Privacy and Health Research. Germany


Basic privacy law: Federal Data Protection Act (Bundesdatenschutzgesetz) (1990). Authority: Federal Data Protection Commissioner (Bundesdatenschutzbeauftragter). State (Länder) data protection laws and agencies also are important.

he German privacy laws are already strict—too strict for health research, some believe— and the general opinion seems to be that they will not need to be deeply modified to conform to the E.U. Directive.

However, several detailed amendments to the basic privacy law are being considered that would better meet the special requirements of health research and public-health activities, such as secondary research use of health data. The Ministries of Justice, Health, Research, Labor, Commerce, and Finance are involved in the discussions, which are being led by the Ministry of the Interior (Innenministerium). Part of the background is a 1995 petition from a working group of 100 German medical societies, which, stating that the Federal Data Protection Act over- emphasizes patients' privacy and impedes health research, urged the Minister of Research to seek changes in law so that health research, with its associated informed consent and ethics review, would be controlled separately and its special dimensions accommodated.87

Much activity in Germany now concerns implementation of a 1994 Law on Cancer Registries (Gesetz über Krebsregister), which requires that by the beginning of 1999 all of the Länder must maintain registries of cancer cases, mainly for epidemiological research.88

(87) An exchange over the issues was Thilo Weichert, "Datenschutz und medizinische Forschung–Was nützt ein medizinisches Forschungsgeheimnis'?" MedR 6, 258–261 (1996), and Hans Joachim Bochnik, "Bestehen Datenschützer auf Forschungsblockaden?" MedR 6, 262–264 (1966).

(88) Bundesgesetzblatt No. 79, 3351–3355 (November 11, 1994). For commentary see J. Michaelis, "Towards nation-wide cancer registration in the Federal Republic of Germany," Annals of Oncology 6, 344–346 (1995).