Processing of Sensitive Data in Public Health Sector

¹The processing of special categories of personal data may be necessary for reasons of public interest in the areas of public health without consent of the data subject. ²Such processing should be subject to suitable and specific measures so as to protect the rights and freedoms of natural persons. ³In that context, ‘public health’ should be interpreted as defined in Regulation (EC) No 1338/2008 of the European Parliament and of the Council (11), namely all elements related to health, namely health status, including morbidity and disability, the determinants having an effect on that health status, health care needs, resources allocated to health care, the provision of, and universal access to, health care as well as health care expenditure and financing, and the causes of mortality. ⁴Such processing of data concerning health for reasons of public interest should not result in personal data being processed for other purposes by third parties such as employers or insurance and banking companies.