Rb. Midden-Nederland - AWB - 19 608: Difference between revisions

From GDPRhub
(Created page with "{| class="wikitable" style="width: 25%; margin-left: 10px; float:right;" ! colspan="2" |Rb. Midden-Nederland - AWB - 19 _ 608 |- | colspan="2" style="padding: 20px; background...")
 
No edit summary
Line 18: Line 18:


|-
|-
|Decided:||25. 10. 2019
|Decided:||10. 01. 2020
[[Category:2019]]
[[Category:2019]]
|-
|-
|Published:||1. 11. 2019
|Published:||29. 01. 2020
|-
|-
|Parties:||[https://www.om.nl/organisatie/ Public Prosecutor's Office of the Netherlands]
|Parties:||[https://www.om.nl/organisatie/ Public Prosecutor's Office of the Netherlands]
Line 27: Line 27:
[https://www.sin-nl.org/ Foundation of Victims of Iatrogenic Negligence of the Netherlands]
[https://www.sin-nl.org/ Foundation of Victims of Iatrogenic Negligence of the Netherlands]
|-
|-
|National Case Number:||C/16/481957/KG ZA 19-357
|National Case Number:||UTR 19/608
|-
|-
|European Case Law Identifier:||<small>ECLI:NL:RBMNE:2020:73</small>
|European Case Law Identifier:||<small>ECLI:NL:RBMNE:2020:73</small>
Line 36: Line 36:
[[Category:Dutch]]
[[Category:Dutch]]
|-
|-
|Original Source:||[https://uitspraken.rechtspraak.nl/inziendocument?id=ECLI:NL:RBMNE:2019:4954&showbutton=true&keyword=AVG de Rechtspraak (in NL)]
|Original Source:||[https://uitspraken.rechtspraak.nl/inziendocument?id=ECLI:NL:RBMNE:2020:73&showbutton=true&keyword=AVG de Rechtspraak (in NL)]
|}
|}


The Court of First Instance of the Central Netherlands ruled on the portrait rights and the GDPR.  
The Court of First Instance of the Central Netherlands ruled on the matter regarding processing of special categories of personal data under the GDPR.  


==English Summary==
==English Summary==
Line 66: Line 66:
The decision below is a machine translation of the original. Please refer to the Dutch original for more details.
The decision below is a machine translation of the original. Please refer to the Dutch original for more details.


<pre>DECISION
<pre>
Ruling
CENTRAL COURT


COURT OF THE MIDDLE THE NETHERLANDS
Sitting place Utrecht


Civil Justice
Administrative law
trading room
location Utrecht
Case number / role number: C/16/481957 / KG ZA 19-357
Judgment in interlocutory proceedings of 25 October 2019
in the case of
1. the legal person governed by public law
THE STATEMENT OF THE NETHERLANDS (Public Prosecutor's Office),
based in The Hague,
2. [plaintiff sub 2],
residing at [domicile] ,
plaintiffs,
lawyer J.S. Bierens in The Hague,
at the rate of
1 [defendant sub 1] ,
residing at [domicile] ,
2. the foundation
FOUNDATION VICTIMS IATROGENIC NEGLIGENCE-THE NETHERLANDS,
established in Utrecht,
defendants,
attorney Mr. R.L. de Graaff in Amsterdam.
Plaintiffs are hereinafter referred to separately as the Public Prosecution Service and [plaintiff sub 2] and jointly as the Public Prosecution Service. Defendants are hereinafter referred to separately [defendant sub 1] and SIN-NL and jointly [defendants c.s.].


1 The procedure
Case number: UTR 19/608
1.1.
judgment of the multiple chamber of 10 January 2020 in the case between
The course of the procedure is clear:
[plaintiff] , at [place of business] , plaintiff


-the writ of summons of 11 June 2019 with production 1 to 15 inclusive
(Agent: J.M.T. Wijnberg),


-production received from the Public Prosecutor's Office on 17 July 2019 16
and
the Authority Personal data, defendant


-the oral hearing of 18 July 2019, at which the substantive proceedings were adjourned on health grounds of [defendant sub 1]
(Agent: Mr E.S. van der Deijl and Mr O.S. Nijveld).


-productions 1 to 6, received from [defendants and related parties] on 18 September
The Vereniging Zorgaanbieders voor Zorgcommunicatie (VZVZ) (Association of Healthcare Communication Providers), The Hague, acting as third party, authorised: [authorised 1] and [authorised 2] .
Proceedings


-productions received from [defendants et al.] on 18 September from 7 to 14 inclusive
By order of 6 May 2018 (the primary order), the defendant rejected the claimant's request to take enforcement action against VZVZ as manager of the Landelijk Schakelpunt (LSP).


-the oral procedure of 11 October 2019
By decision of 24 December 2018 (the contested decision), the defendant dismissed the claimant's objection as unfounded.


-the pleading note from the DA's office c.s.
The plaintiff lodged an appeal against the contested decision.


-Mr. de Graaff's pleading note
The defendant submitted a statement of defence.


-the pleading note of [defendant sub 1]
The hearing took place on 15 October 2019. The plaintiff is represented by her agent and Mr [A] . The defendant and VZVZ were represented by their agents.
Recitals


1.2.
It was then decided that there would be a verdict.


2 What is the case about?
Introduction
2.1.
SIN-NL is a foundation that works to improve the position of victims of medical errors or their survivors and the patient safety and quality of healthcare. Defendant sub 1] is chairman of SIN-NL.


2.2.
    The articles to which the court refers in this judgment are set out in an annex that accompanies this judgment.
SIN-NL publishes on the internet a "black list of doctors" and a "black list of judges". These blacklists contain names of doctors, judges and other persons and organisations within the healthcare sector and the government that according to SIN-NL act in a disciplinary, criminal or otherwise culpable manner. The blacklist of doctors can be reached via www.zwartelijstartsen.com, www.zwartelijstartsen.nl and www.sin-nl.org. The blacklist of judges can be found at www.zwartelijstrechters.org. These domain names are registered in the name of SIN-NL.


2.3.
    The LSP is a network to which certain categories of healthcare providers can connect. A patient's Burgerservicenummer (BSN) is registered in the LSP. Through this network healthcare providers can consult medical data about their patients in each other's systems. The LSP is not a database: no medical data is stored in it. These data remain in the files of, for example, the (own) GP and pharmacy. Consultation of medical data in the files of another healthcare provider is only permitted if the patient has given explicit permission for this. The BSN is provided by the care provider to whom a person has granted permission for registration with the LSP.
Mrs. [A] (hereafter: [A] ) acted as a public prosecutor in a criminal case in which [defendant sub 1] was prosecuted for libel, slander and/or insult of a neurologist. In that criminal case [defendant sub 1] requested postponement of the hearing several times. The third time she did this by means of two doctor's certificates. The statements were from two different doctors, but had the same content. That is why [A] has contacted (at least) one of these doctors. That doctor informed her that according to him [defendant sub 1] would be able to attend a hearing, if that hearing would be in the afternoon and would not last too long. A] reported this to the court. The court then decided to allow the case to go ahead without [defendant sub 1] and without her lawyer, who had not come either. defendant sub 1] has been convicted.
    The claimant's request for enforcement


2.4.
    By letter dated 27 July 2017, the plaintiff requested the defendant to take enforcement action against VZVZ as administrator of the LSP. Her request consists of three parts.
On the blacklist of doctors is an article about [A] . This article also mentions the name of her husband ( [plaintiff sub 2] ), his employer and position. On the blacklist of judges, the name of [A] is mentioned in four reports about four judges of the Arnhem Court of Appeal.
    a. The defendant must take action against the way in which VZVZ allows people to be registered in the LSP without having given the required explicit consent;
    b. the defendant must review the view of its legal predecessor, the Dutch Data Protection Authority (Cbp), from 2014, that VZVZ has put in place sufficient technical and organisational safeguards to ensure that only personal data of patients who have given their consent for this purpose are processed;
    c. the respondent must confirm that VZVZ may not ask for a BSN in combination with a copy of a valid identity document in response to written requests to the effect that someone has been registered with the LSP.


