Last update:


Arch Hellen Med, 38(3), May-June 2021, 394-400


Electronic health records and personal data protection: The legal and sociological approach

K. Apostolos
Law School, National and Kapodistrian University of Athens, Athens, Greece

The new European General Data Protection Regulation (2016/679), known as GDPR, has had a great impact on the protection of personal data, mainly in the field of health. Personal health data were already governed by a strict legal framework, which, however, was insufficient to keep up with the new technologies such as electronic health records. The electronic health record is an unprecedented medical and technological phenomenon, but it must be used properly, to ensure that the personal health data protection standards are met. In parallel, sociologically, the inclusion of this brand-new feature in the process of the provision of healthcare services constitutes a source of concern and controversy. The digitalization of personal health data, as required for maintenance of the patients' health record, is a process that entails serious risks, including hacking or malicious use of patients' personal data. In this context, significant ethical issues arise, and the plethora of advantages and facilities of the electronic medical record makes it a matter of urgent need to ensure that its establishment and application are in firm compliance with the provisions of the relevant legislation, and in a careful and humanitarian manner, with provision for dealing with the vital dilemmas and risks that may arise.

Key words: Bioethics, GDPR, Medical record, Personal data.

© Archives of Hellenic Medicine