PROVIDING SERVICES REMOTELY: PECULIARITIES OF PERSONAL DATA PROCESSING IN THE HEALTHCARE SECTOR
##plugins.themes.bootstrap3.article.main##
Abstract
With the global spread of COVID-19, remote work and provision of services remotely have become the norm in many areas of activity, including the provision of healthcare services. Following the decision of the government of the Republic of Lithuania to declare quarantine and introduce restrictions to limit movement and activities, recommendations were adopted for public and private sector entities to organize work and provide remote services for customers. The only exception made was in the case of certain functions that could only be physically performed in the actual workplace. Priority for remote provision of services was established in the healthcare sector. Hence, the unprecedented situation presented by COVID-19 has obliged healthcare (and many other sectors) to adapt, and even switch, to remote work, despite doubts or a reluctance to adopt telemedicine.
A key challenge in providing distance healthcare is the proper identification of a data subject (patient). Given that the provision of healthcare services is linked to the processing of sensitive personal data, the intended method of identification of a data subject must adhere to strict protocols. These are determined by the potential severity of the consequences that may arise for a patient (and also the healthcare provider) due to misidentification. Qualified data protection officers, supported by appropriate legislation, are essential for the successful implementation of the principles established in the General Data Protection Regulation, and in particular the principle of data minimisation and the principle of transparency, regardless of the way in which the healthcare services are provided (remotely or in person upon arrival to the healthcare institution). Ensuring the education and continuous training of the personnel can help to prevent healthcare institutions from violating the security of personal data, as well as ensure they maintain principles of integrity and confidentiality, especially when and where services are provided remotely.
A key challenge in providing distance healthcare is the proper identification of a data subject (patient). Given that the provision of healthcare services is linked to the processing of sensitive personal data, the intended method of identification of a data subject must adhere to strict protocols. These are determined by the potential severity of the consequences that may arise for a patient (and also the healthcare provider) due to misidentification. Qualified data protection officers, supported by appropriate legislation, are essential for the successful implementation of the principles established in the General Data Protection Regulation, and in particular the principle of data minimisation and the principle of transparency, regardless of the way in which the healthcare services are provided (remotely or in person upon arrival to the healthcare institution). Ensuring the education and continuous training of the personnel can help to prevent healthcare institutions from violating the security of personal data, as well as ensure they maintain principles of integrity and confidentiality, especially when and where services are provided remotely.
##plugins.themes.bootstrap3.article.details##
Section
TOPICAL ISSUES OF PERSONAL DATA PROTECTION
Authors contributing to Jurisprudence agree to publish their articles under a Creative Commons Attribution-NoDerivatives 4.0 International Public (CC BY-NC-ND) License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit, and that in the event of reuse or distribution, the terms of this licence are made clear.
Authors retain copyright of their work, with first publication rights granted to the Association for Learning Technology.
Please see Copyright and Licence Agreement for further details.
Authors retain copyright of their work, with first publication rights granted to the Association for Learning Technology.
Please see Copyright and Licence Agreement for further details.