3D-printed medical devices and data protection obligations

As with any medical technology that processes patients' personal data, the use of 3D printing for the manufacturing of medical devices entails an obligation to protect the data and privacy of the individual using the device.

First of all, the process of printing medical devices requires the use of the personal information of the subject for whom the device is intended, starting from the scanning phase of the injured anatomical district. Data flows, in fact, must be controlled starting from the acquisition of two-dimensional X-ray images through magnetic resonances or CAT scans, which contain data concerning the health of the patient. These fall within the definition of special categories of personal data under Art. 9 of EU Regulation 679/2016 (General Data Protection Regulation - GDPR).

The data processing is also carried out in the segmentation phase through software and in the conversion phase in the STL format, which is sent to the printer to reproduce those anatomical structures in three dimensions.

In short, the circumstance that the custom-made implant is prepared on the basis of the data coming from the CAT scan or from the magnetic resonance imaging performed on the patient, implies that the printed device, by reproducing the patient's anatomy, contains the patient's clinical data. 

For this reason, it is necessary, first of all, that the software be developed according to the principles of privacy by design, providing, right from the design stage, adequate mechanisms for data protection that guarantee, in particular, its accuracy and integrity, which are essential for the medical device to be correctly produced.

Secondly, it is essential that the printed medical device containing the patient's data is also subject to security measures under Art. 32 of the GDPR, mainly to prevent the risks of loss of availability and confidentiality of data. While the loss of availability is detrimental to the timeliness of the therapeutic intervention, the loss of confidentiality entails the risk that through the device, unauthorized persons are able to trace the patient to whom it is intended, as in cases in which, even in pseudonymized form, the device is marked by an identification code designed to reconnect the device to the patient.