Protection of participants' rights during the processing of health information


Both data protection legislation and health legislation provide rights for patients and other persons registered in the data. From the General Data Protection Regulation (GDPR), for example, it follows that those registered have rights related to: 

  • Right to information 
  • Right to access 
  • Right to rectification and erasure 
  • Right to limitation 
  • Right to protest 
  • Right to data portability 

Projects that process health and personal data are obliged to safeguard these rights. 

Normen has designed a separate guide for rights when processing health and personal data. The guide is intended to provide guidance to healthcare organizations on how the rights of those registered, including patients' rights as registered persons, can be safeguarded. Although Normen's guide is general and covers a lot of material, we recommend examining it for a comprehensive introduction to the rights of those registered in the healthcare sector and how they can be safeguarded. 

We also refer to the Faculty of Health at UiT for information on how to safeguard the rights of those registered in connection with research, and to the pages on [deviations and unwanted incidents] and [Consent and obligation to provide information​] which also address the protection of the rights of those registered. ​