CITTADINANZATTIVA ANSWERS

When the Asl sends a text message for screening: 'Can they do it without my consent?

The association for citizen participation and protection answers questions about rights and access to health services

3' min read

Translated by AI
Versione italiana

3' min read

Translated by AI
Versione italiana

Good morning, I received an SMS on my mobile phone from my ASL inviting me to book a cancer screening and mentioning my personal details. However, I never gave my consent to be contacted on my private phone. Has the Garante della Privacy really authorised this use of our contact details? Is this not a breach of my confidentiality?

Francesca, Naples

Loading...

Dear Francesca, yours is an entirely understandable reaction. Receiving an unsolicited message on your smartphone can feel like an intrusion into your personal sphere. Yet, counterintuitive as it may seem, the ASL is actually authorised to send you that kind of communication, even without your explicit consent. Let us see why.

Because ASL can write them without consent

Cancer screening - for breast, colorectal and cervical cancer - is part of the Essential Levels of Care (Livelli Essenziali di Assistenza - LEA), i.e. the services that the National Health Service is obliged to guarantee to all citizens. This is not advertising or health marketing: it is prevention, and it is an institutional obligation. The European Data Protection Regulation (GDPR, EU Reg. 2016/679) and the Italia Garante's guidelines provide that health authorities can process citizens' data without requiring specific consent for each individual communication, provided there is a 'relevant public interest'. The protection of individual and collective health through early diagnosis falls fully within this definition. The contact details used are those already present in the Anagrafe Sanitaria, the database accessed by the ASL for its institutional functions.

The balance between the right to health and privacy

The Garante della Privacy made a clear choice: it considered that the right to health would be concretely compromised if the ASLs could not reach citizens for life-saving examinations. However, this does not mean carte blanche. To protect everyone's confidentiality, messages must comply with precise rules. Here they are: essentiality: the SMS must not contain explicit clinical details. It must be limited to a generic invitation, without revealing diagnoses or sensitive information; security: the message must not include links requiring the input of passwords, bank details or other personal information; institutional recognisability: it must be immediately clear that the communication comes from the Health Service, and not from a third party. The data speak for themselves: digital reminders increase screening participation by 20-30%, contributing to earlier diagnosis and ultimately saving lives. A text message is read almost instantly, unlike a paper letter that can end up in the bin or get lost. And there is also an environmental benefit: less paper, less postage costs for public health.

Possible criticalities

However, there is no shortage of critical issues. The most real risk is that of smishing, i.e. SMS scams that imitate institutional communications in order to steal personal data: a citizen might mistake an authentic message from the ASL for an attempt at fraud, or vice versa. Then there is the issue of updating databases: if the registered phone number is no longer the one in use, the message could reach the wrong person, with a small but real breach of confidentiality. Finally, many citizens would like to be able to choose how to be contacted - by email rather than by SMS, for example - and this option is not yet available everywhere. As a normative reference, one can consult the Guidelines of the Garante per la protezione dei dati personali

Copyright reserved ©
Loading...

Brand connect

Loading...

Newsletter

Notizie e approfondimenti sugli avvenimenti politici, economici e finanziari.

Iscriviti