Share This Article
The Italian Data Protection Authority has published guidelines on the processing of personal data on health-related websites which provide stringent requirements.
Websites, forum, blogs but even social networks that are dedicated to health-related issues provide advice, exchange of information and contain comments from users that in some cases can reveal very sensitive data about their health conditions and users need to be adequately informed of the risks of disclosing such data.
For this purpose the Italian Data Protection Authority has required that if a registration is required to the website, a privacy stratement is previously provided and specifically accepted by them mentioning therein, among others, which data are necessary to participate to the activities performed on the website and the term for which such data will be stored.
Also, regardless of whether or not a registration is required, users shall be notified with a warning informing them of the risks that they can face disclosing their sensitive data or third parties’ sensitive data, including photos or videos, which can lead to their identification and whether their data are indexed or not by search engines and whether they are accessible only by the registered users of the website or by any Interner user. Likewise, users should be encouraged for instance to use nicknames and to be prudent in disclosing excessively specific personal data to avoid their identification.
It is good to mention that these guidelines do not apply to websites aimed at providing remote medical assistance dedicated to patients for which as reported in a previous post however other relevant privacy issues might arise.
(Visited 1 times, 1 visits today)
