Download presentation
Presentation is loading. Please wait.
Published byRuby Cole Modified over 9 years ago
1
Opinion about the draft privacy regulation of the EC Frank Robben General manager eHealth-platform Willebroekkaai 38 B-1000 Brussels E-mail: Frank.Robben@ehealth.fgov.beFrank.Robben@ehealth.fgov.be Website eHealth-platform: https://www.ehealth.fgov.behttps://www.ehealth.fgov.be Personal website: www.law.kuleuven.be/icri/frobbenwww.law.kuleuven.be/icri/frobben
2
2 23/01/2013 About me general manager of the Belgian Crossroads Bank for Social Security since 1991 responsible for the organisation of secure personal data exchange between 3.000 social security institutions with a good balance between privacy and information security on one hand and effective and efficient social protection on the other best practice awards from UN, EPSA and foreign DPA general manager of the Belgian eHealth Platform since 2008 responsible for the organisation of secure personal health data exchange between 100.000 health care institutions and health care providers with a good balance between privacy and information security on the one hand and effective and efficient health care on the other life time achievement award for information security from LSEC, the most important Belgian association for information security member of the Belgian DPA since 1991
3
3 23/01/2013 Regulation: no suitable legal instrument need for an adequate balance between fundamental rights, a.o. right to privacy and information security right to health and effective and efficient health care adequate balance is not universal depends on historical and cultural differences can be attained in several ways: different mixes of -structural measures -organisational measures -legal measures
4
4 23/01/2013 Regulation: no suitable legal instrument most suitable legal instrument in this respect not a regulation that implements a unique balance throughout the whole European Union but a directive that contains common goals and principles, and permits Member States to attain adequate balances accepted by their citizens
5
5 23/01/2013 Proposal for a regulation the “one stop shop” has primarily advantages for companies having activities in several Member States (because they do not have to deal anymore with the several laws of several Member States), but not for the citizen does not install a powerful European DPA that deals with privacy and information security issues of multinational companies is too complex, too detailed and too unclear (too vague concepts, too much interpretation possibilities) does not seem to respect the principle of subsidiarity
6
6 23/01/2013 Proposal for a regulation delegates too many decisions to the European Commission without any democratic control implies huge supplementary costs for data controllers, especially PME’s and government institutions to maintain documentation of all processing operations enormous information duty to conduct a data protection impact assessment for more risky processing to notify any personal data breach to the DPA without undue delay creates huge problems for DPA’s interpretation problems resource problems
7
7 23/01/2013 Proposal for a regulation denial of the principle of the separation of powers limits unnecessarily the possibility for Member States to attain balances between the right to privacy and other fundamental rights that match with the historical and cultural specificities, e.g. field of application of specific rules for health data information duties authorisation of exchange of personal data by the DPA instead of explicit consent of the data subject will, at the end, not be favourable for data subjects either: more theoretical rights, but real execution of rights will be more difficult
8
8 23/01/2013 Proposal limitation of the European legal framework to basic objectives and principles that foster confidence of citizens in ICT rather than a very extensive regulation primarily in the economic interest of multinational companies adaptation of the actual directive to the ICT-evolution no increase of costs and administrative burden for governments, PME’s and DPA’s if a regulation is necessary for multinational companies limitation of the field of application to those companies installation of a powerful European DPA that deals with those companies
9
Th@nk you ! Any questions ?
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.