Abstract
This chapter provides a holistic general overview of the data protection regime in Turkey. Authors present the principal rights of data protection and transmission in health law and latent ethical concerns by specifying decisions of the Supreme Court in Turkey and the European Court of Human Rights on using personal data. The research describes data protection law for health care setting in Turkey. Primary and secondary data have been used for the study. The primary data includes the information collected with current national and international regulations or law. Secondary data include publications, books, journals, and empirical legal studies. Privacy and data protection regimes in health law show there are some obligations, principles, and procedures which shall be binding upon natural or legal persons who process health-related personal data.
TopBackground
There is a variety of instruments that allow authorities to use the health data or to set the barriers data sharing across international borders. In Turkey, for example, the protection of personal data depends primarily on the Law on Personal Data Protection (LPDP). This legislation numbered 6698 published at the Official Gazette dated 7 April 2016 has entered into force at the date of its publication. On the other hand, the General Data Protection Regulation (GDPR) was passed in the European Parliament and the European Council on 27 April 2016 as a Regulation on “the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data” (Regulation, 2016/679), after 6698 numbered law in Turkey. Law on Personal Data in Turkey, hence, is largely based on the European Union Data Protection Directive (also known as Directive 95/46/EC) instead of GDPR (Akıncı, 2017, p. 2). GDPR whose provisions became directly applicable in all EU addresses the protection of fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. Similarly, the LPDP presents set forth obligations, principles, and procedures for the privacy of personal data such as health-related data.
Until very recently, Turkey did not have specific legislation governing the protection of personal data. The situation has changed upon the enactment of the LPDP in 2016. This law has introduced solid principles of data protection in Turkey that are in line with compatible principles of European Union regulations (Republic of Turkey Prime Ministry Investment Support, 2017). In fact, a law on the protection of personal data was a step taken towards harmonizing the Turkish legislation with EU legislation. The LPDP was prepared based on Directive 95/46/EC on data protection. It is very similar to this Directive, however, it is not entirely the same and the differences in this law are deficiencies rather than improvements.
Key Terms in this Chapter
Health Data Management: It is a comprehensive process that includes managing, storing, collecting, sharing, protecting required health information in order to ensure managers to create holistic views of patients and enhance health outcomes.
Health Privacy: As a conceptual definition, it is to restrict or limit to access the individual’s protected health information or any status regarding health activities.
Health Data: Health data is every type of data related to health status, personal choice about selecting a treatment, health security or policy number, all kind of treatment reports, causes of death, socio-economic parameters regarding health and wellness, historical healthcare background such as diseases in past years, and this kind of information.
Electronic Health Record System: EHR is the digital form of recording, processing, and accessing to patient’s medical history such as diagnosis, laboratory reports, medications, clinical decisions.
Data Protection: It is an implementation that controls how information can be used or disclosed. In other words, data protection is a practice that safeguards some important data from corruption and loss.