Skip to main content
Home

Main navigation

  • Top stories
  • Health
  • Crime
  • Politics
  • Business
  • Tech
  • Culture
  • Sports
  • Weird
  • 1-1-2
Image
Cropped view of doctor in latex gloves holding syringe and vaccine on blurred foreground near patient
Cropped view of doctor in latex gloves holding syringe and vaccine on blurred foreground near patient - Source: IgorVetushko at DepositPhotos - License: Deposit Photos
Health
Tech
privacy
Covid-19 vaccination
RIVM
GP
GGD
Ministry of Public Health Welfare and Sports
Data leak
invasion of privacy
Paul Korremans
Privacy First
OpenNovations
Hans de Raad
Monday, July 26, 2021 - 08:44
Share this:
  • facebook
  • twitter
  • linkedin
  • whatsapp
  • reddit

Vaccination data shared with RIVM without consent: report

Some 700 patients' Covid-19 vaccination data was shared with public health institute RIVM without the patients' consent, BNR found in its own research. The problem came through an error in one of the systems used by general practitioners, which did not properly register whether or not a patient gave permission for their personal data to be shared.

A total of 70 general practices use the system in question, the developer told BNR. The temporary software error has now been resolved, the developer said. 500 of the involved patients clearly indicated that their information should not be shared. Of the other 200, it is not known whether they gave consent. 

The RIVM confirmed to the broadcaster that it received the data without the patients' explicit consent. This happens every now and again, and the RIVM tries to remove the data as soon as possible, a spokesperson said. 

Health service GGD also shares Covid-19 vaccination data with the RIVM. A spokesperson told BNR that the GGD does not know of any cases in which vaccination data was shared without consent, but cannot rule out the possibility. 

The Ministry of Public Health said it was pleased that the problem was adequately identified and resolved.

But privacy experts were more negative. Paul Korremans of Privacy First called this a very serious mistake. "It is a very serious invasion of the privacy of the individuals involved. The fact that people explicitly stated that their information may not be shared makes it even worse."

According to Hans de Raad, owner of OpenNovations, which specializes in medical software and cybersecurity, this never should have happened. "If you work with medical, highly sensitive data, extra strict standards apply. It seems like at least one of the basics was skipped here," he said to the broadcaster. Developers are supposed to run a risk analysis and keep checking the software. "If you applied this, then it is very strange that this error was only discovered months later."

Korremans told BNR that not only the developer is at fault here. "GPs should be more aware of the sensitivity of medical data and look much more critically at the work of the developer."

Follow us:

Latest stories

  • Walrus spotted near Schiermonnikoog; First in NL in 23 years
  • Most unaccompanied child asylum seekers in NL since refugee crisis
  • Covid vaccinations back on the rise as coronavirus pass expansion nears
  • Dutch royal family costs rise to over €48 million; King's personal salary tops €1 million
  • The 2022 Dutch budget in a nutshell
  • Few changes to spending power next year, but some will be hurt

Top stories

  • Walrus spotted near Schiermonnikoog; First in NL in 23 years
  • Most unaccompanied child asylum seekers in NL since refugee crisis
  • Covid vaccinations back on the rise as coronavirus pass expansion nears
  • Dutch royal family costs rise to over €48 million; King's personal salary tops €1 million
  • The 2022 Dutch budget in a nutshell
  • Few changes to spending power next year, but some will be hurt

© 2012-2021 NLTimes.nl, All rights reserved.

Footer menu

  • Privacy
  • Contact
  • Partner content