Processing of Personal Data in Swedish Health Care and Biomedical Research

The first Swedish data protection legislation was introduced in 1973, when the Data Act entered into force. This Act governed the automated processing of files containing personal data, until it was replaced by the Personal Data Act, on 24 October 1998. The primary Swedish legislation implementing Directive 95/46/EC is thus the Personal Data Act, complemented by the Personal Data Ordinance. When it comes to using health-related personal information in biomedical research, there is first the matter of actually gaining access to the information. The Swedish Government observed quite early the increased need for protection of personal data, in relation to the developing information technology sector, and reacted to this need with legislative measures. Biobanks still constitutes a particularly sensitive activity, which should be subject to similar high standards for the protection of privacy and personal integrity as is required in Directive 95/46/EC, a special Act on Biobanks in Health Care was seen to be needed.