Ingresar
Role of Insurance Companies Regarding Personal Health Data
By Pedro Córdova Balda, María Paula Arellano & Gabriela Holguín, Robalino
The Superintendence for the Protection of Personal Data (SPDP) issued a response to a citizen inquiry about the role of insurance companies when accessing patients' medical information provided by healthcare providers—specifically in situations where such information is transferred at the explicit request of the patient, without any contractual relationship between the healthcare provider and the insurer.
Inquiry:
Should insurance companies be considered data processors under Article 34 of the Personal Data Protection Law (LOPDP) when they access patient data collected and transmitted by a healthcare provider, if this transmission is carried out on behalf of and at the request of the insured patient—that is, without a contractual relationship existing between the healthcare provider and the insurer?
The SPDP clarifies that healthcare providers are data controllers of the personal data they collect and process in the provision of medical services.
Insurance companies that receive this information at the direct request of the data subject (the patient) and without a contractual relationship with the healthcare provider, initially act as recipients of the data.
However, once these insurers process the data for their own purposes related to their business activities, they assume the role of data controllers, as they determine the purposes and means of processing the personal data.
For more details, the full inquiry can be viewed here.
Robalino
Robalino: Innovation and Excellence in Ecuador
Robalino stands out in the Ecuadorian legal advisory landscape as a pioneering firm in merging legal services with consulting. With a disruptive approach and a forward-thinking vision, the firm has quickly positioned itself as a strategic ally for businesses of all sizes and sectors, serving a broad range of clients, from startups to large multinational corporations.
What sets Robalino apart?
Continuous Innovation: Robalino goes beyond traditional legal services. Through continuous innovation, it explores areas typically outside the legal sector, such as social impact financial agreements and personal data protection from a technological standpoint, demonstrating adaptability in a changing world.
Comprehensive Expertise: The firm offers a full spectrum of legal services, from advising on the protection of intangibles to compliance and defense regarding clients’ assets. Its multidisciplinary team ensures personalized and effective solutions.
Client Focus: Robalino supports its clients at every stage of their development, providing strategic advice and protecting their most valuable assets, both tangible and intangible.
Global Perspective: With strong expertise in international transactions, Robalino has established itself as a reference on the global stage, advising companies on operations beyond Ecuador’s borders.
Our Key Strengths
Protection of Intangible Assets: Robalino is the ideal partner for companies seeking to properly register and protect their trademarks, patents, industrial designs, and other intangible assets.
Strategic Advisory: Robalino offers a strategic approach, enabling clients to make informed decisions and optimize their operations from both a legal and business consulting perspective.
Innovation and Adaptation: The firm stays at the forefront of current trends, offering innovative solutions tailored to each client's specific needs.
Robalino provides exceptional advisory services. Its commitment to excellence, innovation, and client satisfaction has established it as a market leader in Ecuador. The firm is also recognized internationally.