidencialidadenosfuturoscenáriosdaMedicinaeda Genética,sobpenadestespoderemdeixardeexistirnaprática.
©2014EscolaNacionaldeSaúdePública.PublicadoporElsevierEspaña,S.L.U.Todosos direitosreservados.
Introduction
“Issuesofprivacyhavebecomeentangledwith bioinfor-maticsas,increasingly;werelyontechnologyratherthan onhumanbeingstoresolveprivacyissues.”1(p6)
“Newtechnologies upheave old norms, and newnorms needtobenegotiated:aprocessthattakestime.”2(p125)
Preliminarynote
Althoughweare aware that thetopic ofthis articleis not novel, we think that it still needs attention ascontinuous transformationsinsocietyareconstantlybringingnewfacts thatreflectupontherightstoprivacyandconfidentialityas patient’srightseitherinhealthcareormedicalresearch sett-ings.
Baringthispremiseinmind,thispaperaimstodiscussthe classicalconceptsoftherights toprivacyand confidential-ityofhealthversustherecentdevelopmentandsolidification ofapermanent“realityshow” societywhich trivializesthe disclosureandthedisseminationofpersonaldata,including healthdata.Moreandmorepeopleadheretofree informa-tionandareignorantorreluctanttodataprotectionprinciples until they suffer considerable consequences. Nevertheless, litigation regarding the rights to privacy and confidential-ity ofhealthdataisrare. As someauthors putit “the(...) issueofmedicalconfidentialityhasbeenmorediscussedthan litigated.”3
ThereisanampleHealthLawandBioethicsliteratureon theimportanceoftherighttoconfidentialityofmedicaland geneticdata,whichisconsideredafundamentalpatientright andisenshrinedintheLawofseveralWesterncountries.This
right isalsooneofthe maindataprotectionrights. Impor-tantly,medicalandgeneticdataareconsideredexceptionally sensitive data bycurrent Data ProtectionLaws, which isa specialstatusrequiringextrasecurityandconfidentiality pro-tectionmeasures. Thereasonforthisspecialstatusisthat medicalandgeneticdataareconsideredtobelongtothe “pri-vate”sphereoftheperson(datasubject),astheyrelatetothe mostintimatepersonalareas.Hence,anunauthorized disclo-sureofthisdataispotentiallymeanttocausediscrimination andstigmatizationinthepersonal,professionalorsociallife domainsofthedatasubject.Concurrently,healthdataprivacy isalsoaveryimportanttoolinPublicHealthpolicies(e.g.for theacceptanceandsuccessofname-basedsurveillance).4
FromtheHippocraticOath,totherighttobeforgotten
Thedutyofconfidentialityisamedicaldeontologicalpillar sincethe HippocraticOath, dating backtothe 5th century BC. On the other hand, the right to privacyis a relatively recentjuridicalconcept.Theclassicalconceptionoftheright toprivacysproutsfromthenotionthatthroughoutlifeevery personmoveswithinjuridicalspaceswithvaryingdegreesof liberty.5,aSuchspacescanbebroadlygroupedintotwomain
areas,apublicandaprivatesphere.Whenwemovewithinour publicspherewhateverwedo,sayorchoosecanbeconsidered
aJonathanFranzenreferstothismatterinpage43ofhisvery
acuteessayonprivacy,called“ImperialBedroom”:“Whatreally undergirdsprivacyistheclassicalliberalconceptionofpersonal autonomy orliberty.Inthelastfewdecades,manyjudgesand scholarshavechosentospeakofa“zoneofprivacy”ratherthana “zoneofliberty”,butthisisashiftinemphasis,notinsubstance: notthemakingofanewdoctrinebuttherepackagingofanold one”.
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
publicinformationinawaythatnorestrictionsare placed toitsdiffusionanddissemination.Inparallel,insideour pri-vatesphere,specialcaremustbeexercisedinordertorestrict accessandsharingofinformationsothatspeciallimits,which aredefinedbytheindividual,arenotcrossed unlessavery significantpublicinterestisatstake.Therighttoprivacyisin thatsensea“personalityright”6,brootedintheneedtorespect
theautonomyofpeopleandaimedatprotectingthemfrom harm.7Theconcessiontoeveryhumanbeingofanindividual
privatespaceisdeeplyconnectedwithvaluessuchas free-domandself-determination.Certainly,thebordersbetween publicand private spheresvary significantly dependingon historicalandsociologicalcontexts,politicalconditionsand evenpersonalandindividualrepresentationsofreality.Ithas beenmorethan120yearssinceSamuelD.WarrenandLouisD. Brandeis8wrote“TheRighttoPrivacy”aninfluentialHarvard
LawReviewarticledrawingattentiontotheneedof protec-tionagainsttheinvasionofprivacy.Inthisarticle,theauthors definedtheconceptofprivacyprotectionbyadaptingafamous expressionofjudgeThomasCooley(regardingtortinjury)as “(...)aninstanceoftheenforcementofthemoregeneralright oftheindividualtobeletalone”.8
The premonitory significance of this article and the increasingdifficultyandnecessitytofindthecorrectmeasures toprotectprivacyinanageoffast-pacedtechnology-driven progressarewellacknowledged.Infact,justaboutone hun-dredyears afterWarren andBrandeis,inapersuasive1998 NewYorkeressaytitled“ImperialBedroom”,JonathanFranzen depictedprivacyas“(...)espousedasthemostfundamental ofrights,marketedasthemostdesirableofcommodities,and pronounceddeadtwiceaweek”.5 Interestingly,in“Imperial
Bedroom”FranzenalsoquotedRichardPowers’definitionof theprivateaspectsoftheselfas“(...) thatpartoflifethat goesunregistered”.5
Thesequotesreflectthepresentstateoftherighttoprivacy, whichwasbornoutofaworldthathadjustdiscoveredthe wondersandperilsofthetelephoneorphotographyandtoday isthreatenedbyourtechnology-swampedlives.Weconcede thatthechallengesthattechnologyposestotherightto pri-vacyandconfidentialityaremanyandthatsocietyhasevolved inwaysthatseem tocontradictthealmost revered impor-tancethattheserightsoncehad.However,thesechallenges donotnecessarilycorrespondtooblivionoftheserights. Evi-dencehasshownthatregardinghealthandgeneticdata,the protectionoftheserightsisstillapriorityforpatientsand physicians.7,9,cFurthermore,itisthemainconcernofthe
pub-licregardingthedonationsoftheirownbiologicalmaterialto biobanks.10Thisfactsuggeststhatprivacyandconfidentiality
arestillvaluedconceptsbymostpeopleandthereforedidnot losealltheirpracticalsense.
