Social Affairs Minister Joller Refuses to Audit Health Data Sharing with Police

Social Affairs Minister Karmen Joller has no plans to initiate an audit to check whether the Health and Welfare Information Systems Centre (TEHIK) has legitimately released health data to police investigators. To date, data has been shared on the basis of a case number and a request alone, without additional control mechanisms. Critics have raised questions about whether this practice complies with data protection principles.

Social Affairs Minister Karmen Joller (Reform Party) has decided not to initiate an audit to determine whether the Health and Welfare Information Systems Centre (TEHIK) has legitimately released citizens' health data to police investigators. So far, data has been shared solely on the basis of a case number and the submission of a request, without any additional safeguards.

The issue has raised concerns in the data protection sector, as health data is classified as particularly sensitive personal information and its processing should take place according to strict rules. Critics argue that merely providing a case number may not be a sufficient basis for releasing an individual's health data, and an audit would have been an appropriate way to verify the legitimacy of the practice.

The ministry's position is that the current procedure complies with legal requirements and that initiating a separate audit is not necessary. Nevertheless, the question remains unresolved: how is the justification for each individual data request ensured, and what oversight mechanism exists if health data is requested disproportionately or without a clear need.