Capturing and processing patient data - how does it work?
If you work in a medical facility, handling personal data is part of your everyday work. Patient data is subject to medical confidentiality and may only be collected, stored, and processed under certain conditions.
Generally, written acceptance from patients is required as a form of consent. Patient consent must be obtained on a regular basis to ensure that coverage is always updated. However, patient data may only be collected and processed for specific purposes. This includes, for example, the treatment of a disease, preventive care or diagnostics.
Personal data is stored in a patient file, which must be protected from access by third parties due to its sensitive content.
Medical confidentiality
Medical confidentiality is regulated in the professional codes of the state medical associations (§9 Berufsordnung der Ärztekammer Berlin) and in the German Criminal Code (§203 StGB). According to the provisions of the professional regulations, doctors must keep silent about what is disclosed to them in their capacity as physicians.
This includes medical confidentiality:
- the fact that the person concerned has been or is being treated by the doctor
- the names of the patients
- Thoughts, opinions, family relationships, professional and financial circumstances entrusted to the doctor by patients
- the third secret
- Observations on the part of the physician
In addition, medical confidentiality – and this is the most important point in this context – also includes all medical data that belong to the patient’s file.