Professional secrecy

Last reviewed
Professional secrecy

Belgium 28.07.2017 n/a
Czech Republic 29.06.2017 n/a
Denmark 29.06.2017 n/a
Finland 02.08.2017 The Working Group has proposed that the scope of current secrecy obligations set in the Personal Data Act would be extended to professional secrecy.
France 29.06.2017 n/a
Germany 07.08.2017 Yes - § 22 permits the processing of sensitive data if the processing is necessary for the purpose of, for example, preventive medicine, employee working capacity assessments, medical diagnosis, health and social care treatments, management of systems, agreements with health professionals (and their staff) where data is provided under the obligation of professional secrecy, and for reasons of public interest in the area of public health (as required, for example, to ensure high quality and security standards for health services, drugs or medical products). However, such processing is only possible if certain safeguards are taken to protect such data ("suitable and specific" safeguards).

§ 29(2) restricts the transmitting body's obligation to provide the data subject with information when transmitting data to lawyers etc.; § 29(3) protects persons subject to professional secrecy obligations and limits DPA access requests; § 13(4) binds the Federal Commissioner to secrecy.
Ireland  12.09.2017  The General Scheme envisages specific rules to facilitate disclosures by the Central Bank of Ireland to the Data Protection Commission.
Italy 28.06.2017 n/a
Netherlands 28.06.2017 n/a
Poland 01.08.2017 DPA's right of access to information and personal data will be limited by professional secrets.
Spain 27.07.2017 n/a
Sweden 17.07.2017 n/a
UK 07.08.2017 n/a