Someofthesefactors,whichexplainadiminishingvalue ofthe rights to privacyand confidentiality, were generally
b ThisisthecategoryofrightsinwhichthePortuguese
Consti-tutionincludestherighttoprivacy(article26).SeeforallMoreira andCanotilho,Constituic¸ãodaRepúblicaPortuguesa,Artigos1◦a
107◦.
c Despitecourtactionsagainstprofessionalswhodidnot
dis-closegeneticrisktorelativesoftheirpatientsthereisreluctance fromphysiciansandgeneticcounselorstobreachconfidentiality.
identified by the EuropeanCommission as a basis for the ongoing reform of data protection in the European Union (EU).11Wehighlight(infra3)theeffortsonnewdata
protec-tionmechanisms,whichhavebeendevelopedbytheEuropean Commission(EC),coinedinthedraftofanewdata protec-tionregulation,dasagoodexampleofconfidentialityrights
resilience.11Weanalyzethisnewlegalturnindataprotection
intheEUandmakesomeconsiderationsonitsrelevancefor theconfidentialityofpersonalhealthdata.Inbrief,thenew regulationwillgivemorepowertocustomersofonline ser-vices,determinestrongersafeguardsforEUcitizens’datathat getstransmittedabroad,andconsiderablyincreasefineson companiesthatbreachthelaw.Importantly,intheregulation draft,healthdataarestillconsidered“particularlysensitive andvulnerableinrelationtofundamentalrightsorprivacy” deserving“specificprotection”.11
Wealsoexaminethenew“righttobeforgotten”whichis alsoenactedinthealreadymentionedregulationdraftondata protectionandwasrecognizedbytheCourtofJusticeofthe EuropeanUniononMay2014intheGoogleSpainSL,GoogleInc. vsAgenciaEspa ˜noladeProteccióndeDatoscase.12
Inbrief,thisarticleaimsmainlytosummarizetheissues andquestionsraisedinthehealthdataprotectionfield,rather thantoprovideanysolutions.Nonetheless,bearingthenew EuropeanLawdevelopmentsinmind,thisarticleendswith ourlastwordonthestatusquoofprivacyandconfidentiality ofpersonalhealthdatarights(seeinfra4).
State
of
the
art
Therightstoprivacyandconfidentiality
Therighttoconfidentialityisbasedonthefundamentalrights toprivacyandto“informationalself-determination”,which relate to personal data protection (data protection rights). However,confidentialityisadifferentconceptthanprivacy, and it comprises morethan data protectionrights. Firstly, confidentiality works downstreamofprivacyandfor confi-dentialitytobelegally“triggered”,privacymusthavealready beendisclosed.13Furthermore,ononehandtherightto
pri-vacy iswhat is calleda “negative” right because it claims non-interferencewithinformationbelongingtothe private sphere.Ontheotherhand,confidentialityisbotha“negative” anda“positive”rightasitsimilarlyclaimsnon-interferenceor silence(e.g.intheformofprofessionalsecrecy)butalso prac-tical protectiveactions(e.g. securitymeasures;supervision; sanctions–seeFig.1).
Historically,understandingtherealmeaningandthelimits oftherighttoconfidentialitycanbebetterachievedby tak-ingalookatthe1988EnglishtortlawcaseAttorneyGeneralv. TheObserverLtd.14Thiscasecoveredthepublicationinseveral
Britishnewspapers ofexcerptsfrom thecontroversialbook
Spycatcher,writtenbyformerMI5counterintelligenceofficer
dRegulations are the strongest European Union normative
instrumentsenteringinforceinallmemberStatesassoonasthey arepublishedintheOfficialJournaloftheCommunities.They dif-ferfrom“directives”,whichneedtobetransposedtothemember Statesinternallegalorder.
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
Confidentiality V. Privacy
Privacy sphere
Direct disclosure (doctor)
Professional secrecy Security measures Supervision sanctions Indirect disclosure (biobank)
Medical-genetic
information Secret information
Confidentiality
Fig.1– ConfidentialityV.Privacy.
PeterWright.Thebook,atthetimealreadypublishedinthe USAandAustraliabutnotinEngland,containeddetailsabout Wright’sactivityinMI5,whichconstitutedaviolationofanAct oftheParliamentoftheUnitedKingdom–theOfficialSecrets Act1991–protectingstatesecretsand officialinformation. InhisargumentintheHouseofLords,LordGoffof Chieve-leyidentifiedavitaldimensionoftherighttoconfidentiality –thedutyofconfidence.AccordingtoLordGoffof Chieve-ley,thisduty“(...)ariseswhenconfidentialinformationcomes totheknowledgeofaperson(theconfidant),withtheeffect that(...)heshouldbeprecludedfromdisclosingthe informa-tiontoothers”.14Therefore,heconcludes“(...)thereissuch
apublicinterestinthemaintenanceofconfidences,thatthe lawwillprovideremediesfortheirprotection”.11Importantly,
AttorneyGeneralv.TheObserverLtd.alsopermittedtoidentify thelimitstotherighttoconfidentiality.First,therightto con-fidentialityonlyappliestoconfidentialinformationandnot toinformationthathasalready enteredthe publicdomain (informationforwhichthereisgeneralaccess).Second,the righttoconfidentialitydoesnotapplytotrivialinformation. Third,andperhapsmostsignificantly,thepublicinterestof confidenceprotectionmustbebalancedinthefaceofother publicinterests.Inthisregard,LordGoffofChieveleydeclares that“(...)itisthislimitingprinciplewhichmayrequireacourt tocarryoutabalancingoperation,weighingthepublic inter-estinmaintainingconfidenceagainstacountervailingpublic interestfavoringdisclosure”.14
AsAttorneyGeneralv.TheObserverLtd.sowellillustrates, themostcontroversialpartoftheright/dutyof confidential-ityisthezonewherethisrighthastobebalancedwithother conflictingpublicinterests.Infact,thiszoneofconflicthas beenthesubjectofintensestudyinthefieldsofHealthLaw andEthicsmainlyinthedomainofHIVinfection(probably themostcontroversial)and,particularly,intherelated ten-sionbetweenthedutyofprofessional/medicalsecrecyandthe dutytodisclosepersonalhealthinformationforthepurposes ofprotectingathirdparty’shealthorlife.Importantly,recent advancesingenomicsandthepossibilitytodefinesomeone’s futurerisk ofdevelopingadisease byanalyzing hereditary geneticinformationfeedsintothesamediscussionand illus-tratesthatthisdebateisverymuchaliveinourtime.15
Understandingthe tensionbetweenthe right to/dutyof confidentialityandpublicinterestmustalsobeinformedbya
closerlookatdifferentdefinitionsofthelatter.Publicinterest isanopenandeverevolvingconcept.Manywouldarguethat nomattertheextenttowhichtheconceptevolvesand trans-forms,publicinterestshouldneverbeallowedtobeconfused withcuriosity orvoyeurism andthat exaggerated broaden-ing ofsomedefinitionsofpublicinterestwould,ultimately, endupemptyingthenotionofprivateinformation,turningit into trivia,anddefeatingthepurposeofrecognizingaright to confidentialitywithbalanced limits.On theother hand, others arguethatwearemovingtowardsabroadnotionof publicinterestthatwould,mostofthetimes,favordisclosure ofinformation.Accordingtothisnotionthealternative pub-licinterestrelatedtoprotectingconfidencelooksincreasingly morelike aprivateinterest.Nomatterwhich sidewetake onthis argument,it isimportanttobalancepublicinterest withconfidentialityandidentifyanddiscussrelevantfactors leadingtoapossiblefadingortransmutationofthelatter.
The rights to privacy and confidentiality are nowadays entangledwiththerighttotheprotectionofpersonaldata, whichisestablishedbyArticle8oftheCharterofFundamental RightsoftheEU,16Article16oftheTreatyontheFunctioningof
theEuropeanUnion(TFEU),17andinArticle8oftheEuropean
ConventionofHumanRights(ECHR).18Asunderlinedin2010
bytheCourtofJusticeoftheEUinthejoinedcasesVolkerund MarkusScheckeGbRandHartmutEifertvLandHessen,19theright
totheprotectionofpersonaldataisnotanabsoluteright,but mustbeconsideredinrelationtoitsfunctioninsociety.Data protectioniscloselylinkedtotherespectforprivateandfamily lifeprotectedbyArticle7oftheCharter.16Thisisreflectedby Article1(1)ofDirective95/46/EC20whichprovidesthat
Mem-berStatesshallprotectfundamentalrightsandfreedomsof naturalpersonsandinparticulartheirrighttoprivacywith respectoftheprocessingofpersonaldata.
