In December 2017, the Dutch Supreme Court ruled that the electronic exchange of patient data via the so-called healthcare infrastructure is lawful. The infrastructure is a platform for the electronic exchange of patient data. The platform allows the observer of a general practitioner (GP), that is, a GP who temporarily replaces another GP, to access certain data that the GP has recorded about a patient. Other healthcare providers may access information about intolerances, contraindications and allergies in the GP’s file on the patient. The use of the platform is only possible if the patient grants prior consent, and the patient can restrict his or her consent to certain data.

The Supreme Court dismissed the arguments of the Association of General Practitioners (joined by a few individual GPs and a patient) that the healthcare infrastructure is unlawful as it conflicts with patients’ right to privacy, the Dutch Personal Data Protection Act and medical confidentiality. The court deemed that the design of the healthcare infrastructure is lawful, because it is based on the free and sufficiently specific consent of patients involved. Moreover, patients are provided with: (i) sufficient information about which data will be accessible by a certain healthcare provider in a given situation; and (ii) the ability to restrict access to certain data. The Supreme Court also stated that it may be expected that the administrator of the system, the Association of Healthcare Providers for Care Communication, adjust the system to offer patients more possibilities to “customise” consent on the kind of data that can be shared through the healthcare infrastructure and with which healthcare providers, as soon as this is technically possible and feasible.

A prior version of this post was originally published by the same author in Practical Law – Life Sciences, December 2017 issue (Thomson Reuters).