2.5.
    The plaintiff submitted four cases of patients who had been registered with the LSP without their permission. According to the plaintiff, she has thus demonstrated that patients are registered with the LSP without their explicit consent and that the system as such is therefore flawed. According to the plaintiff, the defendant must take enforcement action against VZVZ in order to rectify this.
The text of the article about [A] on the black list of doctors is given below. The article is accompanied by a picture of her.
    Discussion of the claimant's appeal
"A] of the Justice Prosecutor's Office [region] . Involved in the treatment of medical cases, including those concerning failing doctors.
Ignores facts and documents relating to the serious failure of neurologist K., possibly on behalf of others.
Has provoked, obtained and used unlawful evidence in proceedings. Enforced unlawful censorship of the victim of medical malpractice through the courts, in violation of freedom of expression Article 7 of the Constitution and Article 10 of the ECHR. Judgment is therefore null and void.
A] has "forgotten" that Public Prosecutors - the Public Prosecution Service - are expected to focus on finding out the truth, to look after the interests of the Dutch citizens and to act on their behalf. The salary of [A] is nb paid by Dutch citizens.
A] clearly chooses to protect a failing doctor and to ignore the interests of Dutch citizens.
Her husband [plaintiff sub 2] works in the production department [name]."


2.6.
    In addition to this enforcement request, the plaintiff also submitted an enforcement request to the defendant aimed at addressing pharmacists about the unlawful registration of patients with the LSP.1 The defendant has interpreted the present enforcement request as exclusively aimed at enforcement towards VZVZ as manager of the LSP and as co-responsible for the processing of personal data. It therefore does not focus on the healthcare providers. The District Court also maintains this classification.
The sentence from the four articles about four judges of the Arnhem Court of Appeal in which [A] is mentioned, is given below.
"Protects failing doctors and failing Public Prosecutor Mr. [A] ."


2.7.
6. The processing of personal data in the LSP without the express consent of patients is contrary to Article 9, second paragraph, opening words and under a, of the AVG and Article 22, second paragraph, opening words and under a, of the AVG Implementation Act. If it appears that VZVZ violates these articles, the defendant is entitled to take enforcement action pursuant to Section 58(2)(d) of the AVG. In view of the public interest served by enforcement, the defendant will generally also have to make use of his enforcement power in such a case (the obligation in principle to enforce).
Because [A] has been placed on the websites because of her work as a public prosecutor, the Public Prosecution Service is the plaintiff (and not herself) together with [plaintiff sub 2]. The Public Prosecution Service and others are of the opinion that the aforementioned article on the blacklist of doctors and the statements on the blacklist of judges are unlawful and in conflict with the AVG (General Data Protection Ordinance) and that the placement of the photograph infringes the portrait right of [A] . By means of these preliminary relief proceedings, the Public Prosecution Service wants to ensure that the article and the statements are removed. Defendants et al. disagree with this.


3 What does the judge in preliminary relief proceedings pay attention to during the assessment?
7. The central question is therefore whether VZVZ has acted contrary to the AVG.
3.1.
The defendant has investigated the four cases brought forward by the claimant in which healthcare providers reported patients to the LSP without the required permission. He has come to the conclusion that three of the four cases brought forward did indeed involve registration without the patient's consent. This is an offence. Nevertheless, the defendant sees no reason to take enforcement action. In the meantime, these wrongful registrations have been reversed at the request of these patients. Furthermore, VZVZ, as administrator of the system, has set up procedures and made information material available in order to ensure that healthcare providers receive correct permission from their patients and, in accordance with this permission, register the BSN with the LSP. According to the defendant, VZVZ supervises this adequately. In a report from 2014, the Cbp has already established that VZVZ has put in place sufficient technical and organisational safeguards to ensure that only personal data of persons who have granted permission for this purpose are processed. The defendant still believes this to be the case and therefore maintains this conclusion. The circumstance that in a number of isolated individual cases the care provider has registered persons with the LSP without legally valid permission, does not mean that the LSP as a system leads to unlawful processing of personal data on a large scale, as the claimant assumes.
If the claims of the Public Prosecution Service are granted, this is a restriction of the freedom of expression of [defendants] (Article 10 paragraph 1 of the ECHR). According to the second paragraph of that article, this right can only be restricted if this restriction is regulated by law and is necessary in a democratic society. Such a restriction exists if the statements are unlawful (Section 6:162 of the Civil Code).


3.2.
8. The District Court is of the opinion that the defendant has investigated the four cases submitted by the plaintiff with sufficient care and that the conclusion he draws is not incorrect either. VZVZ, after having received a report from the four patients, reversed the established violations. There are no indications that new violations will occur that the defendant should prevent by applying enforcement instruments. The VZVZ uses the information it provides to healthcare providers by means of training courses and the procedures it draws up, and the supervision it then carries out, to ensure that wrongful registrations in the LSP are prevented as far as possible. VZVZ has explained in this procedure (and the enforcement procedure against pharmacists2) that it cannot monitor at a micro level, but that it intensively monitors the working methods of the care providers by concluding contracts with the care providers, carrying out regular spot checks and inquiring into the procedures used by the care providers to register. The care provider's own system must state how consent was obtained and what information the patient received. Has a leaflet been provided and if so, which leaflet? In principle, the healthcare provider is responsible for the correct registration of the patient, but VZVZ keeps sufficient supervision to prevent wrongful registrations and subsequent unlawful processing of personal data. The few errors that will nevertheless occur do not make the system as such unlawful and, in view of the efforts already made by VZVZ, the defendant does not need to use enforcement instruments.
When answering the question of whether a statement is unlawful, two important social interests must be weighed up. On the one hand the interest that individual citizens (such as [plaintiff sub 2] and [A] ) are not exposed to lightly imputed allegations through publications. On the other hand, the importance that abuses that affect society cannot - due to a lack of awareness among the general public - continue to exist. Which of these interests is more important in this case depends on all the relevant circumstances. The circumstances that have to be weighed up against each other include, for example, the following:


