The data security principles defined in the German Federal Data Security Act (BDSG), and in particular the following passages thereof, were complied with in the formulation of the medical contents of www.harms-spinesurgery with regard to personal data used in texts or images:

§ 3, par. 9, BDSG

(9) Special types of personal data include information on any person’s racial and ethnic origins, political opinions, religious or philosophical convictions, labor union membership, health or sex life.

§ 4d, section 5, BDSG

(obligation to report)

(5) Automated processes involving special threats to the rights and freedoms of the individuals involved are subject to review prior to such processing (prior review). A prior review is required in particular for

1. Processing of special types of personal data (§ 3 Abs. 9) or
2. Cases of processing of personal data the purpose of which is to evaluate the personality of the individual involved including his or her abilities, performance or behavior, unless the individual involved is legally obligated, or has declared his or her consent, to allow such processing, or if such data collection, processing or utilization serves the purposes of a contract relationship or relationship based on trust that has the nature of a contract with the individual involved.

§ 39, 1 BDSG (specific restrictions on transfer of personal data subject to professional or special official secrecy).

(1) Personal data subject to professional or special official secrecy made available by the party or office sworn to secrecy within the framework of professional or official duties may only be processed or used by the responsible party for the purpose for which they were received. The permission of the party or office sworn to secrecy is required before the data may be communicated to a non-official party or office.

§ 40 , 1 and 2, BDSG (processing and use of personal data by research bodies)

Personal data collected or stored for the purpose of scientific research may only be processed or used for the purpose of scientific research.
The personal data must be made anonymous as soon as possible with respect to the purpose of the research. Until the data have been made anonymous, information that could link details of a personal or material nature to a specific person or person whose identity could be determined must be stored separately. The details may only be linked to the persons to the extent demanded by the research purpose.