Hospital Visits

THE ROTUNDA HOSPITAL UPDATE ON NOMINATED COMPANIONS: THE POWER OF COLLECTIVE ACTION

Further to our post of 25th and 7th November (as below) on challenging The Rotunda Hospital’s Covid Pass requirement for nominated companions this policy has now been REVERSED. This demonstrates the power of collective action. Well done to everyone who took action to challenge this policy by lodging the complaint as below to the HSE, Data Protection Commissioner and The Rotunda.

The Rotunda state that they will still ask partners about their vaccination status in order to ‘encourage such vaccination’. It is highly questionable that requesting the details of a person’s sensitive health data by security in order to ‘encourage’ vaccination provides a legal basis for processing such sensitive health details under Article 9 and 6, of the General Data Protection Regulation (GDPR) 2018. A nominated companion can therefore respond, if asked, at the entrance by stating that the Rotunda Hospital Data Protection Officer must firstly demonstrate in writing a legal basis under Article 6 and 9 GDPR for this request for sensitive health data relating to vaccination status.

The updated policy on The Rotunda’s website states that as from 29th November:

‘In line with the latest HSE guidance on access to hospitals, which includes standards for partners (Nominated Support Persons) who may accompany maternity patients, and in response to the recent marked increase in community transmission of Covid-19, the Rotunda is modifying its access arrangements for those attending the hospital, with effect from Monday November 29, 2021.

One named, nominated companion may join for labour & birth, on inpatient wards, booking visit, 20-22 week anomaly scan, early pregnancy assessment scans, and the emergency room.

For other routine Outpatient Appointments, we ask that patients attend alone. For Paediatric Outpatients Appointments, we ask that one parent attend with their child.

Unfortunately we cannot allow extended family members, or children to attend or visit.

We continue to strongly recommend that all pregnant patients take a Covid-19 vaccine, as well as a vaccine booster when eligible, and that all partners also take a Covid-19 vaccine. In order to encourage such vaccination, our front door staff will continue to ask partners about their vaccination status’

OUR POST OF 25TH NOVEMBER:

URGENT CHALLENGE TO THE ROTUNDA HOSPITAL’S POLICY that nominated companions visiting the Hospital will be requested to provide a COVID pass from 1st December under EU privacy law (GDPR)

We refer to our post on 7th November about collectively challenging this policy and the submission we drafted to send to the Data Protection Commissioner, the Rotunda Hospital and HSE. We have received a great response and we have been asked if we could re-post this submission so that as many as possible challenge the covid pass policy.

We have been asked if anyone can send the submission or do they need to be personally affected by the policy. The Rotunda is a public hospital and is under an obligation to adhere to human rights and equality law. They are answerable to the public for their actions. They must also demonstrate the necessity and proportionality of any covid pass scheme taking into account the risk of discrimination and balance of harm test.

You should send the complaint to the Data Protection Commissioner, the Rotunda and the HSE (email addresses provided).

We would also suggest you circulate this submission within your local groups to lobby TDs to stand up publicly to denounce this measure on the grounds that it breaches EU privacy law and Article 7 of the EU Charter of Fundamental Rights and Article 8 of the European Convention on Human Rights, the right to private and family life.

If you have any queries email us on lawyersforjustice@yahoo.com.


Insert Address

For the Urgent Attention of Helen Dixon

Data Protection Commissioner

Data Protection Commission

21 Fitzwilliam Square South

Dublin 2

DO2 RD28

Insert Date

dpo@dataprotection.ie

Dear Ms Dixon

Re: Complaint against the Rotunda Hospital, Dublin

I am writing to request that the Data Protection Commissioner as Supervisory Authority for Ireland take urgent action to investigate The Rotunda Hospital Dublin for implementing a policy that nominated companions are required to provide a Covid Pass to gain access to the hospital from 1st December. I have forwarded a copy of this letter to the Rotunda Hospital and to the HSE.

The Rotunda Hospital recently published the following policy on their website:

‘The National Public Health Emergency Team has recently recommended that the COVID Pass/Certificate’ be adopted as a requirement for visitation to healthcare settings.

With this in mind, nominated companions visiting the Hospital will be requested to provide their COVID pass as part of our safety screening process at our front entrance, from 1st December’.

The Data Protection Commissioner will be aware that there is no legislation underpinning this requirement as the Health Amendment (No 2) Act 2021 and the governing SI 385 of 2021, as extended, does not extend to health care settings. The Rotunda Hospital has therefore implemented this policy without firstly demonstrating a legal basis for implementing a Covid Pass requirement under Article 6 and 9 of the General Data Protection Regulation, 2018 (GDPR).

As the Rotunda Hospital have not cited the source of NPHET’s recommendation, one can only surmise that they are referring to the contents of the latest letter from Tony Holohan, Chief Medical Officer, to Stephen Donnelly TD dated 18th October. At Page 7 it states that:

‘…..Given the current trajectory of the disease, the NPHET strongly recommends that:

…..subject to operational feasibility that the COVID pass be adopted as a requirement for visitation to healthcare settings with a provision for exemptions on compassionate grounds..’

