rotterdam - Stichting Benchmark GGZ (SBG) may continue to use anonymous patient evaluations to compare the quality of care institutions. That has determined the Utrecht court on Wednesday. The ruling provides an important framework for the strict Privacy Protection Act.
Two concern domains spun a case against SBG after the Personal Data Authority ruled that SBG data does not anonymize. The long evaluation lists, Routine Outcome Monitoring (ROM), contain very personal questions. The care domains believe that they are intended to optimize treatment and not to compare healthcare providers.
However, according to the court, it is not plausible that the processing of the ROMs by the SBG falls under the Personal Data Protection Act (WBP) or the General Data Protection Act (AVG). Among other things, the WBP ensures that companies can get high fines if they do not deal with personal data carefully.
After criticism of opposition parties, Minister Schippers (Public Health) in March announced that she is open to an alternative, but the ROM methodology has indeed been widely introduced to centralize benchmarks and improve their delivery.
In addition, she emphasizes that the SBG does not act on behalf of health insurers, but is a Trusted Third Party in which healthcare providers provide more board members (four) than insurers (three). The insurers themselves do not have access to the ROMs.
The ruling ensures that the term 'personal data' is not further extended. Not only in care will have led this to relief. For example, the media industry wants to show personalized ads on the web without the advertiser knowing who exactly achieved.
However, information about the visitor must be collected. Should SBG or advertisers be able to find out who the collected data is, then explicit permission from the person is required beforehand.