Pension providers and insurers can’t reject consumer requests for their personal medical information until they conduct a data-privacy audit, Denmark’s data regulator said.
The Nov. 25 decision by the Danish Data Protection Agency outlaws company policies that automatically reject such consumer requests but doesn’t require insurers and similar organizations to hand over the data. It could serve as influential guidance, even though interpretations of EU law by national data protection agencies are not legally enforceable across the bloc.
The decision “confirms that a medical analysis is personal data,” Michael Gorm Madsen, an attorney with Bird and Bird, said in an ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.