Biometric Patient ID in Spain: Privacy Risks and Data Worries

Published Date : 8/8/2025 

A new biometric patient identification system in Spain's cities of Ceuta and Melilla has raised significant concerns over data privacy and potential risks. The system, which uses facial recognition technology, has been flagged for inconsistencies and lack of transparency. 

A report has highlighted risks and data privacy issues with a new biometric patient identification system being implemented in Spain’s autonomous cities, Ceuta and Melilla. The contract for this project was awarded in 2021 to Dedalus and Facephi, tasked with setting up an AI-powered system to identify at least 170,000 patients using facial recognition technology.

In an investigative report by Civio, a public interest journalism outlet, it was found that the system has been operational in some primary care clinics in the two cities since November last year, but it is still being piloted in major hospitals. Civio obtained and reviewed the data protection impact assessment (DPIA) of the project, uncovering significant risks and data management gaps.

The report, part of Civio’s series on Algorithms, describes the facial recognition system provided by the health service for Ceuta and Melilla (INGESA) as having a very high initial risk. The review of the DPIA also found inconsistencies and insufficient data protection guarantees, which fall short of international standards. INGESA has been criticized for a lack of transparency in its communication about the exact purpose and implementation timeline of the project. Civio reported that INGESA did not respond to its request for comment.

Other concerns with the system include the lack of a clear mechanism to obtain patient consent, the potential for bias and exclusion based on race and gender, and issues of biometric data security, which have been a concern in the health sector. These concerns have led human rights advocates to fear a potential pushback from patients the system is intended to serve.

To address these fears, INGESA has been advised to allow for alternative identification methods such as health cards and passports, properly justify the use and proportionality of the system, and provide assurances that the system will not be used for surveillance or intrusion into patients’ privacy.

While face biometrics has been praised as the future of patient identification in healthcare, there are significant concerns about data privacy. In Spain, the country’s Data Protection Agency (AEPD) has been vigilant about facial recognition deployments without proper data protection safeguards. For instance, in 2023, the AEPD fined the organizers of the Mobile World Congress 200,000 Euros (about US$220,000) for installing a facial recognition system without a prior data protection impact assessment. Earlier this year, the AEPD also requested DPIA details from some football clubs implementing stadium biometrics projects. 

Frequently Asked Questions (FAQS): 

Q: What is the new biometric patient identification system in Spain?

A: The new biometric patient identification system in Spain uses facial recognition technology to identify patients in the autonomous cities of Ceuta and Melilla. It is being implemented by the health service for Ceuta and Melilla (INGESA).

Q: What are the main concerns with this system?

A: The main concerns include data privacy risks, lack of transparency, potential bias and exclusion based on race and gender, and issues with biometric data security. There is also a lack of a clear consent mechanism for patients.

Q: What has the Spanish Data Protection Agency (AEPD) said about facial recognition?

A: The AEPD has been concerned about facial recognition deployments without proper data protection safeguards. They have fined organizations and requested data protection impact assessment details to ensure compliance with data privacy laws.

Q: What advice has been given to INGESA to address these concerns?

A: INGESA has been advised to allow alternative identification methods, properly justify the use and proportionality of the system, and provide assurances that the system will not be used for surveillance or intrusion into patients’ privacy.

Q: What is the current status of the biometric system in Ceuta and Melilla?

A: The system is currently operational in some primary care clinics in Ceuta and Melilla but is still being piloted in major hospitals. It has been flagged for data privacy risks and management gaps. 

More Related Topics :