Confidentiality and privacy in medicine and scientific research : from bioethics to the law

Confidentiality and privacy in medicine and scientific research: from bioethics to the law Since the Hippocratic Oath, medical ethics and bioethics have been concerned with confidentiality and privacy. Thereafter, principialism has understood them as bioethical rules derived from bioethical rules derived from the autonomy understood as self-governance. Positive law is also concerned with them. Among the legal norms related to the topic, Argentinian Law 25,326, on protection of data because of their relationship with medical practice and research, stands out. It is grounded in habeas data, the constitutional guarantee that permits persons to request explanations from public or private bodies that have data or information regarding them, and in Article 19 of the National Congress.

Confidentiality and privacy in medicine and scientific research: from bioethics to the law http://dx.doi.org/10.1590/1983-80422015232062 Medical ethics and bioethics have dealt comprehensively with confidentiality and privacy, particularly in regard to the practice of medicine.We have to remember the Hippocratic Oath in which doctors are instructed in the following way: I will respect the privacy of my patients, for their problems are not disclosed to me that the world may know 1 .Since Hippocrates, although with ups and downs, there has been a struggle to respect these rights.Recently, statute law has dealt with them.Among the legal regulations related to this issue we emphasize the Argentinean law 25.326 2 of data protection which is grounded in the habeas data (HD).
In this work we propose to describe what is this regulation, its connection with the Bioethics rules of privacy and confidentiality and their application to the clinic experience and research activities.First, we will elucidate the concept of HD, its purpose, classes and exceptions.Then we will take care of the aforementioned national law of data protection and we will focus on those items of interest in its relationship with the medical practice and research.

The Concept of Habeas Data
HD is a Latin term that means "you have your data," "keep the information or data".It's a constitutional guarantee that allows people to seek explanations from public or private bodies that have data or information about them and thus find out what data is possessed, how they it has been obtained, why and for what it is kept.This warranty is based on article 19 of the national Constitution of Argentina 3 and was incorporated explicitly in the Constitutional reform of 1994, article 43 (3° paragraph), being later regulated by the law 25.326 of 2000 2 .
Active legitimization-who can claim -corresponds to any person, a natural or legal person, resident or inhabitant of the nation.Anyone can take knowledge of data referred to them and the aim of the data in order to demand the suppression, rectification, update or the confidentiality of that data, if they are false or discriminatory.The passive legitimization -who is claimed -corresponds to public databases and data banks intended to produce reports.Note that in the case of not public databases it is demanded that they are "intended to produce reports", which it's not the case when it comes to public databases Its purpose is to protect the right to privacy, but for some authors 4 the protected good is broader because disclosure could result in some cases in an economic or professional injury.The HD allows: 1) access to the register data; (2) updating of the information; (3) its correction; (4) the request that the information obtained legally, will be not publicly expose to third parties; (5) to cancel data on sensitive information (political ideology, religion, sexuality etc.) affecting privacy or that can be used to discriminate."Sensitive data" means those pieces of information that can reveal racial and ethnic origin, information referred to political opinions, religious, philosophical or moral beliefs, trade union membership and information relating to the health or sex life.

HD Classes and Exceptions
Based on the purpose, we can distinguish the following types of HD 1) Informative HD: allows to ask what data has the agency that owns it, how got it and for what they need it.As its name implies, it is informative because the organism that book data must inform us about it 2) HD rectifier: allows you to refresh the data or correct misinformation, this is to rectify the information residing therein; 3) confidential or preserving HD: allows you to apply the non public data exposure, make reservation of the data.
As every principle, and without prejudice to the above, there are exceptions to this warranty.Thus, the law 25.326establishes: 1. the managers or users of public data banks can, through informed decision, deny public access, rectification or suppression based on the defense of the nation, the order and security protection, or protection of the rights and interests of third parties.
2. information about personal data can also be refused by the managers or users of public databases, when thereby it could hinder judicial or administrative proceedings in progress linked to the investigation into tax or social security obligations, the development of control functions of the health and of the environment, the investigation of criminal offenses and the verification of administrative infractions.The resolution related to these topics must be established and notified to the affected.

Update Articles
Confidentiality and privacy in medicine and scientific research: from bioethics to the law http://dx.doi.org/10.1590/1983-80422015232062 to the records on the occasion in which the defendant has to exert his right of Defense 2 .
Other areas not covered by the warranty are: • Historical documentation consulted by scientists or researchers; • Documentation related to financial or commercial activity of a person; • Secret of the journalistic source.

Relevance to medicine and the research on the law 25.326
Before commenting on those aspects of the law that can be related with the practice of medicine and medical research, it should be remembered that Argentina is a federal State.Therefore, certain competencies are unique to the nation, others are of the provinces and of the autonomous city of Buenos Aires; some of them shared and other concurrent 5 .
In the case of the law which concerns us, the same rule in its article 44 states that only chapters I, II, III and IV, and article 32 are of public order and application in the relevant throughout the national territory.It invites the provinces to adhere to rules of this law that are in an exclusive application in national jurisdiction.Federal jurisdiction shall govern respect to records, files, databases or databases interconnected in networks of national, international or inter-jurisdictional scope 2 .Therefore, the content from the article 29 forward, and the content pertaining to organisms of control and sanctions is of local competition.
Article 5 th refers to the consent and states that the processing of personal data is illegal when the holder has not given her free consent, expressed and informed which shall indicate in writing, or by other means to be match him, according to the circumstances 2 .Such consent must be informed, that is, must be preceded of the information referred to the article 6 th .Among the information that must be supplied when personal data are collected should be mentioned: its purpose, who may be its recipients, whether stored or not in a file or record, who is responsible for it, the obligatory or optional nature of the replies to the questionnaire which it proposes, the consequences of providing the data, the refusal to do so or the inaccuracy of the same and the possibility of exercising the rights of access rectification and deletion of the data.
The regulation of Decree 1.558/016 6 in its article 5 th , clarifies that information will adapt to the social and cultural level of the person and that the monitoring body will establish requirements for the consent can be provided in a non-written form, which shall ensure the authorship and integrity of the Declaration.The consent to the processing of personal data may be revoked at any time.The revocation does not have retroactive effect.Also, the law excepts consent in certain cases, such as: when a) the data was obtained from sources of unrestricted public access; (b) is collected for the exercise of functions of the powers of the State or by virtue of a legal obligation; (c) in the case of listed whose data are limited to name, national document of identity, social security or tax ID, occupation, date of birth and place of residence; (d) derived from a scientific, professional or contractual relationship of the owner of the data, and necessary for their development or implementation; (e) in the case of operations that perform financial institutions and of the information received from its customers according to the provisions of article 39 of the law 21.526.We have highlighted the subsection "d" because at that point the medical activity enrolls 2 .Article 7 th categorizes data and establishes that no person may be required to provide sensitive data except those involving reasons of general interest authorized by law.Also they may be processed for statistical or scientific purposes when owners could not be identified 2 .We believe that the medical and epidemiological research could be considered in this section.
For its part, article 8 th makes explicit reference to data relating to health and says: the public or private health facilities and professionals linked to the health sciences can collect and treat the personal data relating to the physical or mental health of the patients who come to them or who are or have been under treatment, in compliance with the principles of professional secrecy 2 .This point is important in relation to the digitalization of clinical, practical history that little by little is imposed in our midst.However, note that the law requires respect to the professional secrecy and here is where efforts to comply with this requirement should be focused.So as article 9 th legislates on data safety: the responsible for or the user of the data file should take the technical and organizational measures that are necessary to ensure the security and confidentiality of personal data, to avoid its adulteration, loss, con-

Update Articles
Confidentiality and privacy in medicine and scientific research: from bioethics to the law http://dx.doi.org/10.1590/1983-80422015232062sultation or treatment not authorized, and that allow to detect deviations, intentional or not, information, whether that risks come from human action or of the technical means used.It is prohibited to register personal data files, registers or banks that do not meet technical conditions of integrity and security 2 .
In the same vein, article 10 th mentions the duty of confidentiality: persons involved in any phase of the processing of personal data are bound to professional secrecy with respect to the same.Such obligation shall continue even after his connection with the holder of the data file.Such obligation may be relieved of the duty of secrecy by judicial decision and when intercede reasons founded relating to public safety, national defense or public health 2 .
Finally, it is interesting to note that personal data may not be transferred to third parties unless any revocable consent of its holder, who must be informed about the purpose of the transfer and identification of the assignee.The assignee has the same legal and regulatory obligations of the assignor and responds jointly and severally by the observance of the same control organism and the owner of the data.
Following the art.11 of law 25.326 2 , consent is not required when: a) so it is disposed by the law; (b) in the cases referred to in article 5° paragraph 2; (c) It is made by units of the organs of the State directly, as the fulfillment of their respective responsibilities; (d) in the case of personal data relating to health, and is necessary for reasons of public health, emergency, or to carry out epidemiological studies, as long as it preserves the identity of the holders of data using appropriate dissociation mechanisms; (e) had been applied a dissociation of the information procedure, so that the holders of the data are unidentifiable.
Article 5 th paragraph 2 of the law 2 establishes that the consent shall not be required when: a) the data obtained from sources of unrestricted public access;

(b) are collected for the exercise of functions of the powers of the State or by virtue of a legal obligation; (c) in the case of listed whose data are limited to name, national document of identity, social security or tax ID, occupation, date of birth and place of residence; (d) derived from a scientific, professional or contractual relationship of the owner of the data, and necessary for their development or implementation; (e) in the case of operations that perform financial institutions and of the information received from its customers according to the provisions of article 39 of the law 21.526.
Article 12 of the law 2 refers to the international transfer of data and explicitly prohibits it when adequate levels of protection are not provided.There are still some exceptions, among them, the exchange of medical information, when so required by the treatment of the affected, or epidemiological investigation, as occurs under the terms of the subsection e) of the preceding article (article 11, paragraph e: when it had been applied a dissociation of the information procedure, so that the holders of the data are unidentifiable).
Article 31 st of the law 2 mentions administrative sanctions and penalties which, as we said at the beginning, will depend on the rules of each jurisdiction because of the federalism.For its part, article 32° is applicable nationwide and establishes criminal penalties, namely: 1. Is joined as article 117 bis of the criminal code, the following: ´1°.Shall be punished with imprisonment of one month to two years anyone who inserted or made knowingly inserting false information in a personal data file.
2°.The penalty will be from six months to three years, to anyone which provide to third parties information knowingly false contained in a personal data file.
3°.The penal scale will increase by half of minimum and maximum, when the fact is derived prejudice to any person.
4°.When the author or responsible for the illicit is a public official in the exercise of its functions, will apply the disqualification for the performance of public office twice as long as the conviction of accessory '.

Is joined as article 157 bis of the criminal code the following:
'Shall be punished with imprisonment of one month to two years anyone who: 1°. Knowingly and unlawfully, or through the violation of confidentiality and data security systems, will access, in any way, into a personal information bank; 2°. Reveals other information recorded in a personal data bank whose secret is obliged to preserve by provision of a law.
When the perpetrator is a public official will suffer, moreover, a punishment of special disqualification from one to four years.

Update Articles
Confidentiality and privacy in medicine and scientific research: from bioethics to the law http://dx.doi.org/10.1590/1983-80422015232062

Final considerations
The right to privacy should not only be understood from the legal point of view.Bioethics and, in particular, Principalism have worked to embody it as an ethical norm.Thus, from the principle of autonomy are derived the rules of privacy, confidentiality and informed consent, all closely linked with the legal norms that we have described.
The Principalism understands that the right to privacy safeguards access, by third parties and without the consent of the subject, to the information about a person, their belongings and intimate relationships with friends, partners and others.It has its main foundation in the autonomy, understood as self-government.Thus, an autonomous person has the right to not be observed, touched, etc. or to not get information about it or its intimate environment without their authorization; the invasion of privacy would threaten their autonomy.Furthermore, although the rule of confidentiality relates to the privacy, it is not exactly identical.Bioethics tells us that X information is confidential if and only if A reveals X to B and B promises to refrain from revealing X to any other person C without the consent of A 7 .
In the framework of ethical discipline usually distinguish between legal and legitimate, demanding ethical legitimacy to all legal regulations.Also, argues that people should behave correctly by moral conviction and not by the fear of punishment against a legal standard violated.Unfortunately this desideratum is infrequently accomplished in our midst and the legislators are forced to "reinforce", through legislation, the ethical imperatives that should guide our conduct.Thus, in the field of medicine, confidentiality has legal correlate with the obligation of professional secrecy defined in article 156 of the Criminal Code 8 .However, not always it is respected, justified its violation in the promotion of certain activities, indeed valuable, like medical education or research.
Here we enter a land of vague boundaries between individual rights and the rights of society, historically conflictive and marked by conflicting ideologies and thesis opposite on the theory of the State.The current trend, both legal and bioethical, is to prioritize the rights of patients and the staff in general.The Positive Law of the human rights, liberalism, and Kantian thought with his defense of the person as an end in itself, and never as a means for any purpose -for more commendable than that end out-, give basis to this bias.
Once again, we are quite aware that ethical point of view is different from the legal, and that is not always verified the correlation desired between them: many times the positive law is not ethical, and vice versa.But we also know that bioethics is a transdiscipline, with many tributary, like philosophy, anthropology, sociology, social communication and law, among others and that, as transdisciplinary knowledge, it can't be developed on a reductionist structure neither philosophical nor legal.We certainly advocate for a transdisciplinary construction 8 .
However, and without prejudice to the foregoing, in this work we ponder legal discourse because the reality of the members of the team of health (physician, nurses, members of bioethics committees) calls this speech in the decisions facing the concrete patient.At any time, the practicing of bioethics becomes very difficult to hold illegal but legitimate theoretical positions.We understand that this work gives concrete and binding tools (by its legality) so those who discuss real cases in practice, these are indeed useful tools.Thus, the bioethics of "desktop work" -theoretical, formal and abstract -is firmly planted in field of action.
Once we understood the need for legal tools to deal with specific cases, we hope that this paper motivates readers to investigate the same in their respective countries.The Argentina has long ties with Brazil and, together with other States, participates in the MERCOSUR.Thus, receives every year citizens of neighboring jurisdictions that decide to undertake their academic, work and personal lives in adjoining territory.The same is true of people who migrate from spot to spot temporarily for tourism.All of them are potentially "patient" and may be affected by the legislation of the country in which they find themselves as such.Add to this the large number of multi-center clinical studies carried out jointly in our countries.It did not escape from the logic that is an absolute request to know the legal framework surrounding such activity.