|Finland||02.08.2017||The Working Group has proposed that the scope of current secrecy obligations set in the Personal Data Act would be extended to professional secrecy.
|Germany||07.08.2017||Yes - § 22 permits the processing of sensitive data if the processing is necessary for the purpose of, for example, preventive medicine, employee working capacity assessments, medical diagnosis, health and social care treatments, management of systems, agreements with health professionals (and their staff) where data is provided under the obligation of professional secrecy, and for reasons of public interest in the area of public health (as required, for example, to ensure high quality and security standards for health services, drugs or medical products). However, such processing is only possible if certain safeguards are taken to protect such data ("suitable and specific" safeguards).
§ 29(2) restricts the transmitting body's obligation to provide the data subject with information when transmitting data to lawyers etc.; § 29(3) protects persons subject to professional secrecy obligations and limits DPA access requests; § 13(4) binds the Federal Commissioner to secrecy.
|Ireland||12.09.2017||The General Scheme envisages specific rules to facilitate disclosures by the Central Bank of Ireland to the Data Protection Commission.|
|Poland||01.08.2017||DPA's right of access to information and personal data will be limited by professional secrets.|