Machine translations by Deepl

Last chance for Senate to preserve medical privacy

"It's too late for privacy-by-design with this EHR"

If the Senate approves Minister Schippers' new healthcare communications bill tomorrow, she will still give free rein to the Electronic Patient Record that the Senate unanimously rejected in 2011, with all its privacy violations. If, as it states in a motion of its own, the Senate really wants to commit to privacy-by-design, it should reject the EHR and this bill that facilitates it, the campaign says

In 2011, the Senate unanimously rejected the Electronic Patient Record (EPD) because of the enormous privacy and security risks associated with the EPD. Despite this, the SPD system (the Landelijk Schakelpunt, LSP) has gone ahead privately in recent years and is in full use by an increasing number of healthcare providers, partly due to pressure from health insurers - who are also funding the go-ahead.

However, the privacy and security risks of the original SPD are still undiminished in the current LSP. After all, when ICT systems are built, privacy and security safeguards should be included in the design from day one. With the LSP, this never happened, and by now it is too late for this. For this reason alone, the use of the LSP should be stopped immediately and replaced by a privacy-friendly alternative.

The LSP enables large-scale exchange of medical data without any control by the doctor and patient over who can access this data for what purpose. Next Tuesday, the Senate will vote on a bill (33509) that should have improved such control, but in reality this law mainly facilitates the use of the LSP by the entire Dutch healthcare sector.

The bill elevates generic consent - that is, broad and untargeted sharing of medical data - to the standard over the next three years. This removes the current legally required specific exchange of medical data replaced. This essentially abolishes medical confidentiality and the right to medical privacy. After all, both the patient himself and the file-keeping doctor will no longer have any insight into who is accessing the medical file for what reason. The ultimate goal of the law is "self-direction" by the patient, but it is still very unclear how this is to take shape; it is expected that many patients will soon simply tick off consent once for all exchanges.

The bill thus appears to be written primarily to facilitate large-scale, centralised infrastructures, including a new centralised online "patient portal" to be linked to the LSP and ways for citizens to be able to upload their entire medical records at once - without doctor intervention - to the cloud. This will make it impossible to guarantee medical privacy. For this reason, the national campaign (supported by Privacy First and the Civil Rights Protection Platform) have been campaigning against this bill for years. Despite this, the bill threatens to be passed by the Senate tomorrow.

Only D66 and some small parties (including the Christian Union) still seem to be able to make a difference in the direction the Netherlands will take in the coming years. D66 has already launched a motion submitted for privacy-by-design. However, spokesman Vincent Böhre says: "With the current bill, 'privacy by design' is a wash: the central LSP, as well as a central consent portal and privacy-by-design are a contradiction in terms. Therefore, we once again urge the House to reject the bill."

Individual citizens who also fear for their medical privacy in a world where medical data exchange will soon only be large-scale and centralised or in the cloud can take place, D66 and other parties can write to now via

Update 4 October 2016: today, the Senate unfortunately passed the bill adopted. Green Left, SP, Party for the Animals (PvdD) and PVV voted emphatically against. Only bright spot during the vote was a unanimously adopted motion by D66 In which the Senate expressed its preference for decentralised forms of privacy by design. In that context, PvdD also submitted a motion aimed at decentralised rather than centralised access to medical records; the vote on this motion is likely to take place next week. Further comments on e.g. will follow on the weblog From  

Update 18 October 2016: the vote on the PvdD motion (amended Teunissen motion) was arrested on 11 October last year and is now standing agendized On Tuesday 25 October next.  

Update 25 October 2016: Today, the Senate (by a majority) passed the Teunissen motion. Click HERE for the text of the motion.