Whatever happens in the data protectionlaw field will affecttremendouslytherightstoprivacyandconfidentiality inthehealthlawdomain.Thisiswhytheongoingreformin Europeandataprotectionlegalinstrumentsissoimportant todiscusshere.Ina2012documentprecedingthedraftofthe newEUregulation,withthesuggestivetitleofSafeguarding Pri-vacyinaConnectedWorld–AEuropeanDataProtectionFramework forthe21stCentury,21theEuropeanCommissionundoubtedly
showsthattheprotectionofprivacyandconfidentialityrights isthecoreofdataprotectionlaw.Thisdocumentidentifies
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
asthe majorchallenge fortoday’sdataprotection,thenew waysof sharing information, through socialnetworks and storinglargeamountsofdataremotelywhich“havebecome partoflifeformanyofEurope’s250millioninternetusers”.21
Nevertheless,itstressesveryclearlythat “inthisnew digi-talenvironment,individualshavetherighttoenjoyeffective controlovertheirpersonalinformation”.21
Inaway,wethinkthat,atpresent,dataprotectionlawis the“practical”or“feasible”partofthedefenseoftherights toprivacyandconfidentialityofhealthinformation.Thisis particularlysoasnowadays,thecompliancewiththeserights essentiallydependsalmosttotally onthe existenceofvery objectivesecuritymeasuresinhealthcareinformation tech-nologies(IT).Forinstance,theconceptof“privacybydesign” (seeinfra3)broughtupbytheEUdataprotectionreformand alsoincludedinthedraftofthenewregulation,11,eifadopted
inhealthcareunitscouldbethekeytopreventbreachesof con-fidentiality“fromscratch”.However,thecostsandtechnical implicationsofthesemeasuresmaybedissuasive,particularly ifsanctionsfornotcomplyingwithdataprotectionmeasures arenotstrongenoughorifcontrolbythecompetent authori-tiesisinexistent.
Nowadays,personalhealthdataarestoredandaccessedin differentsystems,sometimesindependentlyofsecrecyduties. Inother cases, suchdata can evenbestored inthe Cloud,
althoughthispracticeisconsideredtobeinadvisablebydata protectioncommissioners.Hence,itisobviousthatinorder toprotecttherighttoconfidentialityincontemporary soci-etiesand healthcareunits,informationtechnologysystems mustprovidethe appropriatemechanismstoavoid illegiti-matebreachesofpatient’sdata.Averyimportantcorollaryof thisisthatconfidentialitybecameexpensivetoprotectand,as such,itmaycometobemoreofa“luxury”tohealth manage-mentthanabasicnecessity.Thistendencymayevenbemore acutewithinthe healthcaresystemsinaninverted demo-graphicpyramidworld.
Consensualanddefyingideas
The interconnected rights to privacy and confidentiality regardingmedicalandgeneticinformationhavebeenamply discussedintheBioethicsandHealthLawfieldsandhavebeen theobjectofconsensualanddefyingideas.Inthefirstgroup, itisindisputablethatasacentenarymedicalduty,thedutyof medicalsecrecyisstillkeytothemedicalbusiness.Without theperceptionthatphysiciansareboundbyadutyofmedical secrecy,certainlymostpatientswouldnotdisclosesomeof theirintimateclinicalhistory.Furthermore,itisimportantto highlighttheconsensualnotionthattherightto confidential-ityinhealthworksnotonlytopreserveasignificantelement oftrust,whichisofvitalimportanceinmostinteractionsin thehealthcarecontext,butalsotopreventstigmatizationand defendagainstdiscrimination.Therefore,confidentiality pro-tectionmeasuresarevaluablepublichealthallies,notonlyin thehistoryofepidemicsasalreadymentionedabove4butalso
inrelativelynewareas,suchaspublichealthgenomics(e.g.
e See section 2 on Data Security, article 30/3 (security of
processing)oftheregulationdraft.
withouttrustintheconfidentialityofbiobanksforresearch purposes,peoplearenotwillingtodonatetheirDNA10).
However,relevantastheymaybe,thetraditionalconcepts ofprivacyandconfidentialityhavebeensubjecttosignificant defiance.Thefirstnoteworthyexampleisthatofthefamous 1982NewEnglandJournalofMedicinearticlebyMarkSiegler,22
whichdenouncedtheexcessivenumberofpeopleaccessing medical records in hospitals, leading to the characteriza-tionofconfidentialityinmedicineasa“decrepitconcept”.22
Twentyyearsafter,anextensiveliteraturereviewbyPamela Sankarandcolleaguesillustratedageneralunawarenessor misunderstanding of the ethical and legal right to medi-calconfidentialitybypatients,whichpromptedtheauthors to label the concept as both “over and underestimated”.23
Notably,widespreadconfusion(andinsomecasesignorance) aboutconfidentialityanditsrelevanceinthebiomedicalarena isthoughttobeinfluencedbytheinexistenceofaclear,precise andharmonizeddefinitionofwhatconstitutes“confidential data”.Thisimprecisionhasledsomeauthorstoportray con-fidentialityasa“TourofBabel”.24
In addition to the aforementioned issues on a lack of clear definitions of“confidential data” and privacy bound-aries,recenttrendsinthecontextofgenetics(forexamplein thecontextofbiobanking)providenovelchallengestohealth privacy. Theadvancement oftechnologyand its impactin molecularbiologyresearchalsobroughtagitationandstress tothe conceptsofprivacyand confidentiality.Insummary, cantheseconceptssurviveintheformofadutyofgenetic confidentialityandgeneticprivacyrights?Letuslookatthe example ofbiobanking.Inbiobanksthereisno“privileged” relationship3 between the scientists on one side and the
researchparticipantsontheother,contrarilytowhathappens in the patient-physician biomedicalrelationship.This con-trastnecessarilymeanstheneedofaredefinitionofthelegal basisinwhichpersonalinformationissharedandprotected inbiobanks.Infaceofthesenewchallenges,thenecessary departurefromclassicalnotionsissometimessosignificant thatsomeauthorsconsiderthatconceptscannotbendthat far without being irreparablybrokenand thereforewonder whetherconfidentialityisnowbutanobsoleteconcept.25
Toclosethisbriefpresentationofdefyingideasonhealth andgeneticdataprivacyandconfidentialityweshould men-tiontheissueofanonymizationofhumanbiologicalmaterials (HBMs).Inreality,biobankingactivitiesposeprivacyand con-fidentialityobstaclesthatseemtobesurpassediftheconcept ofconfidentiality isredefined and reconfigured,moving on fromatrust-basedmodelofinformationsecrecy,towardsan anonymized-data model.26 Thepre-requisitewould bethat
anonymizationbecameacorerequirementtobuildabiobank. However, anonymization ofHBMs poses several questions, whichendangerthisapparentsolution.QuotingMariachiara Tallachinni”27 the rationale behind this modelis based on
theassumptionthatthede-identificationofthehuman bio-logicalmaterials(HBMs)canceltheir“subjectivetraceability”,
i.e.thecharacteristics thatrenderthem re-identifiable, and thatthis,throughdifferentmethodsofencryptingthe sen-sitive information,is“thetechnicalfilterwhichguarantees dataconfidentiality”.27 Nonetheless,thesameauthor
inter-estinglysuggeststhatthereareareasofdoubtinthevalidity of this “guarantee”. Firstly,by statingthat “theexpression
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
‘anonymizationofdata’ oftenconcealssituationsinwhich, infact, thepossibilityofreidentifyingdatastillexists,and, therefore,inwhichanonymityisneitherrealnorcomplete” (...). Secondly, and perhaps more critically, by considering anonymityas“therhetoricalstrategyfordenyingthe exist-enceofany subjectiveinterestinHBMsand,consequently, foraffirming theirfreeavailabilitytothosewho maymake interestinguseofthem:thebiotechindustry”.27
Insummary,theaforementionedconsensualanddefying ideasclearly illustrate how the field ofhealth and genetic dataprivacyandconfidentialityrightsisaverycomplexlegal ground,whichclaimsformorededicatedattentionfrom aca-demicsinthefieldofHealthLaw.
