News

Data protection: Health insurance data goes to research center

As of October 1, the collection point of the GKV-Spitzenverband is to be provided with extensive health data of 73 million insured persons from Germany in order to be able to evaluate them scientifically. A right to object does not exist, information is not provided – but data protection organizations continue to fight back.

Comprehensive data collection and evaluation

Jens Spahn had the Digital Care Act, which is intended to fundamentally change the healthcare system with E-prescription and electronic health card, among other things, launch the current regulation, which provides for the comprehensive collection and evaluation of all relevant health data of almost everyone in the Federal Republic. Statutory health insurers are required to forward their data to the collection point of the GKV-Spitzenverband, which in turn must pass it on to the research data center of the Federal Institute for Drugs and Medical Devices by December. There, the data will be analyzed and stored for 30 years. Politicians apparently expect this to provide them with better insight into the health situation in the FRG, as well as possible impetus for changes in health care.

Violation of right to informational self-determination

Data protection associations have sharply criticized the regulation from the outset. They pointed out that it violates the right to informational self-determination, especially since there is no possibility to object. Added to this is the fact that the research center is not committed to strict data protection. The data are merely pseudonymized, with the names and dates of birth of the insured removed. However, there is no further processing of the data; nor is there any contemporary encryption of the stored data. An expert opinion by cryptography professor Dominique Schröder has shown that it is comparatively easy to draw conclusions about individuals with rare diseases in particular, despite the pseudonymization procedures used – which can expose them to tangible danger, especially in the case of stigmatized diseases. In addition to the fundamental dubiousness of collecting and evaluating data without the consent of those affected, there is thus a risk of data misuse.

Schröder also pointed out that central data collection in particular poses an unnecessary risk that could easily be avoided technically. He sees this as a single point of failure that does not reflect the current state of the art.

Society for Civil Liberties and CCC sue

The Society for Civil Liberties and the Chaos Computer Club, together with a person who suffers from the rare disease hemophilia, have already filed suit against the Digital Health Care Act or the associated compulsory collection of data – and successfully so. In two summary proceedings in Berlin and Frankfurt am Main, the data collection was stopped in this case. The Society for Civil Liberties has already announced that it will continue to work towards obtaining a right of objection and appropriate data protection.

Simon Lüthje

I am co-founder of this blog and am very interested in everything that has to do with technology, but I also like to play games. I was born in Hamburg, but now I live in Bad Segeberg.

Related Articles

Neue Antworten laden...

Basic Tutorials

Gehört zum Inventar

7,583 Beiträge 2,099 Likes

As of October 1, the collection point of the GKV-Spitzenverband is to be provided with extensive health data of 73 million insured persons from Germany in order to be able to evaluate them scientifically. A right to object does not exist, information is not provided – but data protection organizations continue to fight back. Comprehensive … (Weiterlesen...)

Antworten Like

Back to top button