We are now able to report two successful conclusions:
As reported in our blog of 30 June, §203 StGB [Criminal Code] has been changed.
A medical practitioner can now, for instance, conclude an ADV [Order data processing] contract (in future: AV [Order processing] contract) with an IT service provider without the risk of prosecution. The prerequisite is that he must ensure that the service provider or his staff are obligated to confidentiality.
We are pleased that we were able to have proposals of the AK Medizin [Medical WG] in cooperation with the BvD Board included in the legislative procedure to considerably improve the original draft.
This type of obligation to secrecy could be included in the new model AV health care agreement.
The present associations together with the DKG [German Hospital Society] have now adapted this to comply with the GDPR.
I am very pleased that our good and constructive cooperation has now culminated in a model AV agreement that covers the requirements of health care and is also supported by IT producers, data protection officers and the DKG – and all of this compliant with the GDPR! There is also support for the handling of existing agreements.
Find all the documentation at: https://www.bvdnet.de/arbeitskreis-medizin/
Barbara Stöferle, AK-Medizin spokesperson