Factorsthataretransforminghealthdataprivacy andconfidentiality
Theprogressiveerosionofourownprivatespheres2isnow
contributingtothe growth and expansionofa global pub-licsphereweallshare.Privacyconcessionscanbeobserved everywhereandhavemultiplecausesandaims.Security,for example, is the prominentcause for disclosure of private data.Followingthe9/11terroristattacksintheUnitedStates ofAmerica,privacyconcessions based onsecurity reasons were greatly expanded.28 Concomitantly, intrusions in our
privatespheressuchasairport screening,collectionof fin-gerprintsandphotographsandextensivevideosurveillance arenowwidelyacceptedand perceivedasnormalpractice. Remarkably,people are not onlytoleratingprivacy conces-sionsforsharedpurposessuchascommonsecuritybutalso increasinglyoptingtogiveawayprivacyforindividualgains, suchasfame,moneyandrecognition.TVshowsandsocial phenomena wherepeople linger on other’s most intimate momentssuchasprecisefirst-handaccountsofdeeply trau-maticexperiences(includinghealth-relatedconditions)have gainedsignificantnotoriety.ThecaseofJadeGoody,a27 year-oldBritishBigBrotherparticipantisanextremeexampleof exposureofterminalillnessinthemedia.Goodyraisedaround £1mfrommediadealssignedsinceshewastoldshehad ter-minalcervicalcancer.Hermainreasontosignthesecontracts foralivecoverageofherfinaldayswastoleavethemoneyto herchildren.f
InPortugal,veryrecently,ManuelForjaz,awell-knownand charismaticacademicfamouslysharedwritingsandphotos onsocialmediaabouttheprogressionofhiscancer,including chemotherapysessions,itssecondaryeffectsandconsequent suffering. During this period he participated in a weekly TV show and spoke regularly and openly in public about hisdisease.He died afew days afterpublishingof abook abouthissharedexperienceasacancerpatient.29These
sit-uationsillustratethepossibletransformation ofthe nature
f Seenewspaperarticles“JadeGoodytowedanddie‘inthe
pub-liceye’TherealityTVstarwillsellmediarightstoraisemoneyfor herchildren”(TheObserver,Sunday15February2009)Availableat:
http://www.theguardian.com/theobserver/2009/feb/15/jade-goody-cancer)and“JadeGoodysettomake£1mfrommediadeals” (the-guardian.com,Wednesday 18February 200912.33, available at:
http://www.theguardian.com/media/2009/feb/18/jade-goody-wedding-deals).
of healthdata from a paradigm ofsecrecy made ofa cer-tain “embarrassment”,3 into a possiblefuture paradigmof
openness.Overall,healthdataarebecomingsocially accept-able informationandits self-disclosureisbecoming trivial. However,thistendencycertainlydoesnotsuiteveryoneas dif-ferentpeoplehaveverydifferentnotionsofwhattheywant tokeepprivate.Still,theparadigmmaybechanging,andit wouldbeatleastdoubtfulifsomeonewhosharedhisorher healthconditiononsocialmediacouldsubsequentlytrytosue thosewhodecidedtosharethatinformationoutsidethecircle withinwhichthatinformationwasoriginallyshared.Hence, in a world where health information too becomes widely sharedonsocialnetworks,societycanrelativizetherightsto medicalandgeneticprivacyandconfidentiality,whichmay ultimatelypervadelawandjustice.
Trivializationofthesharingofformerlyconsidered “sen-sitive data”isalsobecomingmoreacuteduetothealmost impossible taskthatisrequiredofdataprotection authori-tiestocontrolthemultitudeofhealthdata,whichiscurrently being collected.On the other hand,building systems that secure confidentiality is sometimes considered a luxury, whichisneglected byhealthadministrators,particularlyin countrieswherefinancialcriseshaveledtoausterity meas-ures (e.g. Portugal). In the case of Portugal, the absence ofsystematicsupervisionand sanctions bydataprotection authorities, which struggle with lack of means, together with thealmost inexistent litigationinthis domain,result inrandomprivacyorconfidentiality protectionconcernsin healthcareunits.Asaconsequence,anecdotalevidence indi-cates that it is possible for administrative staff to access patients’ medical histories, in violation of national law. Unsurprisingly, incountries wheresocialwelfare is jeopar-dized,patientsprioritizeaccesstocareoveranyotherrights andarelesspronetocomplainofcasesinvolvingaviolation ofprivacyandconfidentialityrights.
Geneticprivacyandconfidentiality
Notably,thiserosionofhealthdataprivacyand confidential-ity finds parallel inmorespecific phenomenain the areas of geneticsand genomics.Here again, privacyconcessions are motivated by public and private interest alike. As we know,theHumanGenomeProject (HGP)and theadventof genomicshavehighlighted(oratleastpromised)the impor-tanceofgeneticdatainfightingdiseaseandimprovinghealth outcomes. Forexample,different PublicHealth fields,such as infectious andchronic disease,occupationalhealth and environmental health can advantagefrom the progressof genomicsandthesharingofgeneticdata,leadingtowhathas beendescribedbysomeauthorsas“Geneticinformationfor all”syndrome.30Thissubjectandtherelatedissueof
person-alizedmedicine(wheretherapyisspecificallydesignedtoan individualbasedonhis/hersgeneticprofile)havedeepprivacy andconfidentialityimplications.Firstandforemost,wemust considerwhetherourgeneticinformationcancontributeto significant conclusionsabout ourrisksofdevelopingfuture diseases.Ifthatisestablished,atleastatareasonablelevel, geneticdataneedtobeconsidered asprivateasany other healthdata.Nevertheless,itisclearthatifsomeonecarriesa geneticalterationthathasbeenassociatedwithasignificant
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
andelevatedriskofdevelopingadiseaseinthefuture,that informationcould beusefultofamilymembers whomight sharethatsamealteration.Despitethefactthatdifferent stud-iesshowthattheoverwhelmingmajorityofpatientschoose topassinformationofgeneticriskandgeneticdiseaseto fam-ilymembers,insomecasessharinginformationcollidesboth withthepatients’willandtherightoffamilymembersnot toknow.31,32 Hence,in pondering whether or notto share
geneticdatawithfamilymembers,theprobability thatthe diseasewilldevelopandthemagnitudeoftheharmshould thatdiseaseindeeddevelopmustbebalancedandweighted againstthecosts(individualandpublic)ofbreaching confi-dentialityduties.13 Hence,clearly, theadvancesingenetics
andgenomicsposesignificantchallengestoprivacyand con-fidentialitytoo.
Finally,justasupplementarynotetomentionthat,inline withtheaforementionedsecurityconcernsandtherefore per-hapsunsurprisingly,itisalreadyacceptedtogiveawaygenetic privacyforjusticereasons,insomecases.Forexample,theUK NationalDNAdatabasealreadyincludesDNAprofilesofmore than3millionindividuals,coveringmorethan6%ofthe pop-ulationandraisingprivacyandconfidentialityissuesamongst otherinnumerousbioethicsandhumanrightsquestions.33–35
Thetopic ofgeneticprivacyand biobanksforforensic pur-poses,however,willnotbedebatedhereasitgoesbeyondthe scopeofthisarticle.
