In the second half of June, she had discovered in the digilugu.ee health portal that National Institute for Health Development (TAI) had made 16 inquiries regarding her during this year. Looking into it, turned out the queries came from the cancer screening register launched at the beginning of the year.
«I do not agree with the cancer screening register at TAI, or any other register, systematically collecting my health data. Health data are delicate and cannot be collected without permission by the individual. I request that my health data be immediately closed for TAI,» said Mr Sassian’s application to social ministry. However, as pursuant to Public Health Act data is forwarded to cancer screening register even when an individual has closed her data in the system.
Maarja Kirss, adviser, Data Protection Inspectorate:
Meanwhile, Public Health Act lays down rights of TAI to obtain data from health information system to perform tasks prescribed by law. Thus, an individual can only restrict access to health data when a health service provider is concerned, but not from other data processers who the law obligates to process certain data.
Katrin Merike Nyman-Metcalf, technological law professor at Tallinn University of Technology:
There is no basis to think that the ministry is misinterpreting the law; rather, this is a much broader issue: what’s the worth of an option to lock data if these can still be used? Isn’t the option then just an illusion? Simply put: they do provide the option of privacy of data but in reality they use them anyway.