Realidad sobre la Privacidad de los Datos Personales en Costa Rica / Reality on the Privacy of Personal Data in Costa Rica

Resumen La privacidad está relacionada con cualquier información de la cual es dueña la persona, como por ejemplo, su nombre, su número de teléfono, su domicilio, su correo electrónico, sus fotografías o sus huellas dactilares, así como cualquier otro dato que sirva para identificarse, de manera que si se evidencia el acceso a los datos para una finalidad distinta a la requerida, su uso sería ilegítimo, incorrecto y la conducta, además de conllevar a consecuencias penales, civiles y disciplinarias, generaría secuelas administrativas, como multas o llamadas de atención, según determine la Agencia de Protección de Datos de los Habitantes (PRODHAB), por lo tanto, el presente artículo está relacionado con la privacidad y la protección de datos personales y su importancia en Costa Rica. Refleja un análisis de la capacidad que tiene una persona u organización para determinar qué datos de un sistema informático pueden ser compartidos por terceros; muestra, además, una serie de casos enfocados con personas acusadas desde diferentes ámbitos, ya sea mediante llamadas por acoso o bien porque les han publicado datos sin su autorización, por tal motivo, este documento presenta tanto la normativa relacionada como la Jurisprudencia aplicada por la Sala Constitucional, como recurso y teniendo como objetivo que toda persona conozca la legislación que existe, sobre qué información puede compartir y en caso de ser expuesta con datos no autorizados tener claro que el amparo de la Ley N° 8968 sobre: "Protección de la persona frente al tratamiento de sus datos personales" de orden público, y garantiza el respeto hacia sus derechos.

ABSTRACT Privacy relates to any information that a person owns, such as his or her name, telephone number, address, e-mail address, photographs or fingerprints, as well as any other identifying information, so that if access to the data is evidenced for a purpose other than that required, its use would be illegitimate, incorrect and conduct, in addition to leading to criminal, civil and disciplinary consequences, would generate administrative consequences, such as fines or calls for attention, as determined by the Data Protection Agency of Inhabitants (PRODHAB), therefore, this article is related to privacy and protection of personal data and its importance in Costa Rica. It reflects an analysis of an individual's or organization's ability to determine what data from a computer system can be shared by third parties; shows, in addition, a series of cases focused on people accused from different areas, either through calls for harassment or because they have published data without their authorization, for that reason, this document presents both the related legislation and the case law applied by the Constitutional Chamber, as a resource and with the aim that everyone knows the legislation that exists, on what information can share and if exposed with unauthorized data have clear that the protection of Law No. 8968 on: "Protection of the person against the processing of their personal data" of public order, and guarantees respect for their rights.

Saúde Móvel: desafios globais à proteção de dados pessoais sob a perspectiva do direito da União Europeia / Mobile health: global challenges to the protection of personal data from the perspective of European Union law / Salud móvil: desafíos mundiales en la protección de datos personalesdes de la perspectiva del Derecho de la Unión Europea

A saúde móvel ou mHealth – as práticas médicas e de saúde pública apoiadas por dispositivos móveis(telefones celulares, smartphones e tablets) – tem claro potencial para aumentar significativamente a qualidade e a eficiência dos cuidados de saúde. Contudo, constatam-se várias fragilidades na proteção dos dados pessoais utilizados nesse contexto. Este artigo tem como objetivo analisar os aspectos jurídicos mais importantes para que uma proteção efetiva dos dados pessoais na mHealth seja alcançada. Tendo este objetivo e, partindo das regras da União Europeia e das melhores práticas internacionais sobre a matéria, apresentamos uma série de pressupostos condensados em três eixos: maior responsabilidade de todos os atores envolvidos no tratamento de dados mHealth; maior transparência na forma como os dados são tratados, compartilhados e reutilizados; e maior controle dos usuários das tecnologias e da utilização de seus dados. O artigo procura contribuir com um panorama global a fim de levantar as reflexões para a criação e a validação de políticas locais.