-on the one hand, the nature of the published suspicions and the seriousness of the expected consequences for the Public Prosecution Service and, on the other hand, the seriousness of the wrongdoing that the publication wishes to denounce;
9. This does not mean that errors will not occur in the future. The healthcare providers are responsible for the correct registration, but because consent can also be given verbally at the bar or in the consultation room, the system is not watertight. The claimant's efforts in this procedure are aimed at achieving a (virtually) watertight system. This would in fact amount to a system in which a form of written consent is required and the law does not compel this. Important in this respect is that the LSP is governed by Article 15a, first paragraph, of the Wet aanvullende bepalingen verwerking persoonsgegevens in de zorg (Wabvpz) which - in short - stipulates that the care provider can only make the client's data available via the LSP, insofar as it has been established that the client has given explicit permission for this. This consent does not have to be written, but may also be given verbally, as is evident from the considerations of the AVG under 32: 'Consent must be given by means of a clear active act, for example a written statement, also by electronic means, or a verbal statement, which shows that the person concerned freely, specifically, informed and unambiguously consents to the processing of his/her personal data. […]”. The healthcare providers and VZVZ must be able to demonstrate that the consent has actually been granted. This is evident from 42 of the recitals of the AVG: 'if the processing takes place on the basis of the data subject's consent, the data controller must be able to demonstrate that the data subject has given permission for the processing'. VZVZ's working method, as described in recital 8, ensures that the patient is sufficiently aware of what he or she is consenting to and ensures that the notification is in accordance with the GC. VZVZ is not legally obliged to do more than it currently does. There are therefore no grounds for the defendant to take enforcement action. The argument does not succeed.


-the extent to which, at the time of publication, the suspicions were supported by the evidence available at that time;
10. The plaintiff also takes the position that whether or not patients are included in the LSP is not sufficiently verifiable. Anyone who does not wish to be registered with the LSP should in fact regularly check via www.volgjezorg.nl whether he or she has not been wrongly registered after all. If you do not wish to make use of this digital option, you must contact VZVZ with a request for a check accompanied by BSN and a copy of a valid identity document. The plaintiff does not want this because sensitive personal data are provided to VZVZ in this way without proper safeguards and believes that the system should give a notification to a patient when he or she is registered. She also objects to the fact that an unjustified notification is not described as such in the LSP, but that it is stated that the patient would have withdrawn the notification. This is factually incorrect according to the plaintiff and should be changed. Finally, the logging data of these persons is incorrectly retained and is not deleted.


-the clothing of the suspicions;
11. The court interprets these arguments of the plaintiff, which are mainly about the way in which patients can check and cancel registration in the LSP, as further substantiation of its view that the LSP as a system is flawed and leads to unlawful processing of personal data against which the defendant must take enforcement action.
11.1 The Court does not follow plaintiff in this position. As VZVZ has explained, only the BSN of a patient is included in the LSP with a view to data minimization and therefore a notification to the patient cannot take place, because more data, such as an e-mail address, is required for this purpose. It is therefore not possible to check retrospectively whether consent has been given without further information from the patient. For this reason, VZVZ has drawn up a working method in which it has made contractual agreements with the healthcare providers, provides information in advance about the importance of the consent, and also randomly checks whether the healthcare providers comply with the agreements made in this regard. As the court ruled in recital 9, this working method is sufficient. In this respect, the court considers it important that the patient is provided with possibilities to check whether and by whom he or she has been registered in the LSP. There is no reason to assume that the way in which this can be done is disproportionately burdensome or incriminating.
11.2 The Respondent has rightly explained that there is a legal basis for the use of the BSN by VZVZ, which can be found in Article 8, second paragraph of the Additional Provisions for the Processing of Personal Data in Health Care. He also refers to Article 4 of this Act and Article 46, first paragraph, of the UAVG. The VZVZ has a basis for examining whether someone is included in the LSP on the basis of the BSN. Moreover, as VZVZ has explained, the check cannot take place in any other way, because there are no other data in the LSP. Furthermore, the court does not consider it unreasonable for VZVZ to ask for a copy of the identity document and it follows the defendant in its conclusion that there is no violation of the GCG on this point either. On the contrary, VZVZ is asking for proof of identity in order to prevent people from being able to request data from third parties just like that.
11.3 Nor does the District Court consider that the fact that it is not stated in the LSP that it is an wrongful registration, but that it is a withdrawal of consent, is a reason to assume a violation of the AVG. There is no legal obligation to state somewhere that consent has never been given. Article 17 of the AVG contains an obligation to delete data. This has been further explained in the considerations of the AVG under 65 and it does not follow from this that when deleting data it must be stated that the notification was unlawful from the outset.
11.4 Finally, the defendant has explained that VZVZ can always retrieve the logging data, so that even after withdrawal of consent, it can be ascertained which data has been made available and which data has been viewed by the BSN. In this way, insight can be provided into the exchange of medical personal data as it has taken place previously. In the statement of defence the defendant explained that pursuant to Articles 3 and 5 of the Electronic Data Processing Decree (Besluit elektronische gegevenswerking door zorgaanbieders) a statutory retention period applies for these logging data in accordance with various NEN standards mentioned in those articles. The possibility to delete data therefore only extends to the deletion of the BSN in the LSP and the reversal of consent. The immediate deletion of logging data is not legally possible.
The plaintiff's arguments do not serve any purpose.


-the degree of probability that, in the general interest, the objective pursued could have been achieved by other means - less damaging to the Public Prosecution Service and others - with a reasonable chance of rapid success;
12. The plaintiff referred to the judgment of the Supreme Court (HR) of 1 December 20173 , to which the defendant also referred. According to her, in that judgment the HR ruled that the arrangement of the LSP is acceptable as a system, but only because it is based on the freely given, sufficiently specific consent of the patients concerned. According to the plaintiff, the defendant cannot refer to this judgment to substantiate the view that the LSP is sound, because VZVZ - contrary to what the HR assumed in the judgment - cannot guarantee that notification always takes place on the basis of explicit consent. During the hearing, the plaintiff referred to a letter dated 4 October 2019 from the Minister for Medical Care and Sport to the Senate4 in which it was explained that the entry into force of Section 15(2) of the Wabvpz, which regulates a specified consent for data exchange in healthcare, is not feasible as of 1 July 2020. The plaintiff points out that the HR has also considered in its judgment that such a specified consent is more in line with - in short - the privacy rules and as soon as it is feasible the LSP must provide for it. Because this specified consent will not be forthcoming, the system does not meet the requirements to be set for it, according to the plaintiff.


-the likelihood that the information would have been publicised even without the alleged publication.  
13. The District Court interprets this argument as part of its argument that the LSP as a system is unlawful. It does not follow the claimant in this respect. As was considered earlier in this judgment, but also follows from the judgment of this court in the proceedings with case number UTR 19/607, there is no reason to follow plaintiff in her view that healthcare providers are reporting patients in the LSP on a large scale without the required permission. The LSP is acceptable as a system. The plaintiff's reference to her interpretation of the HR ruling and the letter of 4 October 2019 on whether or not future amendments to the legislation and regulations are feasible is not considered relevant by the court in this respect. This argument does not serve any purpose either.


