Privacy of patient data in quality-of-care registries in cardiology and cardiothoracic surgery: the impact of the new general data protection regulation EU-law
European heart journal. Quality of care & clinical outcomes , Volume 4 - Issue 4 p. 239- 245
Quality-of-care registries have been shown to improve quality of healthcare and should be facilitated and encouraged. The data of these registries are also very valuable for medical data research. While fully acknowledging the importance of re-using already available data for research purposes, there are concerns about how the applicable privacy legislation is dealt with. These concerns are also articulated in the new European law on privacy, the 'General Data Protection Regulation' (GDPR) which has come into force on 25 May 2018. The aim of this review is to examine what the implications of the new European data protection rules are for quality-of-care registries in Europe while providing examples of three quality-of-care registries in the field of cardiology and cardiothoracic surgery in Europe. A general overview of the European and national legal framework (relevant data protection and privacy legislation) applying to quality-of-care registries is provided. One of the main rules is that non-anonymous patient data may, in principle, not be used for research without the patient's informed consent. When patient data are solely and strictly used for quality control and improvement, this rule does not apply. None of the described registries (NHR, SWEDEHEART, and NICOR) currently ask specific informed consent of patients before using their data in the registry, but they do carry out medical data research. Application of the GDPR implies that personal data may only be used for medical data research after informing patients and obtaining their explicit consent.
|European heart journal. Quality of care & clinical outcomes|
|Organisation||Department of Radiology|
Wierda, E. (E.), Eindhoven, D.C. (D. C.), Schalij, M.J, Borleffs, C.J.W, Amoroso, G, van Veghel, D. (D.), … Ploem, M.C. (M. C.). (2018). Privacy of patient data in quality-of-care registries in cardiology and cardiothoracic surgery: the impact of the new general data protection regulation EU-law. European heart journal. Quality of care & clinical outcomes, 4(4), 239–245. doi:10.1093/ehjqcco/qcy034