The
European
Data
Protection
Law
reform:
the
redemption
of
health
data
privacy
and
confidentiality
rights?
Preliminarynote
Intheprevioussectionsweidentifiedreasonstobelievethat therightstohealthdataprivacyandconfidentiality–once socherishedinHealthLaw–aresufferingacrisis.This cri-sis iscaused not only bygeneral societal phenomena but alsobyspecificfactorsrelatedtothefieldsofhealthcareand genomics.Wealsomentionedthatweconsiderdata protec-tionlawasthe“practical”or“feasible”partofthedefenseof therights toprivacyand confidentialityofhealth informa-tionas,currently,thecompliancewiththeserightsessentially dependsonsecuritymeasuresandIT.Hence,weagreethat whateverhappensinthedataprotectionlawfieldwillhavea significantimpactintherightstoprivacyandconfidentiality inthehealthlawdomain.ConsideringthatEuropeanData Pro-tectionLawhasbeenrecentlysubjecttoaconsiderablereform, includinganewEuropeanregulationdraft,itisveryimportant toanalyzeithere,althoughnotindetail,asthisdoesnotfit exactlythescopeofthisarticle,whichisorientedtoHealth LawandBioethicsandnottoDataProtectionLawissueswhere otherauthorshavedevelopedthismatter.36,37
TheEUreformofthedataprotectionlegalframework
“Rapidtechnologicaldevelopmentshavebroughtnew chal-lengesfortheprotectionofpersonaldata.Thescaleofdata sharingandcollectinghasincreaseddramatically. Technol-ogyallowsbothprivatecompaniesandpublicauthorities
tomakeuseofpersonaldataonanunprecedentedscale inordertopursuetheiractivities.Individualsincreasingly makepersonalinformationavailablepubliclyandglobally. Technologyhastransformedboththeeconomyandsocial life.”11(p1)
In 2012, the EuropeanCommission (EC)proposed a key reformoftheEUlegalframework,whichledtothedraftof anewEuropeanregulationontheprotectionofpersonaldata. Thisregulationintendstostrengthen individualrights and tacklethechallengesofglobalizationandnewtechnologies (mainlyon-line)byadaptingthegeneralprincipleswhichwere consideredtoremainvalidtothesechallengeswhile main-tainingthetechnologicalneutralityofthelegalframework.
Whenitcomesintoforce,whichhasbecomemorelikely to happen after the majority of the European Parliament approveditsdraft(March2014),thenewRegulation (hencefor-wardcitedas“theRegulation”)willimmediatelybecomethe newgenerallegalframeworkofdataprotectioninallmember StatesoftheEU,abolishingthelongtimerulingofDirective 95/46/CE.20Thepathwaytothisreformwasbasedinseveral
documentsfrom differententities,someofwhichincluded innovativemechanismstoprotectpersonaldataagainstthe challenges it endures atpresent time.38 Thispathwayalso
included a Eurobarometer 2011 survey39 on the attitudes
towards data protection, which showed interesting results and revealedthatthemajorityofEuropeansfeelobligedor arewillingtogiveuptheirprivacyandconfidentialityalmost on adailybasis. Resultsofthe Eurobarometer2011survey showed that 58% of Europeansfeel that there is no alter-native other than to disclose personal information if they wanttoobtain productsorservices;79% ofsocial network-ingandsharingsiteuserswerelikelytodisclosetheirname; 51% theirphotoand47%their nationality.Onlineshoppers typicallygavetheirnames(90%),homeaddresses(89%),and mobilephonenumbers(46%).OnlyathirdofEuropeanswere awareofanationalpublicauthorityresponsiblefor protec-tingtheirpersonaldatarights(33%)andjustoveraquarter ofsocialnetwork users (26%)and evenfeweronline shop-pers(18%)feltincompletecontroloftheirdata.39Importantly,
thesenumbersjustconfirmedwhattheEuropeaninstitutions alreadysuspected.In2010,inaCommunicationtothe Euro-pean Parliament, the Council, the European Economic and SocialCommitteeandtheCommitteeoftheRegions,titled“A comprehensiveapproachonpersonaldataprotectioninthe EuropeanUnion”,40 theCommissionconcludedthattheEU
needed“amorecomprehensiveandcoherentpolicyonthe fundamentalrighttopersonaldataprotection”.40
ThenewgeneralrulesintheRegulationthatcanhave impactintheprotectionofhealthdata
ThenewEUstrategyintendsto“putindividualsincontrolof theirowndata”11and intheRegulationanewapproachto
whatisconsidered“nominativedata”isadopted.Forinstance, theactsofbeingobservedandbeingtracedbecomeprivacy threats,evenwithoutknowingthenameoftheobservedor tracedperson.36Article4/2oftheRegulationdeterminesthat
personaldata“meansanyinformationrelatingtoadata sub-ject”.Datasubjectisdefinedas“anidentifiednaturalperson
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
oranaturalpersonwhocanbeidentified,directlyorindirectly, bymeansreasonablylikelytobeusedbythecontrollerorby anyothernaturalorlegalperson,inparticularbyreference toanidentificationnumber,locationdata,onlineidentifieror tooneormorefactorsspecifictothephysical,physiological, genetic,mental,economic,culturalorsocialidentityofthat person”(Article2/1).
Asignificantimprovementistheprincipleoftransparency introducedbyArticle5(Principles relatingtopersonaldata processing), which stipulates that personal data must be “processed lawfully, fairlyand in a transparentmanner in relationtothedatasubject”(Article5/a).
Twootherinnovationsintermsofdatacontrolrightsfrom itssubjectsaretherighttoportabilityandtherighttobeforgotten.
Article18/1oftheRegulationdeterminesthatdatasubjects havetherighttoobtainfromthecontrolleracopyoftheir per-sonaldataina“structuredandcommonlyusedformatwhich iscommonlyusedandallowsforfurtherusebythedata sub-ject”.InArticle18/2itisgrantedtothedatasubjectthe“right totransmitpersonaldataandanyotherinformationprovided bythedatasubjectandretainedbyanautomatedprocessing system, intoanother one,inan electronicformatwhich is commonlyused,withouthindrancefromthecontrollerfrom whomthepersonaldataarewithdrawn”.Assomeauthorsput it,dataportabilityisthereforetherightto“takepersonaldata andleave”.36Importantly,the“righttobeforgotten”(andto
erasure)isalsoanewoptionintheRegulationandhasrecently beenconfirmedbytheCourtofJusticeoftheEuropeanUnion (Article17)12:
“Anypersonshouldhavetherighttohavepersonaldata concerning them rectified and a ‘right to be forgotten’ wheretheretentionofsuchdataisnotincompliancewith this Regulation.Inparticular, data subjectsshould have therightthattheirpersonaldataareerasedandnolonger processed,wherethedataarenolongernecessaryin rela-tiontothe purposesforwhich thedataare collectedor otherwiseprocessed,wheredatasubjectshavewithdrawn theirconsentforprocessingorwheretheyobjecttothe processing of personal data concerning them or where theprocessingoftheirpersonaldataotherwisedoesnot complywiththisRegulation.Thisrightisparticularly rel-evant,whenthedatasubjecthasgiventheirconsentasa child,whennotbeingfullyawareoftherisksinvolvedby theprocessing,andlaterwantstoremovesuchpersonal dataespeciallyontheInternet.However,thefurther reten-tionofthedatashouldbeallowedwhereitisnecessaryfor historical,statisticalandscientificresearchpurposes,for reasons of public interest in the area of public health, forexercisingthe right offreedom ofexpression,when requiredbylaworwherethereisareasontorestrictthe processingofthedatainsteadoferasingthem.”11
Inthisrespect,weagreewithCostaandPoullet36when
theseauthorsaffirmthattheeffectivenessoftherighttobe forgottenreliesonatechno-legalapproach,astechnical solu-tionshavetobeadoptedtoensuretheerasureandblockingof dataontheInternet.Thisfactisrelatedtoanotherinnovative rule of the Regulation, the introduction of a “privacy-by-design”obligation.