3.3.
13. The plaintiff argues that the contested decision affects the legal position of all healthcare providers, because their administration may fall into the hands of third parties through no fault of their own. This affects their professional secrecy and their legal liability, the plaintiff claims.
When it comes to [A], the Court in preliminary relief proceedings also takes into account the following principles from earlier judgments:
Apart from the question whether the plaintiff represents the interests of the healthcare providers in this enforcement procedure, the District Court considered that in this argument the plaintiff wrongly assumes that the LSP as a system is inadmissible and that data are therefore processed unlawfully. As previously considered, this is not the case.
This argument is unsuccessful.


-magistrates (such as public prosecutors and judges) must be protected against unsubstantiated statements, because they themselves cannot easily enter the public domain and otherwise the public's trust in the judiciary will be unnecessarily undermined;
13. Finally, as a separate part of her enforcement request, the plaintiff requested the defendant to return to the aforementioned conclusion in the report from 2014. The defendant rightly concluded that this cannot be an independent part of the enforcement request. When discussing the other parts of the enforcement request, the defendant took this conclusion into account and concluded that it would not return to it. The defendant maintains the position that VZVZ has put in place sufficient technical and organisational safeguards to ensure that only personal data of patients who have given permission to do so are processed. He is allowed to do so. The defendant has discussed this correctly. This argument is unsuccessful.
Conclusion


-In making public statements of criticism, a distinction must be made between the public persons and organisations against whom the criticism is actually directed and the non-public persons who only actually implement the policies of these organisations or administrators;
13. The appeal is unfounded. There are no grounds for an order as to costs.
Decision


-When considering what may and may not be said, it makes a difference whether it is a factual message or a value judgement. If something is presented as a fact, it must be possible to prove it. If something is presented as a personal opinion, that requirement is somewhat less strict,
The court declares the appeal unfounded.


3.4.
This ruling was made by V.E. van der Does, chairman, and P.J.M. Mol and M.E.J. Sprakel, members, in the presence of M.E.C. Bakker, registrar. The decision was publicly pronounced on 10 January 2020.
When it comes to [plaintiff sub 2], the judge in preliminary relief proceedings also takes into account the following starting point from earlier judgments:


- If a publication is about an ordinary citizen, there must be a clear reason to report about that person.
registrar chairman


4 The assessment
Copy sent to parties on:
The DA's office is right.
Legal remedy


4.1.
An appeal may be lodged with the Administrative Jurisdiction Division of the Council of State against this decision within six weeks of the date on which it was sent.
The judge in preliminary relief proceedings is of the opinion that the statements made by [defendants et al.] are unlawful and therefore agrees with the Public Prosecution Service et al. The reasons for this are explained below.
The statements are unlawful


4.2.
ANNEX
The article on the blacklist of doctors contains four accusations against [A] , which she considers to be unlawful. A]:


-illegitimate evidence in the proceedings;
General Data Protection Regulation


-The Court has enforced unlawful censorship and has thus acted in violation of Article 7 of the Constitution and Article 10 of the European Convention on Human Rights;
Article 9


-have been "forgotten" that public prosecutors are expected to focus on finding out the truth;
Processing of special categories of personal data


-have ignored facts and documents about the serious failure of a neurologist, possibly by order of others.
Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and processing of genetic data, biometric data for the unique identification of a person, or data concerning health, or data relating to a person's sexual behaviour or sexual orientation are prohibited.


4.3.
(a) the data subject has given his or her explicit consent to the processing of those personal data for one or more specified purposes, except where Union or Member State law provides that the prohibition referred to in paragraph 1 cannot be lifted by the data subject;
Of these statements, it will be established one by one that they are factually incorrect.
Statement 1


4.4.
[].
According to [defendants et al.] this statement concerns the question that [A] asked (in any case) one doctor of [defendant sub 1], namely whether [defendant sub 1] could attend the criminal proceedings. The doctor who gave an answer to that question, an incorrect answer according to [defendant et al.] by the way, did not have permission from [defendant sub 1] to do so. According to [defendant et al.] this doctor has therefore violated his professional secrecy. This is a crime (Article 272 of the Criminal Code, Criminal Code). Because [A] asked the doctor for medical information, she provoked this crime (article 47 of the Criminal Code), thinks [defendants et al.] The information was then communicated to the court.


4.5.
Article 17
The Court in preliminary relief proceedings sees this differently. While doing her job as a public prosecutor [A] asked a doctor a question. This was necessary to determine what she thought of [defendant sub 1]'s request for postponement. It is up to the doctor to whom she asked the question to determine whether he gives an answer. Asking the question is not an offence. Therefore, statement 1 is factually incorrect.
Right to erasure of data ('right to oblivion')
Statement 2


4.6.
1. The data subject shall have the right to obtain from the data controller the erasure of personal data relating to him without unreasonable delay and the data controller shall be obliged to erase personal data without unreasonable delay where one of the following applies:
By this statement [defendants et al.] means that the criminal case against [defendant sub 1] has been treated without her being present, because [A] has passed on the information of the doctor to the court. Therefore [defendant sub 1] has not been able to defend herself in the criminal case. That is why she believes that she has been censored in violation of the sections of the law mentioned by her.


4.7.
[]
The Court in preliminary relief proceedings ruled that it is not plausible that [A] actually or legally caused [defendant sub 1] to be absent during the handling of her criminal case. defendant sub 1] the court reported that she was medically unable to attend the hearing. A] has put other information against this. Finally, the court decided that the hearing would take place without [defendant sub 1]. Therefore, statement 2 is also factually incorrect.
(b) the data subject withdraws the consent on which the processing is based pursuant to Article 6(1)(a) or Article 9(2)(a) and there is no other legal basis for the processing;
Statement 3
[]
(d) personal data have been unlawfully processed;
[…]


4.8.
Implementing Act General Data Protection Regulation
The accusation that [A] would have "forgotten" that public prosecutors are supposed to focus on finding the truth, is also related to the fact that [defendant sub 1] could not attend her own criminal case because of the medical information that [A] has given to the court, so says [defendants c.s.].


4.9.
Article 22. Prohibition of processing of special categories of personal data and general Regulation exceptions
As far as the remark is about [defendant sub 1] not attending the hearing, it has already been ruled above that the remark is factually incorrect. Insofar as the statement concerns other things, [defendant et al.] has made this accusation insufficiently concrete to be able to conclude that this is a factually correct statement.
Statement 4


4.10.
1. According to Article 9(1) of the Regulation, the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership and the processing of genetic data, biometric data for the unique identification of a person, or data concerning health, or data concerning a person's sexual behaviour or orientation shall be prohibited.
The accusation that [A] has ignored facts and documents about a neurologist's failure is about the following. In the criminal case in which she was prosecuted for libel, slander and/or insult of that neurologist, [defendant sub 1] has often referred to documents which, according to her, show that the neurologist has made serious mistakes. A] has not given the same meaning to these documents. That is why [defendants c.s.] think that [A] has ignored those documents.


