Medical Secrets vs. GDPR

Abstract The work of the doctor and other health professionals is closely related with access to information on the health of patients. The disclosure of such information leads to many consequences. It also violates the privacy of the patient.The obligation to maintain medical confidentiality is regulated by law, and is based on the ethics of the medical profession. Regulations that regulate the principles of medical confidentiality are contained in the Act of 5 December 1996 on the professions of doctor and dentist. Information on the health of patients is covered by special confidentiality, because these are specific data requiring confidentiality. The information that relates to the patient and is obtained during medical work, including data on the patient’s life or property, are medical secrets. There are a few exceptions for which the doctor may be released from medical confidentiality. These include consent of the patient him/herself, consent resulting from the act and removal of medical confidentiality in the case of danger to the patient or other persons, and with the consent of public authorities. It is very important to consider the protection of personal data, including sensitive data, which includes medical data contained in the provisions of the GDPR. This regulation comprehensively regulates the issues of personal data protection, also including medical confidentiality, by prohibiting the processing of patient data by medical entities without authorization. The purpose of this article was to analyze the correlation between regulations relating to medical confidentiality and the provisions of the GDPR, which are new tools for the protection of personal data. The article discusses issues regarding the subject scope of medical confidentiality, exemption from its behaviour, and liability for possible violations.