“Privacy-by-design”isestablishedinArticle23ofthe Regu-lation(Dataprotectionbydesignandbydefault)givingdata controllersthedutyto“Havingregardtothestateoftheartand thecostofimplementation(...)bothatthetimeofthe deter-minationofthemeansforprocessingandatthetimeofthe processingitself,implementappropriatetechnicaland orga-nizationalmeasuresandproceduresinsuchawaythatthe processingwillmeettherequirementsofthisRegulationand ensuretheprotectionoftherightsofthedatasubject”(Article 23/1).TheEuropeanCommissionistheinstitutionempowered tospecify data protection bydesignrequirements “applicable acrosssectors,productsandservices”(Article23/3).
Veryimportanttothe futureofpersonaldataprotection ingeneralandinthefieldofhealthandgeneticdataprivacy andconfidentialityrightsisthenewapproachfoundinthe RegulationinwhatreferstoResponsibilityandLiability. Differ-entlyfromtheDirective95/46/CE,theRegulationisverymuch concernedaboutresponsibility,andclearlystatesthatthe con-trollers ofdataare responsible toimplement datasecurity requirements(Article23).Importantly,theRegulation deter-minesa“principleofaccountability”anddescribesindetail the obligationofthecontroller tocomplywiththe Regula-tion andtodemonstratethiscompliance,including byway ofadoptionofinternalpoliciesandmechanismsforensuring suchcompliance.11Thisisaveryimportantstepaheadinthe
generalprotectionofpersonaldata,whichcanhaveahuge impactonhealthdatacontrollersandprocessors(Article22on theresponsibilityofthecontroller).Furthermore,intermsof lia-bility,theRegulationpresentstwoconsiderablemodifications totheDirective.Itmakesprocessors(thosewhoprocessdata onbehalfofcontrollers)liablefordamagesandwhentheseare multipleitestablishesa“jointliability”avoidingthenecessity toidentifytheoneatfault(Articles23and24).The Regula-tionalsoimposesoncontrollersandprocessorsthedutyto cooperatewiththesupervisoryauthority(Article29).
Inbrief,withallthesenewdataprotectionenforcement mechanismstheRegulationseemstobringthepossibilityof aneweraforprivacyandconfidentialityrightsingeneraland implicitlytohealthandgeneticdataprotection.Nevertheless, inspecifictermstheonlyinnovationintheRegulationwhich targetshealthdataisArticle84,insertedinChapterIX (Pro-visionsrelatingtospecificdataprocessing)on“Obligationsof secrecy”.Inthisdispositionitisstatedthatwithinthe lim-itsoftheRegulation,MemberStatesmayadoptspecificrules (whichhavetobenotifiedtotheEuropeanCommission)toset outtheinvestigativepowersbythesupervisoryauthorities“in relationtocontrollersorprocessorsthataresubjectsunder nationallaworrulesestablishedbynationalcompetent bod-iestoanobligationofprofessionalsecrecyorotherequivalent obligations ofsecrecy, wherethis isnecessary and propor-tionate toreconcile the right ofthe protectionofpersonal data withthe obligationofsecrecy”.41,g Forthe remaining,
g This importancegivento secrecywasalso stressed on the
MadridResolution,signedbytheDataProtectionandPrivacy Com-missionersin2009whereontopic13datarelatingtohealthorsex lifeisconsidered“sensitivedata”.Inthesamedocument,topic21 referstoa“dutyofconfidentiality”whichstatesthat“The respon-sible personandthoseinvolvedatanystageoftheprocessing shallmaintaintheconfidentialityofpersonaldata.Thisobligation
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
the Regulation maintains the concept that “health related data” and “genetic data” must be considered as “sensitive data”,andassuchrequiremoredataprotectionsafeguards. Article9oftheRegulation11setsoutthegeneralprohibitionfor
processingspecialcategoriesofpersonaldata,including“data concerninghealth”andtheexceptionsfromthisgeneralrule, buildingonArticle8oftheDirective95/46/EC.20Strangely,
arti-cle81oftheRegulationwhichdefinestheprocessingofhealth datadoes notincludegeneticdata.TheRegulationdefines both“geneticdata”and“dataconcerninghealth”(Article4) butitisobviousthatthissectorwasnotamajorconcernin theEUdataprotectionreform.
Overall, some of the new instruments proposed for a renewedframework fordataprotectionin Europecan give apractical sense tothe rights ofprivacyand confidential-ity in healthcare and genetic settings, transforming them fromrhetorical figures into realobligationstothe counter-parts (healthand genetic data controllers and processors). Forinstance, itwillbekeyforhealthinformationsystems’ managersinthe obligationtobuild “privacybydesign”for theprocessing ofhealthdataor biobanks. For example,in Portugal, a comprehensive and official Health Portal42 has
beenlaunchedwithouttrulyinformingthepublicabouthealth privacyand confidentialityissues. Furthermore,thereisno mention to the rights of the people who will be putting theirmedicaldata intothe portal, whichwould havebeen impossibleyearsago.Moreover,theNationalDataProtection Commissionisnotreferencedintheportalashavinggivenits authorizationtotreatmentofmedicaldataatsuchan exten-sion.Wethinkthatwheninforce,thenewrulesfromtheEU Regulationwillhaveapositiveimpactontheprivacyand con-fidentialityofpatients’data,whichurgentlyneedredemption inPortugalandelsewhere.
Last
word
“But someone will always have to speak for privacy, becauseitdoesn’tnaturallyrise tothetopofmost con-siderationsets,whetheringovernmentorintheprivate sector.”2(p126)
“Youhavezeroprivacyanyway.Getoverit.”Thisfamous 1999quoteinWiredhbyScottMcNealy,27wasmorethanan
epiphanyasitbecomesmoreandmoreaccurateastimegoes by.
Certainly, today privacy is a defied and perhaps even compressedconcept.Nonetheless,eventhosewillingly shar-ing their areas of reclusion take offense when seeing others intruding those same areas without their consent. Furthermore,experiencingperniciouseffectsrelatedto pri-vacy exposure can constitute disturbing incidents, which rarely lead to decisions of maintaining minute areas of personalretreat. Therefore, despiteits transmutations and
shallremainevenaftertheendingoftherelationshipwiththedata subjector,whenappropriate,withtheresponsibleperson.”
h Wiredisafamedmagazineonscientificinnovationsandtheir
impactinsociety,alsoknownforfeaturingeditorialsfromindustry leaders.
metamorphosis, privacy is still part of our hardwiring as agentsendowedwithfreewill.Hence,transformed,nuanced andself-affirmedconceptsofprivacystillpersevereinthese highlydemandingcircumstances.