4.11.
2 In accordance with Article 9(2)(a), (c), (d), (e) and (f) of the Regulation, the prohibition to process special categories of personal data shall not apply if:
To give a different meaning to documents is not the same as ignoring them. That is why the Court in preliminary relief proceedings ruled that the fourth statement was also factually incorrect.
Statements on the blacklist of judges


4.12.
a. the data subject has given explicit consent to the processing of those personal data for one or more specified purposes;
In these statements, [A] is referred to as a failing public prosecutor. In view of what is stated above, this is factually incorrect.
Balance of interests


4.13.
[]
In this regard, it was ruled that all allegations about [A] were factually incorrect. It has not become plausible that the criticism of [A] in the performance of her duties is justified. It must be possible to denounce abuses - such as mistakes by doctors, judges or public prosecutors - but not by publishing factual inaccuracies. Moreover, it does not follow from the facts that there is an abuse to be reported. Insofar as it concerns a value judgment and not factual statements, the statements are still not lawful in view of the factual inaccuracies therein.
In short, [defendants et al.] from serious accusations, which are presented as factually true, but which are not correct. There is no evidence of an abuse that must be denounced. Also [defendants et al.] address the person, [A] , instead of her employer, the Public Prosecution Service, and [A] is less able to defend herself as a public prosecutor. The balance of interests is therefore in favour of the Public Prosecution Service: the statements about [A] are unlawful.


4.14.
Article 46. Processing national identification number
The statements about [plaintiff sub 2] are also unlawful. In the article on the blacklist [defendants et al.] refer to him as a doctor, because he works for the public broadcasting corporation. That in itself is correct, but there is no clear reason to report specifically about him and there must be one. That he is married to [A] is not enough. Certainly not, now that wrongly serious accusations have been made about her and he has been associated with it.


4.15.
1. A number prescribed by law for the identification of a person shall only be used in the processing of personal data for the implementation of the relevant law or for purposes laid down by law.
She mentions a judgment of the District Court of Groningen of 25 September 2009 and a judgment of the District Court of Central Netherlands of 24 October 2018 from which, according to her, it appears that the Dutch court has given permission for the blacklist of doctors. Defendants et al.] also mentions a judgment of the Court of Appeal of The Hague of 26 July 2019, which, according to her, shows the lawfulness and the social importance of the blacklists. Insofar as this is true, it is true that this does not mean that every expression to be published on that website is lawful in advance. These statements therefore do not lead to a different opinion than that given above.
The photo in the publication infringes the portrait right of [A].


4.16.
[…]
Defendant et al.] says that she simply removed the photo she used in the article on the blacklist of doctors from a website. So the photo was already available in the public domain, she says.


4.17.
The Public Prosecutor's Office has said that the photo was taken on commission. In that case the photographer, who has the copyright to the photograph as the creator of the photograph, may not publish the photograph without the consent of the person portrayed (Article 20 of the Copyright Act). If a third party more or less accidentally acquires possession of this photograph, it may only publish it with the consent of the person portrayed. The third party does not have more rights than the creator of the photo himself. Defendants etc.] did not have permission from [A] to place the photograph on the websites and therefore infringed her portrait right.
The publications are in conflict with the AVG


4.18.
Wet aanvullende bepalingen verwerking persoonsgegevens in de zorg (Act on additional provisions for the processing of personal data in the healthcare sector)
The Public Prosecution Service (OM et al.) has stated that and explained why the publication of the blacklists is contrary to Articles 33, 35 and 36 of the AVG. This has not been contradicted by [defendants et al.] and the Court in preliminary relief proceedings has found this to be the case.
defendant sub 1] is privately liable


4.19.
Article 4
Defendants [defendant c.s.] is of the opinion that the claims against [defendant sub 1] should be dismissed in private, because no private accusation can be made against her. The websites on which the statements are made are in the name of SIN-NL and are managed by that foundation. The content on these sites is therefore the responsibility of SIN-NL. Defendant sub 1] acts as chairman of SIN-NL and within the objective of that foundation, so says [Defendants c.s.].


4.20.
A healthcare provider uses a client's citizen service number to ensure that the personal data to be processed in the context of the provision of care relates to that client.
The Court in preliminary relief proceedings ruled differently. Individuals are privately liable for texts written in their own title and that is what it is about in this case. The article on the blacklist of doctors is about what according to [defendant sub 1] happened in private in the criminal case against her. It is not about the general purpose of the foundation: to improve the position of victims of medical errors. The statements on the blacklist of judges refer to the article on the blacklist of doctors.
The Public Prosecution Service has said that [defendant sub 1] is also able to remove the texts from the websites himself. She did not deny this, so the Court in preliminary relief proceedings assumed that she could do this.
The claims were upheld


4.21.
Article 8
All in all, the Court in preliminary relief proceedings is of the opinion that the publications are unlawful and that both defendants can be held liable for this. The claims of the Public Prosecution Service for their removal are therefore granted. The entire article on the blacklist of doctors must be removed. If the four unlawful statements and the photograph are discarded, one sentence remains: "[A] from the Public Prosecutor's Office [region] . Involved in the treatment of medical cases concerning failing doctors" and this sentence does not justify inclusion on the blacklist. The statements about [A] in the articles on the blacklist of judges must also be removed.
Both SIN-NL and [defendant sub 1] are therefore ordered to remove the article and the statements.


4.22.
1. The care provider will include the client's citizen service number in its records when recording personal data relating to the provision of care.
The requested penalty payment will be awarded.


4.23.
2 If, in accordance with the provisions of Article 15a, the healthcare provider makes the client's data available via an electronic exchange system, the legal entity that manages and maintains that electronic exchange system is authorised to process that client's citizen service number to the extent that this is necessary to perform its task as manager.
Defendants et al.] has been proved wrong and is therefore ordered to pay the costs of the public prosecutor's office et al. These costs are estimated at:
-writ of summons € 99.01
-Registrar's fee 639,00
-lawyer's salary 980.00
Total € 1,718.01
The counterclaim is not allowed


4.24.
Article 15a
Defendant sub 1] wanted to bring a counterclaim for compensation of damages at the hearing, but that is not possible. A (counterclaim) in trade summary proceedings, such as this one, can only be made by a lawyer. The lawyer of [defendant sub 1] has not filed the claim. Defendant sub 1] himself is a lawyer, but not a lawyer. The counterclaim is therefore not allowed.


5 The decision
1. The healthcare provider will only make the client's data available via an electronic exchange system, insofar as the healthcare provider has established that the client has given explicit permission for this.
The judge in preliminary relief proceedings


5.1.
[]
Condemns [defendants c.s.] to remove the article on the blacklist doctors and to keep the statements on the blacklist judges removed from the websites within 24 hours after service of this judgment,


5.2.
3 The healthcare provider only makes the client's data available via an electronic exchange system, insofar as the privacy of a person other than the client is not harmed when another healthcare provider consults these data.
orders [defendants et al.], within 48 hours after service of this judgment, to submit a request (or have a request submitted) to internet search engine Google, submitting the judgment to Google, to remove the articles and all references to it from the search results of this search engine and from its "chache memory", while simultaneously sending a copy of these requests to the attorney of the Public Prosecutor's Office et al,


5.3.
Article 15c
Condemns [defendants et al.] to pay the Public Prosecution Service a penalty payment of € 5,000 for each day or part thereof that it does not comply with the main conviction pronounced in 5.1 and 5.2, up to a maximum of € 100,000 has been reached,


