El problema del consentimiento para el procesamiento de datos de salud, en particular con fines de investigación biomédica, desde la perspectiva de la protección de los derechos fundamentales en la era digital

AutorProf. Dr. Joaquín Sarrión Esteve
CargoRamón y Cajal Researcher Department of Constitutional Law, The National Distance Education University - UNED (Madrid, Spain)
Páginas107-132

Page 109

1. Motivation

Health data processing fields face ethical and legal problems regarding fundamental rights. As we know, patients can benefit in the Digital Era from having health or medical information available, and medical decisions can be more effective with a better understanding of clinical histories, medical and health data thanks to the development of Artificial Intelligence, Internet of Things and other Digital Technologies, with a better general governance of Big Data. However, at the same time, we need to guarantee fundamental rights.

Although the new European Union (EU) Information or Data Privacy regulation has been a ‘property-based conception’ regulation1, the reality is that although it is a very important instrument to guarantee fair and quality use and processing of personal data, this legal instrument opens the health data processing for very open purposes as scientific, historical and statistical research2without a clear regulation of the guarantees.

The complaint about ethical and legal requirements – including constitutional ones – is particularly relevant in the processing of health data because when dealing with health we need a fundamental rights protection

Page 110

approach to identify the ethical and legal limits regarding the use of this type of sensitive data.

In order to achieve our aims, from a methodological perspective, we need to use multilevel methodology because we live immersed in a European legal space comprised of legal systems with different levels which are increasingly interconnected3. Therefore, we need a theoretical basis to approach it and try to study any element or reality included in these related legal systems, and dealing meanwhile with the new constitutional horizon opened in the EU after the Lisbon Treaty4.

In this paper, first, the methodology we are going to use, the multilevel one, will be described. After that, we study the concept of health data, the uses and purposes – both for health and medical uses among others – of health data, the legal requirements of processing health, and finally we focus our aim on the problem of the consent and the exceptions of scientific, historical and statistical research, which include biomedical research purposes.

2. Multilevel methodology on health data processing

It is typical – from the Law perspective5– to describe the relationship between EU law and national ones in terms of a multilevel legal system,
i.e., constitutional pluralism or multilevel constitutionalism. In both cases, we speak about theoretical constructions which try to explain the EU multilevel fundamental rights protection architecture6, and therefore the relationship and interaction of different legal systems or levels, particularly EU and national ones. These are becoming progressively more intercon-

Page 111

nected, because we need to approach this complex ‘legal reality’ as Prof. GÓMEZ SÁNCHEZ pointed out some years before7.

Certainly, the problem that arises is the special complexity of fundamental rights protection in this type of multilevel reality which deals with multisided systems and we need to consider not only EU and national law, but also international law and obligations8including the European Convention on Human Rights (ECHR)9, and other international instruments such as the Convention on Human Rights and Biomedicine (Oviedo Convention)10.

Nevertheless, some authors usually tend to share an assumption that seems problematic, as KOMÁREK pointed out recently11: the identity of fundamental rights at the different levels and systems, based on the universality of human rights. Certainly, fundamental rights are founded on universal values, but are linked to a specific legal order, and therefore to a specific constitutional and national identity (of which they are a part). The reality is that Fundamental Rights protection in the EU Legal order has its own ground and standard of protection and guarantees, which differs from national ones and even from the ECHR order. This makes it more difficult to determine the applicable level of protection and fundamental rights guarantees.

Page 112

Certainly, according to article 51(1) of the EU Charter of Fundamental Rights12, the EU Charter provisions are addressed not only to EU institutions but also to the EU Member States when they are implementing EU law. The European Court of Justice’s (ECJ) interpretation of this provision is very extensive, in the sense that it is linked to the concept of the scope of EU law. Therefore, EU Fundamental Rights protection is binding for EU member states not only when they implement EU law but in any case, within the scope of EU law (Åkerberg Fransson, C-617/10)13, and the application of EU Fundamental Rights standard is binding, not allowing the application of the national one unless the EU law provides a margin to do so without questioning the primacy of EU law (Melloni, C-399/1114; and

Åkerberg Fransson, C-617/10) challenging the multilevel system15.

Therefore, there is no simple answer regarding fundamental rights protection on health data processing, but we are going to try to develop an overview on the relevant actual legal framework in the EU by outlining actual challenges.

3. Health data processing legal framework

Health, Biological and Biometric data are sensitive because they concern the privacy of the person (private life) in different dimensions. On the one hand, health data are personal data linked to the health of a person (derived from health care treatments), and on the other hand, biological and biometric data enable the identify of a person16. In both cases, we deal with sensitive and relevant data linked to privacy.

Page 113

This paper is focuses on the actual trends of health data processing (including collection, recording, organisation, structuring, storage, and other uses) in the Digital Era, considering the actual legal framework of health data.

3.1. Health data processing international legal framework

At the international law level, it is important to note the Universal Declaration of Human Rights (UDHR) of 1948 as a milestone document in human rights protection adopted by the United Nations General Assembly. Although it is not a binding document, it can be an important source for the interpretation of the law. Article 12 provides for privacy:

‘No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks’.

There are also other non-binding international instruments such as the Universal Declaration on Bioethics and Human Rights of 19 October 2005 (UDBHR) within UNESCO (United Nations Educational, Scientific and Cultural Organization) framework, which aims to ‘provide a universal framework of principles and procedures to guide States in the formulation of their legislation, policies or other instruments in the field of bioethics’ (art. 2(a) UDBHR), and emphasises the need to carry out medical research within the framework of the ethical principles that the Declaration states by respecting the dignity, human rights, and fundamental freedoms (art. 2 (d) UDBHR).

It provides for minimisation regarding applying and advancing scientific knowledge, medical practice and associated technologies; maximising direct and indirect benefits to patients and individuals (art. 4 UDBHR); respecting the autonomy of persons (art. 5 UDBHR); requires ‘the prior, free and informed consent of the person concerned, based on adequate information’ (art. 6(1) UDBHR) or the authorisation according to national law (art. 7 UDBHR) and the respect for privacy and confidentiality (art. 9 UDBHR); prohibition of discrimination (art. 11 UDBHR), inter alia. In particular, regarding privacy and confidentiality, article 9 UDBHR stipulates that:

The privacy of the persons concerned and the confidentiality of their personal information should be respected. To the greatest extent possible, such information should not be used or discloses for purposes other than those for which it was collected or consented to, consistent with international law, in particular international human rights law’.

Page 114

More importantly, due to its binding nature, the ECHR at the Council of Europe (CoE) regional system provides in article 8 that:

‘1. Everyone has the right to respect for his private and family life, his home and his correspondence.

  1. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others’.

There are other articles in the ECHR relevant for health treatments including article 2 (right to life), article 3 (prohibition of torture, rights to integrity and dignity), and particularly on health data, article 14 provides the prohibition of discrimination without any distinction, which we must interpret as including the prohibition of genetic discrimination; and article 9 related to freedom of thought, conscience and religion, which anyone can use in order to limit some of his or her health data treatments.

Certainly, the relevance of the ECHR is that any individual can ask for the protection of...

Para continuar leyendo

Solicita tu prueba

VLEX utiliza cookies de inicio de sesión para aportarte una mejor experiencia de navegación. Si haces click en 'Aceptar' o continúas navegando por esta web consideramos que aceptas nuestra política de cookies. ACEPTAR