During their clinical placements, medical students are given a ‘course test’ to assess the practical knowledge they’ve acquired at the end of each course. Since the test is administered several times a year, the faculty does everything it possibly can to prevent the questions from being leaked. This is why there are stricter rules regarding inspection of these tests compared to regular exams: students are not permitted to take their notes with them, and when it comes to inspecting the tests, students are not permitted to view the questions and answers. They are only allowed to see the theme per group of questions and whether the answer was correct, partially correct, or incorrect.

During a course test for surgery, it turned out that many participants received an unsatisfactory mark, and Jasper Klasen was one of the students who took the test. Twelve students made a joint request to inspect the test. Following a correction to the answer model, the marks were raised and as a result, nearly everyone received a passing mark for the test. But inspection of the test was subsequently denied. According to the programme regulations, you only have a personal interest in inspecting an exam if you have received an unsatisfactory mark for a test multiple times.

Inspection doesn’t contravene the Higher Education and Research Act

Kamer wil bindend studieadvies ‘wegpraten’

Klasen surmised that limiting access for inspecting the course test was contrary to the law. “The Higher Education and Research Act states that a programme is permitted to draft its own protocol for inspection. So that means at the very least, inspection is permitted.” The Appeal Examination Board ruled against him in this instance. “[The relevant article in the Higher Education Act] cannot be interpreted to mean that no limits [on inspection] may be imposed”, said the Board of Appeals for Examinations in its ruling.

However, Klasen was proven right when it came to privacy legislation (GDPR). Klasen based his arguments on two earlier rulings in Ireland and in the Netherlands where inspection was declared possible in accordance with the GDPR. “These rulings demonstrated that exam answers, according to the judge, are also personal data. And an individual always has the right to access personal data without having to provide a reason, thanks to the GDPR.” This entailed more than just inspection of an exam. It even meant that a copy of an exam could be obtained. The Board of Appeals for Examinations confirmed this in its ruling. “In the opinion of the board, Klasen is able to request these answers regardless of what is stipulated in the Course and Examination Regulations in this respect.”

An important detail is that according to the Board of Appeals for Examinations, the exam questions do not fall within the scope of the GDPR, because they aren’t considered the student’s personal data. Klasen doesn’t agree with this stance: in the previous two cases, the questions were also provided. He feels that it isn’t possible to verify whether the data was processed properly without the questions. As a result, he will lodge another appeal, this time with the national Appeals Tribunal for Higher Education (CBHO) in The Hague.

Major repercussions

The ruling could potentially have major repercussions. Programmes often take extensive measures to prevent exam questions and answers from leaking. If everyone can obtain a copy of his or her exam, then creating exams will become more difficult.

The Board of Appeals for Examinations gave the Medicine programme two weeks to respond to the ruling by adopting a new decision regarding inspection of exams. This deadline expired Friday, but Klasen has yet to be informed of any new decision.


Read more about the GDPR

GDPR: Once you have solved the technical problems, the remaining issues are mostly ethical

Today the new European law on privacy and personal data (AVG) comes into effect. What…