Data Protection Policy
In the Danish Health Data Authority, we process personal data in various contexts. Here, you can read how we collect, process and protect your personal information.
We process information about you if you have been in contact with the Danish Health Data Authority or if we need to do so in order to provide one of our regulatory services.
When the Danish Health Data Authority processes personal data as part of our provision of regulatory services, we are normally the data controller of these data. The Danish Health Data Authority is also data controller in regard to the processing of personal information about you when you have been in contact with the Authority.
Tasks and responsibilities of the Danish Health Data Authority
The Danish Health Data Authority is an agency under the Danish Ministry of the Interior and Health. The main tasks of the Authority are provided for in Paragraph 220a of the Danish Health Act.
The main task of the Danish Health Data Authority is to support the healthcare area by collecting and making available healthcare information for healthcare professionals, decision makers and citizens. We ensure digital coherence and create digital solutions to the benefit of citizens, patients and healthcare professionals; and for management, statistical and scientific purposes in the healthcare and elderly care sectors.
We are responsible for operating various databases, registers and services, which contain data on healthcare treatments and the health and medicines consumption of the Danish population. Some of this data include personal information that is recorded in connection with patient treatments at hospitals, in municipalities and with general practitioners and reported to the Authority.
Principles guiding the collection of personal data
We collect personal data only for legal purposes and we only collect information needed to comply with the specific objective in question.
Most of the personal data we process are based on other legal provisions than the Danish Data Protection Act - i.e. the Danish Healthcare Act, the Danish Medicines Act and the Danish Tissue Act.
Safe storage and processing of personal data
The Danish Health Data Authority has in place a range of measures to keep your personal data safe when they are being processed by our staff. The safety measures mean that the staff of the Danish Health Data Authority have access to your personal data only when they need access to complete their work tasks. Additionally, staff who work with personal data need to complete annual courses on information security and data protection.
In some cases, we ask other suppliers to complete tasks on behalf of the Authority. We do this to be able to present your data to you on sundhed.dk or to operate the Shared Medication Record. When we cooperate with suppliers, we enter into a so-called data processing agreement with the suppliers to ensure that any data processing is done exclusively as instructed by the Danish Health Data Authority.
Thus, the suppliers only use the data to perform a specific task for the Danish Health Data Authority. Once the suppliers task is completed, the data is deleted and/or returned to the Danish Health Data Authority.
Do you have any questions?
If you have any questions about our processing of personal data or about your rights in this respect, please contact us by sending a mail via Borger.dk.
Choose 'Digital Post'. In the 'Recipient field, you need to select 'Sundhedsdatastyrelsen' and in the 'Kategori' field you need to select 'Databeskyttelse'.
You may also contact our Data Protection Officer by writing to firstname.lastname@example.org. The Data Protection Officer is employed with the department of the Danish Ministry of the Interior and Health. The Officer's tasks include providing advice to the agencies on data protection and data protection provisions.
Lodging a complaint with the Danish Data Protection Agency
You are entitled to lodge a complaint with the Danish Data Protection Agency if you are dissatisfied with our processing of your personal data. You will find more information about your rights at the website of the Danish Data Protection Agency. The website also provides the contact information of the Danish Data Protection Agency.