I v. Finland

Application No. 20511/03
Download Judgment: English
Country: Finland
Region: Europe
Year: 2008
Court: European Court of Human Rights
Health Topics: Health information
Human Rights: Right to privacy
Tags: Confidentiality, Disclosure, Electronic health information, Electronic health records, Health data, Health records, Medical records

The applicant was a nurse from 1989 to 1994 at the same public hospital where she sought treatment after being diagnosed as HIV-positive in 1987. All hospital staff had access to the patient register, which contained information on patients’ diagnoses. In 1992, the applicant became suspicious that her colleagues became aware of her diagnosis through unlawfully accessing her confidential patient record.

In 1996, the applicant asked the County Administrative Board to examine who had accessed her confidential medical file and was told that names were not recorded. The Board concluded that they could not rule on whether her confidential patient information was unlawfully accessed. In 2001, the applicant filed civil proceedings against the District Health Authority, and the District Court held that there was no firm evidence that the applicant’s patient record had been unlawfully accessed. The Court of Appeal affirmed this holding, and in 2002 the Supreme Court refused leave to appeal. The applicant then filed an application with the European Court of Human Rights, alleging violations of Article 8 of the Convention for the Protection of Human Rights and Fundamental Freedoms (“Convention”), which protects the right to private and family life.

The Court held that Finland violated Article 8 of the Convention. The Court noted that the Convention applies to public hospitals, and that patient files fall within the scope of Article 8 because the protection of personal data is fundamental to private life. The court also held that Article 8 places positive obligations on the government, including the adoption of measures designed to secure respect for private life.

The court found that guarantees for patient privacy did exist in Finnish law, but the government could not explain why these guarantees were not observed.  The court stated that the domestic courts should have given more weight to the government’s failure to comply with domestic law when deciding the applicant’s civil case.

The court found that the applicant lost her civil case because she faced the undue burden of proving a causal link between deficiencies in the regulation of privacy and dissemination of information about her medical condition. The court emphasized that it was only due to the applicant’s suspicions about an information leak that any control of data access was established, and these measures came too late to benefit the applicant. Thus, the applicant’s claim that her data was not secured against unauthorized access was upheld.

“Protection of personal data, in particular medical data, is of fundamental importance to a person’s enjoyment of his or her right to respect for private and family life as guaranteed by Article 8 of the Convention. Respecting the confidentiality of health data is a vital principle in the legal systems of all the Contracting Parties to the Convention. It is crucial not only to respect the sense of privacy of a patient but also to preserve his or her confidence in the medical profession and in the health services in general. The above considerations are especially valid as regards protection of the confidentiality of information about a person’s HIV infection, given the sensitive issues surrounding this disease. The domestic law must afford appropriate safeguards to prevent any such communication or disclosure of personal health data as may be inconsistent with the guarantees in Article 8 of the Convention.” Para. 38.

“The Court notes that the mere fact that the domestic legislation provided the applicant with an  opportunity to claim compensation for damages caused by an alleged unlawful disclosure of personal data was not sufficient to protect her private life. What is required in this connection is practical and effective protection to exclude any possibility of unauthorised access occurring in the first place.” Para. 47.