Abstract

VETIS-ZAGANELLI, Margareth  and  BINDA FILHO, Douglas Luis. The General Data Protection Law and its implications on health: impact assessments on data processing in the clinical-hospital scope. Rev. Bioética y Derecho [online]. 2022, n.54, pp.215-232.  Epub Dec 12, 2022. ISSN 1886-5887.  https://dx.doi.org/10.1344/rbd2021.54.36005.

The General Data Protection Law provides for the protection of personal data and has significant implications in numerous areas, including in healthcare. In the health field, due to the relevant amount of sensitive data containing information on health, it is required caution from the treatment agents, since its processing is more likely to cause a high risk to the rights of the data subjects. In this regard, the art. 35 of the General Data Protection Regulation, the European legislation on the protection of personal data, determines that the carrying out of Impact Assessments is mandatory, which is not evident in the Brazilian legislation. Through exploratory research, based on a bibliographic and documentary survey, the importance of these assessments by health institutions in the treatment of sensitive data is investigated, so as to attest not only compliance with legislation, but also with stipulations present in deontological codes that value secrecy, privacy and confidentiality in doctor-patient relationship. At first, general aspects of the Brazilian law and a comparative perspective regarding the European one are discussed. Secondly, it exposes the association between treatment of sensitive data and confidentiality in healthcare. It concludes that it is important to carry out the Impact Assessment on sensitive data, an occasion in which the European experience of risk-based methodology is considered.

Keywords : Sensitive data; data governance; General Data Protection Law; General Data Protection Regulation; Impact Assessment.

        · abstract in Portuguese | Catalan | Spanish     · text in Portuguese     · Portuguese ( pdf )