5.4.
1. The healthcare provider shall provide the customer with information on his rights when exchanging data electronically, on how to exercise his rights and on the functioning of the electronic exchange system used for data exchange. If new categories of healthcare providers join the electronic exchange system, or the functioning of the electronic exchange system is otherwise substantially changed, the healthcare provider shall inform the customer about this change and about the possibility to amend or withdraw the consent given, as referred to in Article 15a.
orders [defendants et al] to pay the costs of the proceedings, on the part of the Public Prosecutor's Office to date estimated at € 1,718.01, to be increased by the statutory interest as referred to in Article 6:119 of the Civil Code on this amount with effect from the fifteenth day after the date of this judgment until the date of full payment,


5.5.
[]
orders [defendants et al.] to add to the costs incurred after this judgment, estimated at € 157.00 in attorney's salary, on the condition that [defendants et al.] did not comply with the judgment within 14 days after the instruction and subsequently service of the judgment has taken place, an amount of € 82.00 in attorney's salary and the costs of the operation of service of the judgment,


5.6.
Electronic Data Processing by Care Providers Decree
declares this judgment provisionally enforceable.
 
This judgment was rendered by F.C. Burgers and pronounced in public on 25 October 2019.1.</pre>
Article 3
 
1. The person responsible for an electronic exchange system shall, in accordance with the provisions of NEN 7510 and NEN 7512, ensure safe and careful use of that electronic exchange system.
 
[…]
 
Article 5
 
1. The healthcare provider as responsible for a healthcare information system and the person responsible for an electronic exchange system ensure that the logging of the system complies with the provisions of NEN 7513. […]
 
1 This application resulted in the appeal with number UTR 19/607 and was also heard by this court on 15 October 2019.
 
2 This concerns the aforementioned appeal with number UTR 19/607, which was also heard by this court on 15 October 2019.
 
3 ECLI:NL:HR:2017:3053
 
4 Parliamentary Papers I, 2018/2019, 27 529, no. K</pre>

Revision as of 17:08, 4 February 2020

Rb. Midden-Nederland - AWB - 19 _ 608
CourtsNL.png
Court: Rb. Midden-Nederland (Netherlands)
Jurisdiction: Netherlands
Relevant Law:

Article 33 GDPR

Article 35 GDPR

Article 36 GDPR

Decided: 10. 01. 2020
Published: 29. 01. 2020
Parties: Public Prosecutor's Office of the Netherlands

Foundation of Victims of Iatrogenic Negligence of the Netherlands

National Case Number: UTR 19/608
European Case Law Identifier: ECLI:NL:RBMNE:2020:73
Appeal from: n/a
Language: Dutch
Original Source: de Rechtspraak (in NL)

The Court of First Instance of the Central Netherlands ruled on the matter regarding processing of special categories of personal data under the GDPR.

English Summary

Facts

SIN-NL is a foundation that works to improve the position of victims of medical errors or their survivors and the patient safety and quality of healthcare. SIN-NL publishes online a blacklist of doctors and a blacklist of judges, which contain names of doctors, judges and other persons and organisations within the healthcare sector who according to SIN-NL act unlawfully.

The plaintiff was a public prosecutor, that acted in cases of medical malpractice. The plaintiff's name and photo were included in an article in the list of the doctors and specific accusations against here were made. The name of the plaintiff's name and job were also mentioned there.

The Public Prosecutor's Office claimed that the inclusion of the names and the photo violated the GDPR and the plaintiff's portrait right, hence they should be removed.

Dispute

The Court had to balance the interests of the opposing parties.

Holding

The Court found that the allegations against the plaintiff were inaccurate. Moreover, the photo was published without the plaintiff's consent and thus it violated her portrait right. The paintiff also saw a violation of Articles 33, 35 and 36 of the GDPR, which the defendant has not contested. The Court found that the publication of the blacklists violated Dutch law and ordered the removal of the article at stake. It also ordered the defendants to submit a request for removal to Google.

Comment

Share your comment here!

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the original. Please refer to the Dutch original for more details.

Ruling
CENTRAL COURT

Sitting place Utrecht

Administrative law

Case number: UTR 19/608
judgment of the multiple chamber of 10 January 2020 in the case between
[plaintiff] , at [place of business] , plaintiff

(Agent: J.M.T. Wijnberg),

and
the Authority Personal data, defendant

(Agent: Mr E.S. van der Deijl and Mr O.S. Nijveld).

The Vereniging Zorgaanbieders voor Zorgcommunicatie (VZVZ) (Association of Healthcare Communication Providers), The Hague, acting as third party, authorised: [authorised 1] and [authorised 2] .
Proceedings

By order of 6 May 2018 (the primary order), the defendant rejected the claimant's request to take enforcement action against VZVZ as manager of the Landelijk Schakelpunt (LSP).

By decision of 24 December 2018 (the contested decision), the defendant dismissed the claimant's objection as unfounded.

The plaintiff lodged an appeal against the contested decision.

The defendant submitted a statement of defence.

The hearing took place on 15 October 2019. The plaintiff is represented by her agent and Mr [A] . The defendant and VZVZ were represented by their agents.
Recitals


Introduction

    The articles to which the court refers in this judgment are set out in an annex that accompanies this judgment.

    The LSP is a network to which certain categories of healthcare providers can connect. A patient's Burgerservicenummer (BSN) is registered in the LSP. Through this network healthcare providers can consult medical data about their patients in each other's systems. The LSP is not a database: no medical data is stored in it. These data remain in the files of, for example, the (own) GP and pharmacy. Consultation of medical data in the files of another healthcare provider is only permitted if the patient has given explicit permission for this. The BSN is provided by the care provider to whom a person has granted permission for registration with the LSP.
    The claimant's request for enforcement

    By letter dated 27 July 2017, the plaintiff requested the defendant to take enforcement action against VZVZ as administrator of the LSP. Her request consists of three parts.
    a. The defendant must take action against the way in which VZVZ allows people to be registered in the LSP without having given the required explicit consent;
    b. the defendant must review the view of its legal predecessor, the Dutch Data Protection Authority (Cbp), from 2014, that VZVZ has put in place sufficient technical and organisational safeguards to ensure that only personal data of patients who have given their consent for this purpose are processed;
    c. the respondent must confirm that VZVZ may not ask for a BSN in combination with a copy of a valid identity document in response to written requests to the effect that someone has been registered with the LSP.

    The plaintiff submitted four cases of patients who had been registered with the LSP without their permission. According to the plaintiff, she has thus demonstrated that patients are registered with the LSP without their explicit consent and that the system as such is therefore flawed. According to the plaintiff, the defendant must take enforcement action against VZVZ in order to rectify this.
    Discussion of the claimant's appeal

    In addition to this enforcement request, the plaintiff also submitted an enforcement request to the defendant aimed at addressing pharmacists about the unlawful registration of patients with the LSP.1 The defendant has interpreted the present enforcement request as exclusively aimed at enforcement towards VZVZ as manager of the LSP and as co-responsible for the processing of personal data. It therefore does not focus on the healthcare providers. The District Court also maintains this classification.

6. The processing of personal data in the LSP without the express consent of patients is contrary to Article 9, second paragraph, opening words and under a, of the AVG and Article 22, second paragraph, opening words and under a, of the AVG Implementation Act. If it appears that VZVZ violates these articles, the defendant is entitled to take enforcement action pursuant to Section 58(2)(d) of the AVG. In view of the public interest served by enforcement, the defendant will generally also have to make use of his enforcement power in such a case (the obligation in principle to enforce).