What is deeply concerning about this recommendation is that NPHET do not expand on their reference to the ‘operational feasibility’ of implementing such a Covid pass policy at healthcare settings for visitors. They are also silent on whether this applies to nominated companions at maternity hospitals. It is unclear why the Rotunda Hospital implemented this policy as it is clearly arguable that there are compassionate grounds for exempting ALL nominated companions at maternity hospitals.

It is not clear whether the Data Protection Commissioner was consulted under Article 36(4) GDPR prior to NPHET publishing this most recent recommendation on adopting Covid passes for visitations to healthcare settings. Perhaps the Data Protection Commissioner will confirm if any consultation took place with NPHET in terms of the ‘operational feasibility’ of implementing such a Covid pass policy. What is also uncertain is whether The Rotunda Hospital have complied under Article 35 (1) to (7) GDPR to conduct and publish a Data Protection Impact Assessment (DPIA) prior to publishing this policy. The DPIA should clearly address the necessity and proportionality of the measure taking into account the safeguards in place to protect the rights and freedoms of the data subject, including the balance of harm and prohibition of discrimination. The risks to the rights and freedoms of natural persons are enshrined in Recital 75 of GDPR which pays particular attention to data concerning health.

In addition, and irrespective of the above, the State in publishing the public health measures have not demonstrated a lawful basis for the extension of the EU Digital Covid Certificate to hospitals under (EU) 2021/953 of the European Parliament and of the Council of 14 June 2021. Indeed, the European Data Protection Board – European Data Protection Supervisor Joint Opinion 04/2021 on the Proposal for a Regulation of the European Parliament and of the Council on a framework for the issuance, verification and acceptance of interoperable certificates on vaccination testing and recovery to facilitate free movement during the COVID-19 pandemic (Digital Green Certificate) Version 31 March 2021 at Page 8 states that the legal basis for any further processing of the EU Digital Covid Certificate will depend on its compatibility with the legal basis set out in its primary purpose at EU level.

I have no doubt that the Data Protection Commissioner after scrutinising the Joint Opinion and the Recitals to (EU) 2021/953 will conclude that the EU Parliament never intended for the EU Digital Covid Certificate to be used on a domestic basis by Member States for access to hospitals.

The Data Protection Commissioner will be aware that a Data Controller cannot simply rely on Section 53 and Article 9(2)(i) GDPR, public interest reasons for the area of public health without firstly demonstrating compliance with safeguards, particularly professional secrecy. I would ask the Data Protection Commissioner as Supervisory Authority to therefore also ascertain what processes the Rotunda Hospital have in place to satisfy the criteria of professional secrecy in relation to checking Covid passes with specific reference to Section 73(1)(vi) (i) to (ii) of the Data Protection Act 2018.

The denial of access to maternity hospitals for accompanying partners breaches Article 7 of the EU Charter of Fundamental Rights and Article 8 of the European Convention of Human Rights, respect for private and family life. In light of the emerging worldwide scientific evidence that Covid-19 vaccinations do not prevent transmission, there is no objective justification to interfere with an accompanying partner’s right to private and family life because of their vaccination status.

I look forward to hearing from you as a matter of great urgency. Please note that I intend to consult my solicitor on action including urgent action in this matter.

Yours sincerely

_____________

Signed

cc. dpo@rotunda.ie

hcai.amrteam@hse.ie



URGENT CHALLENGE TO THE ROTUNDA HOSPITAL’S POLICY

Rotunda’s Hospital Policy nominated companions visiting the Hospital will be requested to provide a COVID pass from 1st December under EU privacy law (GDPR)

We refer to our post on 7th November about collectively challenging this policy and the submission we drafted to send to the Data Protection Commissioner, the Rotunda Hospital and HSE. We have received a great response and we have been asked if we could re-post this submission so that as many as possible challenge the covid pass policy.

We have been asked if anyone can send the submission or do they need to be personally affected by the policy. The Rotunda is a public hospital and is under an obligation to adhere to human rights and equality law. They are answerable to the public for their actions. They must also demonstrate the necessity and proportionality of any covid pass scheme taking into account the risk of discrimination and balance of harm test.

You should send the complaint to the Data Protection Commissioner, the Rotunda and the HSE (email addresses provided).

We would also suggest you circulate this submission within your local groups to lobby TDs to stand up publicly to denounce this measure on the grounds that it breaches EU privacy law and Article 7 of the EU Charter of Fundamental Rights and Article 8 of the European Convention on Human Rights, the right to private and family life.

Find TD’s here:

https://www.oireachtas.ie/en/members/

https://www.whoismytd.com/


Insert Address

For the Urgent Attention of Helen Dixon

Data Protection Commissioner

Data Protection Commission

21 Fitzwilliam Square South

Dublin 2

DO2 RD28

Insert Date

dpo@dataprotection.ie

Dear Ms Dixon

Re: Complaint against the Rotunda Hospital, Dublin

I am writing to request that the Data Protection Commissioner as Supervisory Authority for Ireland take urgent action to investigate The Rotunda Hospital Dublin for implementing a policy that nominated companions are required to provide a Covid Pass to gain access to the hospital from 1st December. I have forwarded a copy of this letter to the Rotunda Hospital and to the HSE.

