On the occasion of the conference organised by the Swiss Federal Department of Home Affairs (DHA) different scenarios for the introduction of a health card in Switzerland were examined. Regardless of the model to be ultimately selected, the introduction and acceptance of a health card will depend to a great extent on how the data protection conditions are fulfilled. We took this opportunity to voice an opinion on the most important criteria which must be taken into consideration.
The health card conference of August 30, 2001 organised by the DHA was aimed at arriving at a consensus on the purpose, the operation and the content of a card as well as on the role to be played by national government in respect of this matter. Different scenarios were examined. The Federal Government will have a role in the co-ordination and collaboration with all interested partners. An objective of particular importance is the simplification of data processing affecting insured persons. As a first step, the health card should at the very least lighten the administrative burden of the insurance schemes and should thus lead to savings. It is therefore recommended that in the first place a card should be introduced as a means of identifying the insured persons, and that this would provide access to basic data (name, given name, health insurance organisation, type of insurance etc.). This card should be optional. In the longer term, a global system for the transfer and access of medical data could be developed. To this end, studies and investigations must be carried out in order to assess the advantages and disadvantages for the persons affected.
In our view a health card should not be introduced in a willy-nilly or arbitrary manner. It is absolutely essential that the data protection conditions be taken into consideration from the outset and that the basic right of the individual to self-determination in the information sphere be safeguarded comprehensively. And especially since it is not clear that the health card will automatically lead to a greater degree of respect for the personal rights of patients in the processing of personal data, particularly in the information flow between service providers (doctors, hospitals etc.) and insurance companies, we adopted a qualified position towards the scenarios which were presented at the conference. Special attention must be devoted to the contents of the card and to the purposes of its use. In this respect, the conditions listed below are essential prerequisites for the introduction of a health card:
- democratic basis: creation of the requisite legislative foundations in a formal act of parliament.
- respect of the individual's right to decide on his or her data. For this reason the card must be optional. Patients and insured persons who refuse the card must not be penalised or disadvantaged. In addition the patients/insured persons must be free to choose the type of card they want (insurance card and/or card with access to medical data).
- clear definition of the data stored on the card. The card must be designed as a means of identifying the patient or the insured, and where necessary to provide access to further databases; it must not contain medical data, but only administrative data and data required for the identification of the affected person.
- guarantee of transparency in the processing of personal data. The person affected must be comprehensively informed about the data stored on his or her card, the use of the data, the objectives aimed for and the persons who will have access to this information; they must also be fully apprised of the technical features of the card.
- guaranteed right of access by affected persons to their own data. Affected persons must at all times be able to access the card contents, the data stored in databases connected to the utilisation of the card, and the relevant processing operations. They must also be able to have false data corrected or deleted.
- clear definition of access rights in the event that the card is used in order to access databases. The access rights must be regulated in such a way as to permit the various participants to access only that data necessary to the carrying out of their own tasks, and must safeguard medical confidentiality.
- guarantee of data security when data is divulged and stored. configuration of the health card and processing of relevant data using easy to understand data protection technologies and pseudonyms, especially in data exchanges between service providers and insurance organisations.
We prefer a scenario that guarantees the voluntary use of the card. The Federal Government should have in its power the right to lay down the technical specifications of the card as well as the conditions pertaining to data protection and the selective access to the data.