7. The central question is therefore whether VZVZ has acted contrary to the AVG.
The defendant has investigated the four cases brought forward by the claimant in which healthcare providers reported patients to the LSP without the required permission. He has come to the conclusion that three of the four cases brought forward did indeed involve registration without the patient's consent. This is an offence. Nevertheless, the defendant sees no reason to take enforcement action. In the meantime, these wrongful registrations have been reversed at the request of these patients. Furthermore, VZVZ, as administrator of the system, has set up procedures and made information material available in order to ensure that healthcare providers receive correct permission from their patients and, in accordance with this permission, register the BSN with the LSP. According to the defendant, VZVZ supervises this adequately. In a report from 2014, the Cbp has already established that VZVZ has put in place sufficient technical and organisational safeguards to ensure that only personal data of persons who have granted permission for this purpose are processed. The defendant still believes this to be the case and therefore maintains this conclusion. The circumstance that in a number of isolated individual cases the care provider has registered persons with the LSP without legally valid permission, does not mean that the LSP as a system leads to unlawful processing of personal data on a large scale, as the claimant assumes.

8. The District Court is of the opinion that the defendant has investigated the four cases submitted by the plaintiff with sufficient care and that the conclusion he draws is not incorrect either. VZVZ, after having received a report from the four patients, reversed the established violations. There are no indications that new violations will occur that the defendant should prevent by applying enforcement instruments. The VZVZ uses the information it provides to healthcare providers by means of training courses and the procedures it draws up, and the supervision it then carries out, to ensure that wrongful registrations in the LSP are prevented as far as possible. VZVZ has explained in this procedure (and the enforcement procedure against pharmacists2) that it cannot monitor at a micro level, but that it intensively monitors the working methods of the care providers by concluding contracts with the care providers, carrying out regular spot checks and inquiring into the procedures used by the care providers to register. The care provider's own system must state how consent was obtained and what information the patient received. Has a leaflet been provided and if so, which leaflet? In principle, the healthcare provider is responsible for the correct registration of the patient, but VZVZ keeps sufficient supervision to prevent wrongful registrations and subsequent unlawful processing of personal data. The few errors that will nevertheless occur do not make the system as such unlawful and, in view of the efforts already made by VZVZ, the defendant does not need to use enforcement instruments.

9. This does not mean that errors will not occur in the future. The healthcare providers are responsible for the correct registration, but because consent can also be given verbally at the bar or in the consultation room, the system is not watertight. The claimant's efforts in this procedure are aimed at achieving a (virtually) watertight system. This would in fact amount to a system in which a form of written consent is required and the law does not compel this. Important in this respect is that the LSP is governed by Article 15a, first paragraph, of the Wet aanvullende bepalingen verwerking persoonsgegevens in de zorg (Wabvpz) which - in short - stipulates that the care provider can only make the client's data available via the LSP, insofar as it has been established that the client has given explicit permission for this. This consent does not have to be written, but may also be given verbally, as is evident from the considerations of the AVG under 32: 'Consent must be given by means of a clear active act, for example a written statement, also by electronic means, or a verbal statement, which shows that the person concerned freely, specifically, informed and unambiguously consents to the processing of his/her personal data. […]”. The healthcare providers and VZVZ must be able to demonstrate that the consent has actually been granted. This is evident from 42 of the recitals of the AVG: 'if the processing takes place on the basis of the data subject's consent, the data controller must be able to demonstrate that the data subject has given permission for the processing'. VZVZ's working method, as described in recital 8, ensures that the patient is sufficiently aware of what he or she is consenting to and ensures that the notification is in accordance with the GC. VZVZ is not legally obliged to do more than it currently does. There are therefore no grounds for the defendant to take enforcement action. The argument does not succeed.

10. The plaintiff also takes the position that whether or not patients are included in the LSP is not sufficiently verifiable. Anyone who does not wish to be registered with the LSP should in fact regularly check via www.volgjezorg.nl whether he or she has not been wrongly registered after all. If you do not wish to make use of this digital option, you must contact VZVZ with a request for a check accompanied by BSN and a copy of a valid identity document. The plaintiff does not want this because sensitive personal data are provided to VZVZ in this way without proper safeguards and believes that the system should give a notification to a patient when he or she is registered. She also objects to the fact that an unjustified notification is not described as such in the LSP, but that it is stated that the patient would have withdrawn the notification. This is factually incorrect according to the plaintiff and should be changed. Finally, the logging data of these persons is incorrectly retained and is not deleted.

11. The court interprets these arguments of the plaintiff, which are mainly about the way in which patients can check and cancel registration in the LSP, as further substantiation of its view that the LSP as a system is flawed and leads to unlawful processing of personal data against which the defendant must take enforcement action.
11.1 The Court does not follow plaintiff in this position. As VZVZ has explained, only the BSN of a patient is included in the LSP with a view to data minimization and therefore a notification to the patient cannot take place, because more data, such as an e-mail address, is required for this purpose. It is therefore not possible to check retrospectively whether consent has been given without further information from the patient. For this reason, VZVZ has drawn up a working method in which it has made contractual agreements with the healthcare providers, provides information in advance about the importance of the consent, and also randomly checks whether the healthcare providers comply with the agreements made in this regard. As the court ruled in recital 9, this working method is sufficient. In this respect, the court considers it important that the patient is provided with possibilities to check whether and by whom he or she has been registered in the LSP. There is no reason to assume that the way in which this can be done is disproportionately burdensome or incriminating.
11.2 The Respondent has rightly explained that there is a legal basis for the use of the BSN by VZVZ, which can be found in Article 8, second paragraph of the Additional Provisions for the Processing of Personal Data in Health Care. He also refers to Article 4 of this Act and Article 46, first paragraph, of the UAVG. The VZVZ has a basis for examining whether someone is included in the LSP on the basis of the BSN. Moreover, as VZVZ has explained, the check cannot take place in any other way, because there are no other data in the LSP. Furthermore, the court does not consider it unreasonable for VZVZ to ask for a copy of the identity document and it follows the defendant in its conclusion that there is no violation of the GCG on this point either. On the contrary, VZVZ is asking for proof of identity in order to prevent people from being able to request data from third parties just like that.
11.3 Nor does the District Court consider that the fact that it is not stated in the LSP that it is an wrongful registration, but that it is a withdrawal of consent, is a reason to assume a violation of the AVG. There is no legal obligation to state somewhere that consent has never been given. Article 17 of the AVG contains an obligation to delete data. This has been further explained in the considerations of the AVG under 65 and it does not follow from this that when deleting data it must be stated that the notification was unlawful from the outset.
11.4 Finally, the defendant has explained that VZVZ can always retrieve the logging data, so that even after withdrawal of consent, it can be ascertained which data has been made available and which data has been viewed by the BSN. In this way, insight can be provided into the exchange of medical personal data as it has taken place previously. In the statement of defence the defendant explained that pursuant to Articles 3 and 5 of the Electronic Data Processing Decree (Besluit elektronische gegevenswerking door zorgaanbieders) a statutory retention period applies for these logging data in accordance with various NEN standards mentioned in those articles. The possibility to delete data therefore only extends to the deletion of the BSN in the LSP and the reversal of consent. The immediate deletion of logging data is not legally possible.
The plaintiff's arguments do not serve any purpose.

