Türkçe
English
Duyurular
"Public Announcement on Covid-19 PCR Test Results and Vaccine Information Applications” Published by The Turkish DPA
The Turkish Data Protection Authority (DPA) has recently published a public announcement regarding the applications of Covid-19 PCR Test results and vaccine information on how to proceed within the framework of the Personal Data Protection Law No. 6698 (“Law”) on 28.09.2021.
In the announcement, it is emphasized that states are obliged to process the Covid-19 vaccine information and/or PCR test results in areas where they are in public, including workplaces, in order to protect public health.
It is obligatory to report Covid-19 vaccine information and/or negative PCR test information of people who want to participate in activities such as concerts, cinemas, theatres and public transportation vehicles. However, workers who are not vaccinated against Covid-19 may be required to have PCR tests performed once a week by the workplace/employer, and the test results will be recorded for necessary procedures.
Information about the health status of individuals, such as analysis, imaging, test, report, vaccination status, is in the nature of personal health data according to Article 6 of the Law, therefore the information must be processed in accordance with the processing conditions. In article 6 of the Law considering the effects of the Covid-19 epidemic on health, social life and economy worldwide, the processing of personal health data related to Covid-19, such as vaccination status and PCR test result, is deemed necessary in terms of public safety and public order.
According to subparagraph (ç) of the first paragraph of Article 28 of the Law; in case “Processing of personal data within the scope of preventive, protective and intelligence activities carried out by public institutions and organizations authorized by law to ensure national defense, national security, public safety, public order or economic security”, the provisions of the Law will not be applied.
The DPA said in the statement that, the processing of personal data within the scope of activities carried out by public institutions and organizations authorized by law in order to prevent the contagiousness of the epidemic in order to eliminate this threat in cases that threaten public security and public order, such as an epidemic, should be evaluated within the scope of Article 28 of the Law. Thus, it clarified that the said practices would be exempt from the implementation of the Law.
Please find the announcement here.
Kind regards,
Zumbul Attorneys-at-Law