arrow

back

post

Obligation to Maintain Price Records vs. Physician Confidentiality

A recent decision of the Supreme Administrative Court resolves the conflict between the statutory confidentiality of healthcare professionals and the obligation to keep and maintain price records. Which information doctor can (not) include on a bill? And what do they have to prove to the tax office?

In a recent decision, the Supreme Administrative Court (Case No. 2 As 253/2022 of 26 September 2023) dealt, inter alia, with the issue of the statutory duty of confidentiality imposed on healthcare professionals and the protection of patients’ data concerning the obligation to keep and maintain price records pursuant to Section 11 of Act No. 526/1990 Coll., on prices (hereinafter referred to as the “Price Act”).

The essence of the dispute and the court’s conclusions are summarized in this article.

Applicable law and arguments od the parties

The prices of the healthcare services provided to participants of public health insurance and not covered by this insurance are subject to the price regulation rules under Section 6(1)(c) of the Prices Act, i.e. they are so-called materially oriented prices, based on a decision of the Ministry of Health.

According to the Act on Prices, the prices of dentists and dental hygienists for health services not covered by health insurance must be formed (calculated) according to a binding procedure set out in the price regulations of the Ministry of Health. In the case of the complainant – a provider of dental and dental hygiene services – this was Ministry of Health Price Regulation No 1/2019/DZP.

Section 11 of the Law on Prices requires, inter alia, that health service providers subject to materially oriented prices must keep records of the prices applied to sales and maintain those records, as well as the calculation of such materially oriented prices. The specific content of the records is not regulated by the Act on Prices and it is implementing Decree No 450/2009 Coll. states in Section 1(1) that the price records “must contain data showing the name or type of goods, the specified conditions to which the price relates, the amount of the price at which the goods are sold and the beginning and end of the period in which the goods were sold at that price”.

The complainant as a dentist is obliged under Section 51 (1) of Act No. 372/2011 Coll., on Health Services and Conditions of Their Provision (“Health Services Act”) to maintain the confidentiality of all facts of which he becomes aware in connection with the provision of health services.

At the same time, in relation to patients’ personal data, the complainant is a data controller under the GDPR, managing personal data falling within the definition of special categories of data under Articles 4 and 9(1) of the GDPR.

Concerning the billing and invoicing of health services, reference can be made in particular to the following conclusions of the courts and the Office for Personal Data Protection. It follows from the judgment of the Supreme Administrative Court of 20 January 2005, No. 2 Afs 65/2004-47, and the judgment of the Municipal Court in Prague of 6 June 2017, No. 6 Ad 23/2015-60, that accounting/tax documents issued in connection with the provision of health services may not contain information that would constitute a breach of the statutory confidentiality of the provider of health services.

  • The judgment of the Municipal Court in Prague states that “… it is not decisive on what medium this information is captured – it does not have to be medical documentation. What is decisive is whether the disclosure of certain information about the patient affects the protection of his private and family life. The law does not distinguish which specific activity of the provider in a given case is in connection with the confidentiality obligation imposed, and it is, therefore, irrelevant whether the breach occurred in connection with primary care or the course of administrative and economic activity. (…) Like the defendant in the grounds of the contested decision, the court states that these facts, even though they may appear to be common to the hospital department that collects the relevant fees, are certainly not common and may have an impact on the intimate sphere of each patient and may harm him in a social environment. Moreover, their disclosure seriously undermines the well-established public perception of medical confidentiality, which is an essential value of our society and our value system, and it is essential to insist on the observance of that obligation (the person concerned is, first and foremost, a patient who rightly expects to be able to trust the doctor to treat him and to observe the duty of confidentiality in respect of the facts which come to the doctor’s knowledge in the course of his treatment)”.

 

  • In its decision the Office for Personal Data Protection of 15 March 2010, case no. SPR-0496/10-10 states as follows: “The party to the proceedings is obliged to take into account the nature of the personal data and to choose the appropriate relevant measures to ensure the security of their transmission, which is not the case with the above-described method of including the patient diagnosis code in the invoice, since its inclusion was not necessary to identify the patient or to determine the scope and object of the performance, and the invoice, which is not a medical record (it, not the invoice, contains all the information necessary to ensure the continuity of the provision of health care) and which is entered into the accounting system, fulfils the requirements of a tax document even without the patient diagnosis code. “

The above conclusions are a logical consequence of the fact that the accounting document may be handled by persons who have no right to know information about the health status of the patient to whom the health services were provided.

In the case before the court, the complainant proceeded in issuing receipts for the health services provided in the context of its duty of confidentiality and the conclusions described above, in such a way that the receipt itself always contained only general information about the type of health service provided (for example, dental treatment). A detailed description of the service, including the specific procedures corresponding to its price list, was included as an annex to the receipt provided to patients at their request, as provided for in Article 16 of Act No 634/1992 Coll. on consumer protection. The specific procedures are, of course, part of the patient’s medical records, which the patient and authorized persons have the right to consult.

