The term data protection refers to all regulations that have as their object the collection, storage, transmission or other processing of personal data. The purpose of data protection regulations is to protect against misuse of personal data and to safeguard the right to informational self-determination. Data protection norms are scattered in a multitude of laws. Within the EU, the GDPR applies, which has binding effect in all EU Member States. The GDPR came into force in 2018 and is the most important set of rules on data protection in these countries, national provisions only have complementary effect.
Data protection is becoming more and more important for every individual, including – or, rather, particularly – in the area of health. Our digital and automated life creates new types of attack surfaces that harbour the danger of the “transparent person”. External access is threatened by the use of digital technologies such as PCs, wearables, smartphones and internet-based software such as apps, through which a lot of personal data is entered and can fall into the wrong hands. Data have become a new currency with economic value. Data analysis has great potential for medical research. However, new technologies must always be measured against ensuring that the rights of individuals to their data are adequately safeguarded.