CJEU - C-667/21 - Krankenversicherung Nordrhein
| CJEU - C-667/21 Krankenversicherung Nordrhein | |
|---|---|
 | |
| Court: | CJEU |
| Jurisdiction: | European Union |
| Relevant Law: | Article 6(1) GDPR Article 9(1) GDPR Article 9(2)(h) GDPR Article 9(3) GDPR Article 82(1) GDPR |
| Decided: | 08.11.2021 |
| Parties: | Medizinischer Dienst der Krankenversicherung Nordrhein |
| Case Number/Name: | C-667/21 Krankenversicherung Nordrhein |
| European Case Law Identifier: | |
| Reference from: | BAG (Germany) |
| Language: | 24 EU Languages |
| Original Source: | Judgement |
| Initial Contributor: | n/a |
See below for questions referred.
English Summary[edit | edit source]
Facts[edit | edit source]
Facts pending complete decision.
Holding[edit | edit source]
The Federal Labour Court of Germany referred the following questions to the CJEU for preliminary ruling:
1. Is Article 9(2)(h) GDPR to be interpreted as prohibiting a medical service of a health insurance fund from processing its employee’s data concerning health which are a prerequisite for the assessment of that employee’s working capacity?
2. If the Court answers Question 1 in the negative, with the consequence that an exception to the prohibition on the processing of data concerning health laid down in Article 9(1) GDPR is possible under Article 9(2)(h) GDPR: in a case such as the present one, are there further data protection requirements, beyond the conditions set out in Article 9(3) GDPR, that must be complied with, and, if so, which ones?
3. If the Court answers Question 1 in the negative, with the consequence that an exception to the prohibition on the processing of data concerning health laid down in Article 9(1) GDPR is possible under Article 9(2)(h) GDPR: does the permissibility or lawfulness of the processing of data concerning health depend on the fulfilment of at least one of the conditions set out in Article 6(1) GDPR?
4. Does Article 82(1) GDPR have a specific or general preventive character, and must that be taken into account in the assessment of the amount of non-material damage to be compensated at the expense of the controller or processor on the basis of Article 82(1) GDPR?
5. Is the degree of fault on the part of the controller or processor a decisive factor in the assessment of the amount of non-material damage to be compensated on the basis of Article 82(1) GDPR? In particular, can non-existent or minor fault on the part of the controller or processor be taken into account in their favour?
Comment[edit | edit source]
Share your comments here!
Further Resources[edit | edit source]
Share blogs or news articles here!
