Nasseh Daniel
Comprehensive Cancer Center, Munich, Germany.
Stud Health Technol Inform. 2020 Jun 26;272:43-46. doi: 10.3233/SHTI200489.
One of the major regulatory factors for health informatics is data privacy protection. In the European Union, a shared set of laws has been implemented - the General Data Protection Regulation. While this set of rules aims at harmonizing the European data privacy protection standards, it fails in properly detailing the handling of anonymized data. This is a problem, as, for example many current research initiatives aim at reusing patient data collected within primary care, but lack a patient consent, hence, might rely on anonymized data as being the only alternative. Within this work, we detail different aspects why the concept of anonymity is wrongly handled within the GDPR and give suggestions how the laws could be adapted.
健康信息学的主要监管因素之一是数据隐私保护。在欧盟,已实施了一套共享法律——《通用数据保护条例》。虽然这套规则旨在统一欧洲的数据隐私保护标准,但它未能妥善详细说明匿名数据的处理方式。这是一个问题,例如,目前许多研究倡议旨在重新利用在初级保健中收集的患者数据,但缺乏患者同意,因此,可能只能依赖匿名数据作为唯一选择。在这项工作中,我们详细阐述了《通用数据保护条例》中匿名概念被错误处理的不同方面,并提出了如何修改法律的建议。
