Question for written answer
to the Commission
Rule 130
Alfred Sant (S&D)

Subject: Follow-up to Written Question E-000588/2017 on the right to oblivion for people who have suffered from a serious illness

Directive 95/46/EC and the General Data Protection Regulation do indeed ensure EU citizens’ right to oblivion. However, Written Question E-000588/2017 addresses not the general data protection framework, but how it applies to the specific circumstances of former patients.

Their records of a past serious illness allow insurance companies and banks to deny them terms offered to persons who have not suffered such an illness. Such discrimination often persists even several years after recovery. Preventing such discrimination at EU level would require substantial arrangements to be made. In a recent French regulation, for instance, a ‘reference grid’ is used to define, by pathology, the period after which former patients can subscribe to an insurance contract without surcharge or exclusion of guarantee.

In light of this, does the Commission intend to protect, in an equally comprehensive way at European level, the right to oblivion of former patients who have suffered from a serious illness?

Answer given by Ms Jourová on behalf of the Commission
The definition of the health policy and the organisation and delivery of health service and medical care are the responsibility of the Member States, which includes the management of health insurance and the allocation of resources assigned for this purpose according to Article 168 of the Treaty on the Functioning of the European Union. Matters of this sort should therefore be taken up with the competent authorities in the Member State concerned.

Insurance companies are in principle free to set their premiums and differentiate between policy holders as long as this is on the basis of risk-based criteria. In that respect, EU insurers also enjoy contractual freedom.

The processing of personal health records by economic operators such as insurance companies and banks for the purposes of their specific activities has to comply with the relevant data protection rules.(1) Health data is a special category of personal data under Article 9 of the General Data Protection Regulation and can be processed only if one of the situations listed in Article 9(2) of this regulation applies.

Without prejudice to the powers of the Commission as guardian of the Treaties, the supervision and enforcement of data protection legislation falls under the remit of national authorities, in particular data protection supervisory authorities and courts.(2)

(1) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and as from 25 May 2018 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance), OJ L 119, 4.5.2016, p. 1‐88.
(2) Articles 22 and 28 of Directive 95/46/EC and Articles 51 and 79 of Regulation (EU) 2016/679.

Maltese Version

Suġġett: Mistoqsija supplimentari għall-Mistoqsija bil-Miktub E-000588/2017 dwar id-dritt li tkun minsi għall-persuni li sofrew minn marda serja

Tweġiba(iet)
Id-Direttiva 95/46/KE u r-Regolament Ġenerali dwar il-Protezzjoni tad-Data tabilħaqq jiżguraw id-dritt taċ-ċittadini tal-UE li jkunu minsija. Madankollu, il-Mistoqsija bil-Miktub E-000588/2017 ma tindirizzax il-qafas ġenerali għall-protezzjoni tad-data, iżda kif dan japplika għaċ-ċirkustanzi speċifiċi ta’ dawk li xi darba kienu pazjenti. Ir-rekords dwar xi marda serja li seta’ kellhom fil-passat jippermettu lill-kumpaniji tal-assigurazzjoni u lill-banek iċaħħduhom mit-termini offruti lill-persuni li ma jkunux sofrew marda bħal din. Din id-diskriminazzjoni sikwit tippersisti anke għal bosta snin wara li l-persuna tkun irkuprat. Il-prevenzjoni ta’ diskriminazzjoni bħal din fil-livell tal-UE tirrikjedi li jsiru arranġamenti sostanzjali. F’Regolament Franċiż reċenti, pereżempju, tintuża “grilja ta’ referenza” għad-definizzjoni, skont il-patoloġija, tal-perjodu li, mal-iskadenza tiegħu, dawk li xi darba kienu pazjenti jkunu jistgħu jissottoskrivu kuntratt ta’ assigurazzjoni mingħajr ħlas addizzjonali jew esklużjoni ta’ garanzija.

Fid-dawl ta’ dan, beħsiebha l-Kummissjoni tipproteġi, b’mod ugwalment komprensiv fil-livell Ewropew, id-dritt li dawk li xi darba kienu pazjenti u sofrew marda serja jkunu minsija?

Tweġiba mogħtija mis-Sinjura Jourová f’isem il-Kummissjoni
Fir-rigward tad-definizzjoni tal-politika dwar is-saħħa u l-organizzazzjoni u l-għoti ta’ servizzi tas-saħħa u kura medika huma r-responsabbiltà tal-Istati Membri, li tinkludi l-ġestjoni ta’ assikurazzjoni tas-saħħa u l-allokazzjoni tar-riżorsi assenjati għal dan l-iskop skont l-Artikolu 168 tat-Trattat dwar il-Funzjonament tal-Unjoni Ewropea. Kwistjonijiet ta’ dan it-tip jinħtieġ li għalhekk jittieħdu mal-awtoritajiet kompetenti fl-Istat Membru kkonċernat.

Il-kumpaniji tal-assikurazzjoni huma fil-prinċipju liberi li jistabbilixxu l-primjums u jiddifferenzjaw bejn detenturi tal-polza sakemm dan ikun fuq il-bażi ta’ kriterji bbażati fuq ir-riskju. F’dan ir-rigward, l-assikuraturi tal-UE jgawdu wkoll mil-libertà kuntrattwali.

L-ipproċessar ta’ rekords tas-saħħa personali mill-operaturi ekonomiċi bħall-kumpaniji tal-assikurazzjoni u banek għall-finijiet ta’ attivitajiet speċifiċi tagħhom irid jikkonforma mar-regoli relevanti tal-protezzjoni tad-data(1). Id-data dwar is-saħħa hija kategorija speċjali ta’ data personali skont l-Artikolu 9 tar-Regolament Ġenerali dwar il-Protezzjoni tad-Data u tista’ tiġi pproċessata biss jekk waħda mis-sitwazzjonijiet elenkati fl-Artikolu 9(2) ta’ dan ir-Regolament tkun tapplika.

Mingħajr preġudizzju għas-setgħat tal-Kummissjoni bħala gwardjan tat-Trattati, is-superviżjoni u l-infurzar tal-leġiżlazzjoni dwar il-protezzjoni tad-data hija fil-kompetenza tal-awtoritajiet nazzjonali, b’mod partikolari l-awtoritajiet għas-sorveljanza tal-protezzjoni tad-data u l-qrati(2).

(1) Id-Direttiva tal-Parlament Ewropew u tal-Kunsill 95/46/KE tal-24 ta’ Ottubru 1995 dwar il-protezzjoni ta’ individwi fir-rigward tal-ipproċessar ta’ data personali u dwar il-moviment liberu ta’ dik id-data (ĠU L 281, 23.11.1995, p. 31) u mill-25 ta’ Mejju 2018, ir-Regolament (UE) 2016/679 tal-Parlament Ewropew u tal-Kunsill tas-27 ta’ April 2016 dwar il-protezzjoni tal-persuni fiżiċi fir-rigward tal-ipproċessar ta’ data personali u dwar il-moviment liberu ta’ tali data, u li jħassar id-Direttiva 95/46/KE (ir-Regolament Ġenerali dwar il-Protezzjoni tad-Data)(ĠU L 119, 4.5.2016, p. 1-88).
(2) L-Artikoli 22 u 28 tad-Direttiva 95/46/KE u l-Artikoli 51 u 79 tar-Regolament (UE) 2016/679.