Skip to main content
Home

Main navigation

  • Top stories
  • Health
  • Crime
  • Politics
  • Business
  • Tech
  • Culture
  • Sports
  • Weird
  • 1-1-2
Image
Cropped view of doctor in latex gloves holding syringe and vaccine on blurred foreground near patient
Cropped view of doctor in latex gloves holding syringe and vaccine on blurred foreground near patient - Credit: IgorVetushko / DepositPhotos - License: DepositPhotos
Health
Tech
privacy
Covid-19 vaccination
RIVM
GP
GGD
Ministry of Public Health Welfare and Sports
Data leak
invasion of privacy
Paul Korremans
Privacy First
OpenNovations
Hans de Raad
Monday, 26 July 2021 - 08:44
Share this:
  • facebook
  • twitter
  • linkedin
  • whatsapp
  • reddit

Vaccination data shared with RIVM without consent: report

Some 700 patients' Covid-19 vaccination data was shared with public health institute RIVM without the patients' consent, BNR found in its own research. The problem came through an error in one of the systems used by general practitioners, which did not properly register whether or not a patient gave permission for their personal data to be shared.

A total of 70 general practices use the system in question, the developer told BNR. The temporary software error has now been resolved, the developer said. 500 of the involved patients clearly indicated that their information should not be shared. Of the other 200, it is not known whether they gave consent.

The RIVM confirmed to the broadcaster that it received the data without the patients' explicit consent. This happens every now and again, and the RIVM tries to remove the data as soon as possible, a spokesperson said.

Health service GGD also shares Covid-19 vaccination data with the RIVM. A spokesperson told BNR that the GGD does not know of any cases in which vaccination data was shared without consent, but cannot rule out the possibility.

The Ministry of Public Health said it was pleased that the problem was adequately identified and resolved.

But privacy experts were more negative. Paul Korremans of Privacy First called this a very serious mistake. "It is a very serious invasion of the privacy of the individuals involved. The fact that people explicitly stated that their information may not be shared makes it even worse."

According to Hans de Raad, owner of OpenNovations, which specializes in medical software and cybersecurity, this never should have happened. "If you work with medical, highly sensitive data, extra strict standards apply. It seems like at least one of the basics was skipped here," he said to the broadcaster. Developers are supposed to run a risk analysis and keep checking the software. "If you applied this, then it is very strange that this error was only discovered months later."

Korremans told BNR that not only the developer is at fault here. "GPs should be more aware of the sensitivity of medical data and look much more critically at the work of the developer."

Follow us:

Latest stories

  • Largest "Christmas tree" in the country lights up for the 25th time
  • Major fires in Arnhem districts lead to one fatality and the evacuation of homes
  • Law changes that will hit your wallet in 2024
  • Locals skeptical about Amsterdam's bumpy stones trial to deter Red Light drug dealers
  • Geminid meteor shower to peak over the Netherlands on Thursday
  • Netherlands conducts large-scale cyber attack drill involving key infrastructure sectors

Top stories

  • Largest "Christmas tree" in the country lights up for the 25th time
  • Major fires in Arnhem districts lead to one fatality and the evacuation of homes
  • Dutch Cabinet talks hit 3 key obstacles, but PVV, NSC, BBB & VVD will keep talking: Report
  • Netherlands issues travel warning for Paris citing terrorism threats
  • Netherlands to lead major study to test existing medications for long Covid treatment
  • Amsterdam cuts citywide speed limit down to 30 km/h today

© 2012-2023, NL Times, All rights reserved.

Footer menu

  • Privacy
  • Contact
  • Partner content