PART II - THE PATIENT’S RIGHT TO DATA PROTECTION. UNDERSTANDING THE LEGAL CONTEXT

Summary

Introduction – While Part I focused on understanding the technological and societal developments, Part II focusses on understanding the legal context of the patient's right to data protection. Both elements are essential in a well-founded evaluation of the functioning of the patient's right to data protection in today's society. Understanding the legal context is moreover necessary to provide valid suggestions for the rethinking of the patient's right to data protection in the context of modern healthcare systems, which build on big data, machine learning and artificial intelligence on the one hand, and patient empowerment and personalisation on the other hand. Not only is it necessary to discuss central legal concepts such as ‘privacy’, ‘data protection’, ‘personal data’, ‘data concerning health’ or ‘patient’, understanding the evaluation of these concepts in and by society is paramount too. Three elements are discussed: the roots, the concepts and the subject of protection.

Three elements, three chapters – The first chapter focusses on analysing the legal roots of the patient's right to data protection. The chapter combines a diachronic and synchronic approach. A diachronic approach allows understanding the evolution in the right to privacy from a right to be leftalone to a right to informational self-determination, protected by two fundamental rights: privacy and data protection. Influenced by the World Wars, the search for citizen empowerment, technological progress and the increasing availability of computerised data, the right to privacy evolved into a fundamental right of the patient accompanied by a fundamental right to protect personal data for the European data subject. However, the patient's right to data protection is situated on the crossroads of data protection law and medical law. While data protection law is not sector-specific, medical law is. By combining the diachronic approach with a synchronic approach, data protection law developments can be studied next to developments on patients’ rights.

The second chapter studies the essential concepts that delineate the topic of the discussion. First, it is clarified that the topic of discussion is limited to matters relating to patients. A definition for ‘the patient’ is suggested based on European instruments. Notwithstanding societal evolutions towards a cradleto-the-grave approach in medicine, it is essential to realise that all patients are data subjects while not all data subjects are patients.