A Patient Information Notices (PIN) is information outlining how a patient’s data is accessed, processed and stored by a participating European country for the purposes of healthcare.

It falls under EU General Data Protection Regulation (GDPR) and it is a legal document to which a patient gives or declines consent. Consent is not a one-time event, it can be withdrawn at any time. However, revocation will mean the patient cannot participate in the system.

The PIN itself is a requirement coming from Art. 13 (“Information to be provided where personal data are collected from the data subject”) & 14 (Information to be provided where personal data have not been obtained from the data subject”) of the General Data Protection Regulation (GDPR).

PINs are of interest to:

1. European citizens’ health data processing by cross-border eHealth services in their country of residence or in the country where they are travelling.
2. Health professional seeking information in relation to their patients and how the patients’ health data will be processed by the cross border eHealth services in the patients’ country of residence or in their country of travel/treatment.