Inaway,thefactsarenotsuitinganydataprotectionrights, but the newEU regulationseems towantto protectthese rightsagainstallodds,reinventingdataprotectioninamix ofalegal-technologicalapproach.Nevertheless,wemustnot benaïve,anditisimportanttonoticethattheratiooftheEU concernsisnotlinkedtoahumanrightsbasedphilosophy ordefense,butmainlytoeconomicmotives.The fundamen-talgoalofthenewEUinstrumentsondataprotectionisthe “buildingoftrustintheonlineenvironment”whichis“keyto economicdevelopmentaslackoftrustmakesconsumers hes-itatetobuyonlineandadoptnewservices”.11Novelpolicieson
dataprotectioninEuropeaimtoavoidtherisksthatfearofan uncontrolledsharingofdatamayslowdownthedevelopment ofinnovative uses ofnewtechnologies. Itismentioned in theexplanatorymemorandumoftheRegulation11that“heavy
criticismhasbeenexpressedregardingthecurrent fragmen-tationofpersonaldataprotectionintheUnion,inparticular byeconomicstakeholderswhoaskedforincreasedlegal cer-taintyand harmonization oftherules onthe protectionof personaldata”.Also,thecomplexityoftheruleson interna-tionaltransfersofpersonaldataisconsideredasconstitutinga “substantialimpedimenttotheiroperationsastheyregularly needtotransferpersonaldatafromtheEUtootherpartsof theworld”.11Nevertheless,evenwheneconomicmotivations
aredrivingreform,fundamentalhumanrightstoprivacyand dataprotectionandconfidentialitymaybenefitfromthenew EURegulation.
In reality, even if the erosion of the rights to privacy andconfidentialityinthehealthcareandbiobankingfields becomes clearer, the public and health professionals still demandatleastaperceptionoftheobservationoftheserights. Thefactsthoughseemtorevealanunstoppablefadingofthe frontiersofprivatelife,especiallyinthehealthcaredomain. Clearly, many changes occurred during the 100 years that mediatedbetween“TheRighttoPrivacy”and“Imperial Bed-room”.Thebirthoftheportablesnapshotphotographycamera and laterofthevideocamcorder, themobile phone indus-try,themassuseofcomputersandthedawnoftheinternet are good examples oftechnology-propelledsocial transfor-mations thatprovide achallenge toclassical constructions ofindividualrightsandfreedoms.However,despiteallthese transformations theessentialdimensionofindividual free-domrelatingtopersonalinformationandtothenotionthat thelessisknownaboutusthefreerweallareisstillvery rel-evant andwellgrounded.Intermsofourindividualselves, fears ofinvasionofour mostprivatelives remainjustified andperhapsevenfurther,asmoreandmoreinformationis known andsharedabout us,usingamultitudeofdifferent communicationchannels.Asfarasourcollectiveselvesgo, oursocialtolerancetowardsinformationdisseminationand data sharing isalsoincreasingin tandemwiththe expan-sionofphenomenasuchassocialmediaand onlinesocial networks.Therefore,individualsandsocietyingeneralseem nowmorewillingtoacceptalevelofinformationdisclosure farhigherthanbefore.Asmoreandmoreisknownandshared aboutusthemorewetendtocherishwhateverpartofusisleft
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
uninvaded.Notsurprisingly,fourteenyearsonsinceJonathan Franzen’sNewYorkeressay,discussionaroundtheissuesof privacyprotectionandconfidentialitybreachingare undoubt-edlyas prominentas ever. This urge comes perhapsfrom theutilitarianismofourtimes,whichoverthrowstheworries ofpublicauthoritiesand privatecorporations with individ-ualprivacyandconfidentialityanddataprotectionrightsin healthcareandgenetics.Becauseeconomicsisgettingthelast word,expensiverightscansoonvanishfromtheLaw.
Consequently, wethink the rights toprivacy and confi-dentialityhavetobereframedinthecontextofHealthLaw andBioethicsandbeseenmoreasdataprotectionrightsand lessasmerereflectionsoftheHippocraticOath.Silenceisno longerenoughtoprotectourpersonalhealthinformation.On thecontrary,informationtechnologiesbuilttoprotect medi-calandgeneticprivacycanperformthisrole,butLawhasto provideobligationsandsanctionstomaketheseenforceable. AslongastopadministratorsandITprofessionalsworkingin healthcareunitsandbiobanksarenotheavilysanctionedfor lackofcompliancewithdataprotectionlegalrequirements therightstoprivacyandconfidentialityinthesesettingswill stillbemenaced.
Wearewatching, atleastinEurope,toanunacceptable regressionofparticularlyimportantindividualrights.Forthis reason,as healthlegal and ethicalexpertswe expressthe urgentneedtoupdatethediscussionontherightstohealth dataprivacyandconfidentialityandtomakesurewewillkeep theseissuesaliveincontemporaryHealthLaw.
Conflicts
of
interest
Theauthorshavenoconflictsofinteresttodeclare.
r
e
f
e
r
e
n
c
e
s
1. Auray-BlaisC,PatenaudeJ.Abiobankmanagementmodel applicabletobiomedicalresearch.BMCMedEthics.2006;7:E4,
http://dx.doi.org/10.1186/1472-6939-7-4.
2. McCrearyL.Whatwasprivacy?[Internet].HarvBusRev. 2008;86:123–30,142.Availablefrom:
http://hbr.org/2008/10/what-was-privacy/ar/1[citedAugust 2014].
3. AnnasGJ.Therightsofpatients.3rded.Carbondale: SouthernIllinoisUniversityPress;2004.
4. BayerR,FairchildAL.Publichealth:Surveillanceandprivacy. Science.2000;290:1898–9.
5. FranzenJ.Imperialbedroominhowtobealone.London: HarperandCollinsPublishers;2010.
6. MoreiraV,CanotilhoJJ.Constituic¸ãodaRepúblicaPortuguesa: anotada:artigos1◦a107◦,vol.I.Coimbra:CoimbraEditora; 2007.
7. DuganRB,WiesnerGL,JuengstET,O’RiordanM,MatthewsAL, RobinNH.Dutytowarnat-riskrelativesforgeneticdisease: Geneticcounselors’clinicalexperience.AmJMedGenetC SeminMedGenet.2003;119C:27–34.
8. WarrenSD,BrandeisLD.Therighttoprivacy.HarvLawRev. 1890;4:193–220.
9. RochePW.Clinicalgenetics:Meetingthechallengesto privacy.In:FariaPL,editor.Theroleofhealthlaw,bioethics andhumanrightstopromoteasaferandhealthierworld. [Internet].Lisboa:Fundac¸ãoLuso-Americana.EscolaNacional
deSaúdePública.UniversidadeNovadeLisboa;2006.,ISBN 972-98811-4-6p.123–82.Availablefrom:https://www.ensp. unl.pt/dispositivos-de-apoio/cdi/cdi/sector-de-publicacoes/ precario/publicacoesemcoedicao/publicacoesemcoedicao
[citedJune2014].
10.WolfLE,CataniaJA,DolciniMM,PollackLM,LoB.IRBchairs’ perspectivesongenomicsresearchinvolvingstoredbiological materials:Ethicalconcernsandproposedsolutions.JEmpir ResHumResEthics.2008;3:99–111,http://dx.doi.org/10.1525/ jer.3.4.99.
11.EuropeanCommission.Proposalforaregulationofthe EuropeanparliamentandoftheCouncilontheprotectionof individualswithregardtotheprocessingofpersonaldataand onthefreemovementofsuchdata(GeneralDataProtection Regulation).[Internet].Brussels:EuropeanCommission;2012. Availablefrom:http://ec.europa.eu/justice/data-protection/ document/review2012/com201211en.pdf[citedJune 2014].
12.CourtofJusticeoftheEuropeanUnion.[Internet].Press ReleaseNo70/14,Luxembourg.JudgmentinCaseC-131/12, GoogleSpainSL,GoogleInc.vAgenciaEspa ˜nolade ProteccióndeDatos;2014,May.Availablefrom:http://curia. europa.eu/jcms/upload/docs/application/pdf/2014-05/ cp140070en.pdf[citedJune2014].
13.BeauchampT,ChildressJ.Principlesofbiomedicalethics.6th ed.NewYork:OxfordUniversityPress;2009.
