Skip to main content
Home

Main navigation

  • Top stories
  • Health
  • Crime
  • Politics
  • Business
  • Tech
  • Culture
  • Sports
  • Weird
  • 1-1-2
Image
Cropped view of doctor in latex gloves holding syringe and vaccine on blurred foreground near patient
Cropped view of doctor in latex gloves holding syringe and vaccine on blurred foreground near patient - Credit: IgorVetushko / DepositPhotos - License: DepositPhotos
Health
Tech
privacy
Covid-19 vaccination
RIVM
GP
GGD
Ministry of Public Health Welfare and Sports
Data leak
invasion of privacy
Paul Korremans
Privacy First
OpenNovations
Hans de Raad
Monday, 26 July 2021 - 08:44
Share this:
  • facebook
  • twitter
  • linkedin
  • whatsapp
  • reddit

Vaccination data shared with RIVM without consent: report

Some 700 patients' Covid-19 vaccination data was shared with public health institute RIVM without the patients' consent, BNR found in its own research. The problem came through an error in one of the systems used by general practitioners, which did not properly register whether or not a patient gave permission for their personal data to be shared.

A total of 70 general practices use the system in question, the developer told BNR. The temporary software error has now been resolved, the developer said. 500 of the involved patients clearly indicated that their information should not be shared. Of the other 200, it is not known whether they gave consent.

The RIVM confirmed to the broadcaster that it received the data without the patients' explicit consent. This happens every now and again, and the RIVM tries to remove the data as soon as possible, a spokesperson said.

Health service GGD also shares Covid-19 vaccination data with the RIVM. A spokesperson told BNR that the GGD does not know of any cases in which vaccination data was shared without consent, but cannot rule out the possibility.

The Ministry of Public Health said it was pleased that the problem was adequately identified and resolved.

But privacy experts were more negative. Paul Korremans of Privacy First called this a very serious mistake. "It is a very serious invasion of the privacy of the individuals involved. The fact that people explicitly stated that their information may not be shared makes it even worse."

According to Hans de Raad, owner of OpenNovations, which specializes in medical software and cybersecurity, this never should have happened. "If you work with medical, highly sensitive data, extra strict standards apply. It seems like at least one of the basics was skipped here," he said to the broadcaster. Developers are supposed to run a risk analysis and keep checking the software. "If you applied this, then it is very strange that this error was only discovered months later."

Korremans told BNR that not only the developer is at fault here. "GPs should be more aware of the sensitivity of medical data and look much more critically at the work of the developer."

Follow us:

Latest stories

  • PSV earn a draw in Glasgow despite goalkeeper's blunder
  • Torch-bearer who threatened D66 leader back in custody for breaking release conditions
  • Groningen residents start protest month on 10th anniversary of strongest earthquake
  • Amsterdam orders Harbour Club to close for 6 months after latest violent incident
  • More assets seized from partners accused in dodgy face mask deals
  • Liar Liar: Five organizations nominated for misleading animal welfare claims

Top stories

  • Covid hospital patient total holds below 700 for 6th day; Infections at 10-week low
  • It's up to employers to increase wages and protect purchasing power, Dutch gov't says
  • Van Houten stepping down as Philips CEO after 12 years
  • Organic farmers could be spared in nitrogen policy, Minister says
  • Video: Massive fire in Deventer's historic city center; Two hurt, one seriously
  • Young homeless people often can't find room in shelters

© 2012-2022, NL Times, All rights reserved.

Footer menu

  • Privacy
  • Contact
  • Partner content