12. The plaintiff referred to the judgment of the Supreme Court (HR) of 1 December 20173 , to which the defendant also referred. According to her, in that judgment the HR ruled that the arrangement of the LSP is acceptable as a system, but only because it is based on the freely given, sufficiently specific consent of the patients concerned. According to the plaintiff, the defendant cannot refer to this judgment to substantiate the view that the LSP is sound, because VZVZ - contrary to what the HR assumed in the judgment - cannot guarantee that notification always takes place on the basis of explicit consent. During the hearing, the plaintiff referred to a letter dated 4 October 2019 from the Minister for Medical Care and Sport to the Senate4 in which it was explained that the entry into force of Section 15(2) of the Wabvpz, which regulates a specified consent for data exchange in healthcare, is not feasible as of 1 July 2020. The plaintiff points out that the HR has also considered in its judgment that such a specified consent is more in line with - in short - the privacy rules and as soon as it is feasible the LSP must provide for it. Because this specified consent will not be forthcoming, the system does not meet the requirements to be set for it, according to the plaintiff.

13. The District Court interprets this argument as part of its argument that the LSP as a system is unlawful. It does not follow the claimant in this respect. As was considered earlier in this judgment, but also follows from the judgment of this court in the proceedings with case number UTR 19/607, there is no reason to follow plaintiff in her view that healthcare providers are reporting patients in the LSP on a large scale without the required permission. The LSP is acceptable as a system. The plaintiff's reference to her interpretation of the HR ruling and the letter of 4 October 2019 on whether or not future amendments to the legislation and regulations are feasible is not considered relevant by the court in this respect. This argument does not serve any purpose either.

13. The plaintiff argues that the contested decision affects the legal position of all healthcare providers, because their administration may fall into the hands of third parties through no fault of their own. This affects their professional secrecy and their legal liability, the plaintiff claims.
Apart from the question whether the plaintiff represents the interests of the healthcare providers in this enforcement procedure, the District Court considered that in this argument the plaintiff wrongly assumes that the LSP as a system is inadmissible and that data are therefore processed unlawfully. As previously considered, this is not the case.
This argument is unsuccessful.

13. Finally, as a separate part of her enforcement request, the plaintiff requested the defendant to return to the aforementioned conclusion in the report from 2014. The defendant rightly concluded that this cannot be an independent part of the enforcement request. When discussing the other parts of the enforcement request, the defendant took this conclusion into account and concluded that it would not return to it. The defendant maintains the position that VZVZ has put in place sufficient technical and organisational safeguards to ensure that only personal data of patients who have given permission to do so are processed. He is allowed to do so. The defendant has discussed this correctly. This argument is unsuccessful.
Conclusion

13. The appeal is unfounded. There are no grounds for an order as to costs.
Decision

The court declares the appeal unfounded.

This ruling was made by V.E. van der Does, chairman, and P.J.M. Mol and M.E.J. Sprakel, members, in the presence of M.E.C. Bakker, registrar. The decision was publicly pronounced on 10 January 2020.

registrar chairman

Copy sent to parties on:
Legal remedy

An appeal may be lodged with the Administrative Jurisdiction Division of the Council of State against this decision within six weeks of the date on which it was sent.

ANNEX

General Data Protection Regulation

Article 9

Processing of special categories of personal data

Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and processing of genetic data, biometric data for the unique identification of a person, or data concerning health, or data relating to a person's sexual behaviour or sexual orientation are prohibited.

(a) the data subject has given his or her explicit consent to the processing of those personal data for one or more specified purposes, except where Union or Member State law provides that the prohibition referred to in paragraph 1 cannot be lifted by the data subject;

[…].

Article 17
Right to erasure of data ('right to oblivion')

1. The data subject shall have the right to obtain from the data controller the erasure of personal data relating to him without unreasonable delay and the data controller shall be obliged to erase personal data without unreasonable delay where one of the following applies:

[…]
(b) the data subject withdraws the consent on which the processing is based pursuant to Article 6(1)(a) or Article 9(2)(a) and there is no other legal basis for the processing;
[…]
(d) personal data have been unlawfully processed;
[…]

Implementing Act General Data Protection Regulation

Article 22. Prohibition of processing of special categories of personal data and general Regulation exceptions

1. According to Article 9(1) of the Regulation, the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership and the processing of genetic data, biometric data for the unique identification of a person, or data concerning health, or data concerning a person's sexual behaviour or orientation shall be prohibited.

2 In accordance with Article 9(2)(a), (c), (d), (e) and (f) of the Regulation, the prohibition to process special categories of personal data shall not apply if:

a. the data subject has given explicit consent to the processing of those personal data for one or more specified purposes;

[…]

Article 46. Processing national identification number

1. A number prescribed by law for the identification of a person shall only be used in the processing of personal data for the implementation of the relevant law or for purposes laid down by law.

[…]


Wet aanvullende bepalingen verwerking persoonsgegevens in de zorg (Act on additional provisions for the processing of personal data in the healthcare sector)

Article 4

A healthcare provider uses a client's citizen service number to ensure that the personal data to be processed in the context of the provision of care relates to that client.

Article 8

1. The care provider will include the client's citizen service number in its records when recording personal data relating to the provision of care.

2 If, in accordance with the provisions of Article 15a, the healthcare provider makes the client's data available via an electronic exchange system, the legal entity that manages and maintains that electronic exchange system is authorised to process that client's citizen service number to the extent that this is necessary to perform its task as manager.

Article 15a

1. The healthcare provider will only make the client's data available via an electronic exchange system, insofar as the healthcare provider has established that the client has given explicit permission for this.

[…]

3 The healthcare provider only makes the client's data available via an electronic exchange system, insofar as the privacy of a person other than the client is not harmed when another healthcare provider consults these data.

Article 15c

1. The healthcare provider shall provide the customer with information on his rights when exchanging data electronically, on how to exercise his rights and on the functioning of the electronic exchange system used for data exchange. If new categories of healthcare providers join the electronic exchange system, or the functioning of the electronic exchange system is otherwise substantially changed, the healthcare provider shall inform the customer about this change and about the possibility to amend or withdraw the consent given, as referred to in Article 15a.

[…]

Electronic Data Processing by Care Providers Decree

Article 3

1. The person responsible for an electronic exchange system shall, in accordance with the provisions of NEN 7510 and NEN 7512, ensure safe and careful use of that electronic exchange system.

[…]

Article 5

1. The healthcare provider as responsible for a healthcare information system and the person responsible for an electronic exchange system ensure that the logging of the system complies with the provisions of NEN 7513. […]

1 This application resulted in the appeal with number UTR 19/607 and was also heard by this court on 15 October 2019.

2 This concerns the aforementioned appeal with number UTR 19/607, which was also heard by this court on 15 October 2019.

3 ECLI:NL:HR:2017:3053

4 Parliamentary Papers I, 2018/2019, 27 529, no. K