Simon Harris (Wicklow, Fine Gael)
Link to this: Individually | In context | Oireachtas source

The detailed circumstances pertaining to the individual case outlined by the Deputy are unclear. Where files are requested, data controllers should have careful regard to the nature of the request and the purpose for which the files are being requested. The rights of the patient regarding their personal health data and with whom that data can be disclosed should be of paramount importance in any consideration. Current data protection legislation clearly sets out strict rules regarding the processing of sensitive personal data (which includes data concerning health) by data controllers. Processing of personal data includes the collection, use and disclosure of data. A number of conditions are set out for the fair processing of sensitive data concerning health including consent and where such processing is necessary for a number of different reasons. These are detailed in Sections 2 A and B of the Data Protection Act 1988 (as amended). The EU General Data Protection Regulation (GDPR) takes effect on 25 May 2018 as the legal instrument for regulating the collection, use and disclosure of personal data.