The Rotunda Hospital recently published the following policy on their website:

‘The National Public Health Emergency Team has recently recommended that the COVID Pass/Certificate’ be adopted as a requirement for visitation to healthcare settings.

With this in mind, nominated companions visiting the Hospital will be requested to provide their COVID pass as part of our safety screening process at our front entrance, from 1st December’.

The Data Protection Commissioner will be aware that there is no legislation underpinning this requirement as the Health Amendment (No 2) Act 2021 and the governing SI 385 of 2021, as extended, does not extend to health care settings. The Rotunda Hospital have therefore implemented this policy without firstly demonstrating a legal basis for implementing a Covid Pass requirement under Article 6 and 9 of the General Data Protection Regulation, 2018 (GDPR).

As the Rotunda Hospital have not cited the source of NPHET’s recommendation, one can only surmise that they are referring to the contents of the latest letter from Tony Holohan, Chief Medical Officer, to Stephen Donnelly TD dated 18th October. At Page 7 it states that:

‘…..Given the current trajectory of the disease, the NPHET strongly recommends that:

…..subject to operational feasibility that the COVID pass be adopted as a requirement for visitation to healthcare settings with a provision for exemptions on compassionate grounds..’

What is deeply concerning about this recommendation is that NPHET do not expand on their reference to the ‘operational feasibility’ of implementing such a Covid pass policy at healthcare settings for visitors. They are also silent on whether this applies to nominated companions at maternity hospitals. It is unclear why the Rotunda Hospital implemented this policy as it is clearly arguable that there are compassionate grounds for exempting

ALL nominated companions at maternity hospitals.

It is not clear whether the Data Protection Commissioner was consulted under Article 36(4) GDPR prior to NPHET publishing this most recent recommendation on adopting Covid passes for visitations to healthcare settings. Perhaps the Data Protection Commissioner will confirm if any consultation took place with NPHET in terms of the ‘operational feasibility’ of implementing such a Covid pass policy. What is also uncertain is whether The Rotunda Hospital have complied under Article 35 (1) to (7) GDPR to conduct and publish a Data Protection Impact Assessment (DPIA) prior to publishing this policy. The DPIA should clearly address the necessity and proportionality of the measure taking into account the safeguards in place to protect the rights and freedoms of the data subject, including the balance of harm and prohibition of discrimination. The risks to the rights and freedoms of natural persons are enshrined in Recital 75 of GDPR which pays particular attention to data concerning health.

In addition, and irrespective of the above, the State in publishing the public health measures have not demonstrated a lawful basis for the extension of the EU Digital Covid Certificate to hospitals under (EU) 2021/953 of the European Parliament and of the Council of 14 June 2021. Indeed, the European Data Protection Board – European Data Protection Supervisor Joint Opinion 04/2021 on the Proposal for a Regulation of the European Parliament and of the Council on a framework for the issuance, verification and acceptance of interoperable certificates on vaccination testing and recovery to facilitate free movement during the COVID-19 pandemic (Digital Green Certificate) Version 31 March 2021 at Page 8 states that the legal basis for any further processing of the EU Digital Covid Certificate will depend on its compatibility with the legal basis set out in its primary purpose at EU level.

I have no doubt that the Data Protection Commissioner after scrutinising the Joint Opinion and the Recitals to (EU) 2021/953 will conclude that the EU Parliament never intended for the EU Digital Covid Certificate to be used on a domestic basis by Member States for access to hospitals.

The Data Protection Commissioner will be aware that a Data Controller cannot simply rely on Section 53 and Article 9(2)(i) GDPR, public interest reasons for the area of public health without firstly demonstrating compliance with safeguards, particularly professional secrecy. I would ask the Data Protection Commissioner as Supervisory Authority to therefore also ascertain what processes the Rotunda Hospital have in place to satisfy the criteria of professional secrecy in relation to checking Covid passes with specific reference to Section 73(1)(vi) (i) to (ii) of the Data Protection Act 2018.

The denial of access to maternity hospitals for accompanying partners breaches Article 7 of the EU Charter of Fundamental Rights and Article 8 of the European Convention of Human Rights, respect for private and family life. In light of the emerging worldwide scientific evidence that Covid-19 vaccinations do not prevent transmission, there is no objective justification to interfere with an accompanying partner’s right to private and family life because of their vaccination status.

I look forward to hearing from you as a matter of great urgency. Please note that I intend to consult my solicitor on action including urgent action in this matter.

Yours sincerely

_____________

Signed

cc. dpo@rotunda.ie

hcai.amrteam@hse.ie


Email us on lawyersforjustice@yahoo.com for further assistance


Create your website with WordPress.com
Get started