Published: Less than 20 min ago
The EU’s data protection regulation GDPR effectively puts an end to the latest technology in diabetes care, but now Region Dalarna has decided that patients should still have access to it, despite the region risking penalty fees.
– Yes, we made a decision in political agreement to put patients first here, says regional board chairman Ulf Berg (M) to Läkartidningen.
The legal problems with the new technology, such as insulin pumps and sensors, are that the products collect patient data that often ends up on cloud services outside the EU. This entails strict requirements for security measures according to the GDPR, which in practice are perceived as impossible to fulfill.
This also applies to the current tools used within Region Dalarna. According to the region’s lawyers, the use may therefore involve an illegal third-country transfer, which may lead to penalty fees from the Swedish Privacy Agency.
– The relationship between what citizens gain from this law versus what you can lose if you are diabetic, for example, I don’t think it can be compared. We have weighed the risk of the patient being adversely affected compared to the legal risk, and then we have sided with the patient. Hopefully there are new rules in the works that will prevent you from ending up in this misery, says Ulf Berg to Läkartidningen.
Facts
This is GDPR
The General Data Protection Regulation – in English “General Data Protection Regulation”, GDPR – was introduced on 25 May 2018 and replaced the previous Personal Data Act (PUL).
GDPR was introduced simultaneously in all EU countries to create a uniform and equivalent level for the protection of personal data within the EU.
The purpose of the regulation is to protect the fundamental rights and freedoms of the individual citizen, especially their right to protection of personal data.
The law covers all types of businesses and bodies that collect and store personal data.
Source: The Swedish Privacy Agency
Read more