The mobile health or mHealth – medical and public health practices supported by mobile devices (cellphones, smartphones and tablets) – has the potential to significantly increase the quality and efficiency of health care services. However, the field has several weaknesses in terms of user personal data in this context. This article aims to analyze the most important legal aspects for an effective protection of personal data in mHealth. Having this objective and, based on the EU rules and best international practices in this field, we presented a series of assumptions that are condensed into three areas: greater responsibility of all actors involved in the treatment of mHealth data; greater transparency in how the data are processed,shared and reused; and greater control of users of the technologies and how their data is used. The paperseeks to contribute to an overview of the challenges in order to raise the discussions for the creation and validation of local policies.

La salud móvil – prácticas médicas y de salud pública compatibles con los dispositivos móviles (teléfonos celulares, teléfonos inteligentes y tablets) – tiene el potencial de aumentar significativamente la calidady eficiencia de los servicios de atención de la salud. Sin embargo, el campo tiene varios puntos débiles en términos de datos personales del usuario en este contexto. Este artículo tiene como objetivo analizar los aspectos legales más importantes para una efectiva protección de los datos personales en la salud móvil.Teniendo este objetivo y, en base a las normas de la UE y las mejores prácticas internacionales en este campo,hemos presentado una serie de supuestos que se condensan en tres áreas: una mayor responsabilidad de todos los actores involucrados en el tratamiento de los datos de salud móvil; una mayor transparencia en cómo se procesan los datos, compartir y reutilizar; y se utiliza un mayor control de los usuarios de las tecnologías y cómo sus datos. El trabajo busca contribuir a una visión general de los retos a fin de elevar las discusiones para la creación y validación de las políticas nacionales.

Digital signature of electronic dental records.

INTRODUCTION: The purpose of this article is to examine the feasibility of digital signature technology to guarantee the legal validation of electronic dental records. METHODS: The possible uses of digital signature technology, the actual use of digital signature technology to authenticate electronic dental records, the authentication of each part of the electronic dental record, the general legal principles involved, how to digitally sign electronic dental record files, and the limitations of this method are discussed. RESULTS AND CONCLUSIONS: It is possible to obtain electronic dental records that carry the same legal certainty as conventional, nonelectronic records. For this purpose, each part of the electronic dental records should be digitally signed by the author of the document.

The public health information infrastructure. A national review of the law on health information privacy.

Our objectives were to review and analyze the laws in the 50 states, the District of Columbia, and Puerto Rico that regulate the acquisition, storage, and use of public health data and to offer proposals for reform of the laws on public health information privacy. Virtually all states reported some statutory protection for governmentally maintained health data for public health information in general (49 states), communicable diseases (42 states), and sexually transmitted diseases (43 states). State statutes permitted disclosure of data for statistical purposes (42 states), contact tracing (39 states), epidemiologic investigations (22 states), and subpoena or court order (14 states). The survey revealed significant problems that affect both the development of fair and effective public health information systems and the protection of privacy. Statutes may be silent about the degree of privacy protection afforded, confer weaker privacy protection to certain kinds of information, or grant health officials broad discretion to disseminate personal information. Our proposals for law reform are based on a meeting of experts at the Carter Presidential Center under the auspices of the Centers for Disease Control and Prevention and the Council of State and Territorial Epidemiologists: (1) an independent data protection commission should be established, (2) health authorities should justify the collection of personally identifiable information, (3) subjects should be given basic information about data practices, (4) data should be held and used in accordance with fair information practices, (5) legally binding privacy and security assurances should attach to identifiable health information with significant penalties for breach of these assurances, (6) disclosure of data should be made only for purposes consistent with the original collection, and (7) secondary uses beyond those originally intended by the data collector should be permitted only with informed consent.

Electronic databases and privacy protection: issues for a free society.

More efficiently managed programs of health insurance claims processing and remittance with reduced costs and paperwork burdens hold out the potential for increased benefits to subscribers and health insurers alike. The computer/telecommunications systems and databases by which these efficiencies may be realized also hold great promise for improved services in other arenas. Early and candid recognition of the equally great potential for danger and abuse in those systems and the technology can guide the development and implementation of appropriate and necessary safeguards to individual privacy and to a democratic society in concert with system design.