As part of the audit of compliance with the provisions of the Price Act and related legislation, the Specialized Financial Office (“SFO”) requested the complainant to submit price lists of medical services in the relevant period, accounting records and also to submit the issued receipts. Subsequently, the SFO asked the complainant to complete the information by filling in the specification of health services provided and the corresponding prices in a table already containing names of the patients to whom the complainant provided health services during the relevant period. The complainant did not comply with this request, as the completion of the data would have resulted in the disclosure of information about the patient’s medical condition. The complainant therefore drew the attention of the SFO to its obligations as a data controller and to the statutory duty of confidentiality, which implied that the complainant was under an obligation not to disclose data on the health status of patients to persons who did not have the authority to process them or to whom the complainant’s duty of confidentiality was not breached within the meaning of the HSA.

Specifically, the complainant alleged that:

  1. according to recital 31 of the GDPR, special categories of personal data may only be disclosed to the controlling authority “on the basis of a legal obligation for the purposes of the performance of their official duties“, while the obligation to transfer personal data does not arise in the specific case from any legal provision; at the same time, none of the titles for such transfer of special categories of personal data under Article 9(2) of the GDPR is fulfilled;
  2.  the cases in which the statutory confidentiality of a health service provider may be broken are regulated by Article 51(2-4) of the Health Care Act, which is an exhaustive list and cannot be extended. The request of the SFO does not fall under any of the cases where health information can be provided;
  3. the complainant complied with the Price Act and fulfilled its obligation to keep price records already by providing the SFO with price lists of health services together with the receipts (which are not required to contain the specific name of the health service/performance). This corresponds to the Ministry of Finance’s commentary on the price regulations in force since 1 January 1991, dated 27 March 1991, contained in section 14-21 of the Price Bulletin of the FMF. According to this commentary, ‘the price list or accounting documents of the seller may also be used for record keeping purposes, provided that they contain the prices actually charged and information on their period of validity’.

The SFO disagreed with the complainant’s reasoning and ruled that there had been a violation of Section 11 of the Price Act in that the price records submitted by the complainant did not contain the necessary information, according to the SFO, and that the offence under Section 16(1)(g) of the Price Act had been committed.

Conclusions of the Supreme Administrative Court

Unfortunately, in the decision in question, the Supreme Administrative Court did not comment on the actual question of the relationship between the confidentiality of the doctor, the protection of patients’ personal data, and the obligations of the provider of health services under the Price Act.

In assessing the question of whether the complainant’s procedure was correct and the documents submitted during the inspection of the SFO were sufficient, the court based its decision on the interpretation of the content of the price records under the Price Act and the implementing decree. It agreed with the complainant in this respect that the explanatory memorandum to Section 11 of the Price Act states that “the draft law provides for compulsory records only to the extent necessary, in particular for price regulation and control of compliance. It is based on the fact that the implementing regulation provides for only the most necessary information on prices (exact specification of goods, price amount, period of validity), while other data can be drawn from the records provided for by other regulations or from the documents of current management. The implementing regulation also specifies which sellers or goods are not or only to a limited extent (e.g. fruit and vegetables on market stalls) covered by the price registration obligation under paragraph 1(d)”.

The Supreme Administrative Court drew similar conclusions from the commentary literature on the Price Act: “Price records do not have to take any specific form. It is quite sufficient if the above requirements are met by records kept for other purposes. This may be, for example, accounting records or operational and technical records kept by entrepreneurs as part of their business activities. The individual data and information required by the implementing decree need not be on the same sheet. Therefore, a price list or other documents of the seller may also be used for record keeping purposes, provided that they contain the prices applied and information on their period of validity.”

According to the court, it is thus clear that the price records under the Price Act and the implementing decree do not have to be individual receipts, which, after all, would be rather difficult to comply with to show “the beginning and end of the period in which the goods were sold at that price”. On the contrary, the price lists submitted by the complainant meet the above requirements for price records and the complainant has thus not committed the alleged infringement of section 11 of the Prices Act.

Thus, in the decision described above, the Supreme Administrative Court dealt with the issue of the content of the price register and the documents necessary to fulfill its maintenance under the Prices Act, but left aside the aspect of the relationship between price control and the duty of confidentiality of the health care professional, or the protection of personal data, which has not yet been resolved in case law.

 

JUDr. Ing. Eva Radová

Have a question ?

* Non-obligatory data
Contact informations
Na Příkopě 988/31, Praha 1
+420 224 810 090
Company details:
Na Pankráci 322/26
140 00 Prague 4
ID No.: 24195855
Entered under File No. C 187629 held by the Municipal Court in Prague
+420 224 810 090
i.rada@radapartner.cz
Member of:

logo

Fee

© 2020 Rada & Partner advokátní kancelář, s.r.o. All Rights Reserved.

Designed by

CREATIVE GUERILLA

Fee

LI

© 2020 Rada & Partner advokátní kancelář, s.r.o. All Rights Reserved.

Designed by

CREATIVE GUERILLA