14.HouseofLords.HerMajesty’sAttorneyGeneralV.The ObserverLimitedandOthers.[Internet].Judgment13.10.88. UnitedKingdom;2014.Availablefromhttp://www.bailii.org/ uk/cases/UKHL/1988/6.html[citedMay2014].
15.GoldJL.Towarnornottowarn?Geneticinformation.MJM. 2004;8:72–8.
16.EuropeanUnion.CharterofFundamentalRightsofthe EuropeanUnion.[Internet].OfficialJournaloftheEuropean Communities.C364/1,18.12.2000;2014.Availablefrom:
http://www.europarl.europa.eu/charter/pdf/texten.pdf[cited May2014].
17.EuropeanUnion.ConsolidatedversionoftheTreatyonthe functioningoftheEuropeanUnion.OffJEurUnion.2012, October;C326/47.
18.CouncilofEurope.Europeanconventiononhumanrights [Internet];1950.Availablefrom: http://hub.coe.int/what-we-do/human-rights/european-convention[citedMay2014]. 19.CourtofJusticeoftheEuropeanUnion.JudgmentoftheCourt
(GrandChamber)of9November2010.JoinedCasesVolker undMarkusScheckeGbR(C-92/09)andHartmutEifert (C-93/09)vLandHessen.[Internet].Availablefrom:http:// curia.europa.eu/juris/liste.jsf?language=en&jur=C,T,F&num= c-92/09&td=ALL[citedMay2014].
20.EuropeanUnion.Directive95/46/ECoftheEuropean ParliamentandoftheCouncilof24October1995onthe protectionofindividualswithregardtotheprocessingof personaldataandonthefreemovementofsuchdata. [Internet].OffJEurUnion.1995,November;L281:0031–50. Availablefrom:http://eur-lex.europa.eu/LexUriServ/ LexUriServ.do?uri=CELEX:31995L0046:en:HTML[citedMay 2014].
21.EuropeanCommission.Communicationfromthe CommissiontotheEuropeanParliament,theCouncil,the EuropeanEconomicandSocialCommitteeandthe CommitteeoftheRegions:safeguardingprivacyina connectedworld:aEuropeanDataProtectionFrameworkfor the21stCentury.[Internet].Brussels:EuropeanCommission; 2012.Availablefrom: http://ec.europa.eu/justice/data-protection/document/review2012/com20129en.pdf[cited June2014].
22.SieglerM.Confidentialityinmedicine:Adecrepitconcept. NEnglJMed.1982;307:1518–21.
Pleasecitethisarticleinpressas:FariaPLd,CordeiroJV.Healthdataprivacyandconfidentialityrights:Crisisorredemption?RevPortSaúde
23.SankarP,MoraS,MerzJF,JonesNL.Patientperspectivesof medicalconfidentiality:Areviewoftheliterature.JGen InternMed.2003;18:659–69.
24.KnoppersBM,SaginurM.TheBabelofgeneticdata terminology.NatBiotechnol.2005;23:925–7.
25.KarlsenJR,StrandR.Theethicaltopographyofresearch biobanking.EthicsLawSoc.2009;4:127–47.
26.CaplanA.Whatnooneknowscannothurt:Thelimitsof informedconsentintheemergingworldofbiobanking. In:SolbakkJH,HolmS,HofmannB,editors.Theethics ofresearchbiobanking.Dordrecht:Springer;2009.p.25–33.
27.TallacchiniM.Rhetoricofanonymityandpropertyrightsin humanbiologicalmaterials(HBMs).LawHumGenomeRev. 2005;22:153–75.
28.AnnasGJ.Terrorism,tortureandotherpost9/11epidemics: Mustwesacrificehumanrightsinthenameofsecurity?In: FariaPL,editor.Theroleofhealthlaw,bioethicsandhuman rightstopromoteasaferandhealthierworld.[Internet]. Lisboa:Fundac¸ãoLuso-Americana.EscolaNacionaldeSaúde Pública.UniversidadeNovadeLisboa;2006.,ISBN 972-98811-4-6p.123–82.Availablefrom:https://www.ensp.unl.pt/ dispositivos-de-apoio/cdi/cdi/sector-de-publicacoes/precario/ publicacoesemcoedicao/publicacoesemcoedicao[cited June2014].
29.ForjazM.Nuncatedistraiasdavida.Lisboa:OficinadoLivro; 2014.
30.GerardS,HayesM,RothsteinMA.Ontheedgeoftomorrow: Fittinggenomicsintopublichealthpolicy.JLawMedEthics. 2002;303Suppl.:173–6.
31.BenkendorfJL,ReutenauerJE,HughesCA,EadsN,WillisonJ, PowersM,etal.Patient’sattitudesaboutautonomyand confidentialityingenetictestingforbreast-ovariancancer susceptibility.AmJMedGenet.1997;73:296–303.
32.WolffK,BrunW,KvaleG,NordinK.Confidentialityversus dutytoinform:Anempiricalstudyonattitudestowardsthe handlingofgeneticinformation.AmJMedGenet.
2007;143A:142–8.
33.NuffieldCouncilonBioethics.Theforensicuseof bioinformation:Ethicalissues.[Internet].London,UK: NuffieldCouncilonBioethics;2007.Availablefrom:http:// www.nuffieldbioethics.org/sites/default/files/The%20forensic %20use%20of%20bioinformation%20-%20ethical%20issues. pdf[citedJune2014].
34.LevittM.Forensicdatabases:Benefitsandethicalandsocial costs.BrMedBull.2007;83:235–48.
35.Gonc¸alvesME,JesusIA.Securitypoliciesandtheweakening ofpersonaldataprotectionintheEuropeanUnion.Comput LawSecRev.2013;29:255–63.
36.CostaL,PoulletY.Privacyandtheregulationof2012.Comput LawSecRev.2012;28:254–62.
37.DeHertP,PapakonstantinouV.Theproposeddataprotection RegulationreplacingDirective95/46/EC:Asoundsystemfor theprotectionofindividuals.ComputLawSecRev. 2012;28:130–42.
38.EuropeanDataProtectionSupervisor.Opinionof theEuropeanDataProtectionSupervisoronthe CommunicationfromtheCommissiontotheEuropean Parliament,theCouncil,theEconomicandSocialCommittee andtheCommitteeoftheRegions:Acomprehensive approachonpersonaldataprotectionintheEuropeanUnion. OffJEurUnion.2011,June,2011/C181/01.
39.EuropeanCommission.Attitudesondataprotectionand electronicidentityintheEuropeanUnion.Special EurobarometerReport[Internet]359;2011.1–88.Available from:http://ec.europa.eu/publicopinion/archives/ebs/ebs 359en.pdf
40.EuropeanCommission.Communicationfromthe CommissiontotheEuropeanParliament,theCouncil,the EconomicandSocialCommitteeandtheCommitteeofthe Regions:Acomprehensiveapproachonpersonaldata protectionintheEuropeanUnion.[Internet].Brussels: EuropeanCommission;2010.Availablefrom:http://ec.europa. eu/justice/news/consultingpublic/0006/com2010609en.pdf
[citedJune2014].
41.31stInternationalConferenceofDataProtectionandPrivacy Commissioners.JointProposalforaDraftofInternational StandardsontheProtectionofPrivacywithregardtothe processingofPersonalData:TheMadridResolution:“Privacy: TodayisTomorrow”.CongressPalace,Madrid,4-6November 2009.Madrid:DataProtectionandPrivacyCommissioners; 2009.
42.Portugal.MinistériodaSaúde.PortaldaSaúde;2014.Available from:http://www.portaldasaude.pt/portal[citedJuly2014].