Confidence in the protection of information is one of the basic requirements of assistive relationships. It is constitutionally protected (as the “right to informational self-determination”).
Since 2018: application of the European General Data Protection Regulation (GDPR)
Specific national provisions apply to child and youth services:
Collection (Article 62 Social Code Book 8)
| Transmission (Articles 64, 65 Social Code Book 8)
|
Secrecy and the protection of confidence are two of the most fundamental requirements of the care professions. A fully trusting and beneficial relationship between those seeking help and those providing help needs a supportive space in which the individuals involved can rely on information to be kept confidential.
This protection of confidence also has its foundations in constitutional law and the constitutionally guaranteed general right of personality. Hence, all data privacy regulations are rooted in the fundamental right of individuals to decide for themselves whether, when and to what extent information about themselves is disclosed to others (known as the right to informational self-determination). Against this backdrop, when it comes to data disclosure, consent from the data subject is generally considered to be the gold standard. Where no consent has been provided, information may only ever be handled in line with the provisions of data privacy law (collection, storage, use, forwarding).
Since 2018 data privacy provisions have been largely shaped by the European General Data Protection Regulation (GDPR), enforced in Germany as directly applicable law. In particular, the GDPR contains several key principles (Article 5 – Principles relating to processing of personal data). These include, inter alia, the requirement for transparency (i.e., all data must be processed transparently in respect of the data subject), and limiting processing to what is necessary for the purposes for which it was collected. The GDPR lays down clear conditions which must be met when obtaining legal consent: the data subject must give consent freely, for a specific purpose, in an informed manner and unambiguously in the form of a declaration or other clearly distinguishable form in which they agree to the processing of their personal data.
The GDPR also contains escape clauses giving EU member states the power to enact national regulations for purposes including the performance of public functions. For the tasks of child and youth services pursuant to Book 8 of the Social Code (SGB VIII), corresponding national regulations are found in Articles 61 et seq. in conjunction with the general social data protection regulations found in Book 10 of the German Social Code (SGB X). Key powers are: