This afternoon Privacy First sent the following letter to the Electronic Health Record spokespersons in the Dutch House of Representatives:
‘‘Dear Members of Parliament,
Recently the Senate, quite rightly, unanimously rejected the legislative proposal to introduce a national Electronic Health Record (Elektronisch Patiëntendossier, EPD), especially in light of the enormous privacy risks this EPD would entail. It is therefore with great concern that Privacy First has taken note of developments that indicate a possible restart of that very same EPD along a private, extra-parliamentary route. Such a restart is not only disdainful with regard to our democratic process, it is also a denial of the risks and worries on the basis of which a legal introduction of a national EPD recently did not go ahead. To this end, Privacy First makes an urgent appeal to you to call a halt to this development and to call the relevant persons in charge to account. From a privacy-legal point of view, Privacy First is of the opinion that the Dutch government remains unabatedly responsible for any privacy-infringements that will result from a private, national EPD, especially in light of the fact that such a system has been emphatically rejected by the Senate for privacy reasons.
In line with the recently adopted Franken motion, in this respect Privacy First also urges you to have an independent, public Privacy Impact Assessment (PIA) carried out as soon as possible with regard to both 1) a national EPD as envisaged by the private parties involved as well as 2) possible alternatives for this national EPD. In carrying out this PIA, necessity, proportionality, subsidiarity and freedom of choice are to be guiding criteria. Privacy by design and privacy enhancing technologies, among which for instance technologically advanced patient cards or personal health records, are to fulfil an important role in such a PIA. Until the moment the PIA has been rounded off, no irreversible steps towards a private restart of the national EPD are to be taken.
In the view of Privacy First, the National Switch Point (Landelijk Schakelpunt, LSP) of the national EPD is to be transformed to small-scale, regional systems in accordance with the desire of the Senate. For regional exchange of data an LSP is unnecessary: to this end regional switch points are sufficient, possibly complemented by supra-regional 'push-communication'. This enhances security and reduces the risks of abuse that are inherent to a national EPD.’’