SlideShare a Scribd company logo

Implementing GDPR Health Sector

Browne Jacobson LLP
Browne Jacobson LLP

The document discusses the key aspects of implementing the General Data Protection Regulation (GDPR) for organizations in the health sector. It covers definitions of important terms like genetic data and biometric data. It also summarizes the GDPR's data protection principles, lawful bases for processing personal data and special categories of personal data, individual rights for data subjects, and contractual requirements for data processors.

Law
1 of 33
Download to read offline
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn How to implement GDPR for the health sector
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Connect with Dmitrije dmitrije.sirovica@brownejacobson.com +44 (0)115 976 6238 Connect with Gerard gerard.hanratty@brownejacobson.com +44 (0)330 045 2159 How to implement GDPR for the health sector
for news, legal updates, real opinions and training: https://www.linkedin.com/company /health-and-social-care follow our showcase page…
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • key definitions • legal grounds for processing • guidance and tips • questions GDPR
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn – achieve consistency with the existing system for ensuring privacy online • nine substantive chapters - including specific data processing provisions on health • GDPR applies from 25 May 2018 • creates a level-ish playing field across EU • new elements contain measures that: – harmonise data protection procedures and enforcement across the EU What is the GDPR?
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • Status, duties and powers of national supervisory authorities • Co-operation and consistency between member states • Remedies, liabilities and sanctions • Provisions relating to specific data processing situations (including health) The nine chapters, cover: • General Provisions • Data protection principles • Rights of the data subject • Obligations on controllers and processors • Transfer of personal data to third countries Structure of the GDPR
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • retention • rights • security • cross-border transfers Broad principles remain • lawful basis • fairness • purpose limitation • data minimisation • accuracy Similarities
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • accountability and demonstrating compliance • enhanced transparency and fair processing requirements • requirement for a Data Protection Officer (DPO) for all public authorities • stricter consent requirements What is new?
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • mandatory breach reporting – to the ICO and data subjects • significant increase in sanctions • direct liability for data processors • Data Protection Impact Assessments, and requirements of privacy by design and by default • records of processing What is new?
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn “Personal data relating to the inherited or acquired genetic characteristics of a person which give unique information about their physiology or the health of that person and which results, in particular, from an analysis of a biological sample from the person in questions” Genetic data
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn “Personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a person, which all or confirm the unique identification of that person, such as facial images or fingerprint data” Biometric data
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn “Personal data related to the physical or mental health of a person, including the provision of health care services, which reveal information about his or her health status” Data concerning health
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • lawfully, fairly and transparently processed – fair processing or privacy notice – being clear Data protection principles
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • processed for a specific, explicit and legitimate purpose – why are you processing? – what is the purpose? Data protection principles
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • adequate, relevant and limited to what is necessary in relation to the purpose(s) – data minimisation – only keep what you need Data protection principles
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • accurate and, where necessary, kept up to date – reasonable steps should be taken • only kept for as long as is necessary for the purpose Data protection principles
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • processed using appropriate technical and organisational measures – data security Data protection principles
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn a) consent of the data subject (must be clear affirmation) b) processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract c) processing is necessary for compliance with a legal obligation d) processing is necessary to protect the vital interests of a data subject or another person Lawful basis for processing personal data 6(1)
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller f) necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject (does not apply to public authorities) Lawful basis for processing personal data 6(1)
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn a) explicit consent of the data subject, unless reliance on consent is prohibited by EU or Member State law b) processing is necessary for carrying out obligations under employment, social security or social protection law, or a collective agreement c) processing is necessary to protect the vital interests of a data subject or another individual where the data subject is physically or legally incapable of giving consent Lawful basis for processing special category personal data 9 (2)
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn d) processing carried out by a not-for-profit body with a political, philosophical, religious or trade union aim provided the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes) and provided there is no disclosure to a third party without consent e) processing relates to personal data manifestly made public by the data subject f) processing is necessary for the establishment, exercise or defence of legal claims or where courts are acting in their judicial capacity Lawful basis for processing special category personal data 9 (2)
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn g) processing is necessary for reasons of substantial public interest on the basis of Union or Member State law which is proportionate to the aim pursued and which contains appropriate safeguards h) processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or a contract with a health professional Lawful basis for processing special category personal data 9 (2)
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn i) relates to public interest in the area of public health j) processing is necessary for archiving purposes in the public interest, or scientific and historical research purposes or statistical purposes in accordance with Article 89(1) Lawful basis for processing special category personal data 9 (2)
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Consent “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Conditions for Consent • Controller must be able to demonstrate that the data subject has consented • The request for consent must be clearly distinguishable from other matters, and presented in a manner clearly distinguishable from other matters in an intelligible and easily accessible form, using clear and plain language • The withdrawal of consent must be as easy as the grant of consent • Consent is not to be regarded as freely given if there is no genuine or free choice or is unable to withdraw consent without detriment
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn 1. Right to information – fair processing notice 2. Subject access rights – free – one month to comply Individuals’ rights
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn 3. Right to rectification – data accuracy 4. Right to be forgotten – right to erasure in certain circumstances 5. Right to restrict processing Individuals’ rights
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn 6. Right to data portability – ability to move data 7. Right to object – right to erasure in certain circumstances 8. Rights in relation to automated decision making and profiling Individuals’ rights
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Contracts between data controllers and data processors must include: • subject matter and duration of processing • nature and purpose of processing • type of personal data and categories of data subject • obligations and rights of the controller Contractual requirements
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • act only on written instructions of the controller • ensure that people processing the data are subject to a duty of confidence • take appropriate measures to ensure the security of processing • only engage a sub-processor with the prior consent of the data controller and a written contract Processors must
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • assist the data controller in providing subject access and allow data subjects to exercise their rights under the GDPR • assist the data controller in meeting its GDPR obligations in relation to the security of processing, notification of personal data breaches and data protection impact assessments Processors must
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • delete or return all personal data to the controller as requested at the end of the contract Processors must
Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • submit to audits and inspections, provide the controller with whatever information it needs to ensure that they are both meeting their Article 28 obligations, and tell the controller immediately if it is asked to do something infringing the GDPR or other data protection law of the EU or a member state Processors must

Recommended

How to implement GDPR for the public sector, December 2017
How to implement GDPR for the public sector, December 2017How to implement GDPR for the public sector, December 2017
How to implement GDPR for the public sector, December 2017Browne Jacobson LLP
 
UX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUser Vision
 
GDPR for your Payroll Bureau
GDPR for your Payroll BureauGDPR for your Payroll Bureau
GDPR for your Payroll BureauBrightPay Payroll and Auto Enrolment Software
 
BigID GDPR Privacy Automation Data Sheet
BigID GDPR Privacy Automation Data SheetBigID GDPR Privacy Automation Data Sheet
BigID GDPR Privacy Automation Data SheetDimitri Sirota
 
(SACON) Nandan Nilekani - Identity Payments and Data Empowerment 
(SACON) Nandan Nilekani - Identity Payments and Data Empowerment (SACON) Nandan Nilekani - Identity Payments and Data Empowerment 
(SACON) Nandan Nilekani - Identity Payments and Data Empowerment Priyanka Aash
 
BigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance AutomatedBigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance AutomatedBigID Inc
 
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...BigID Inc
 
BigID DataSheet: Data Access Intelligence
BigID DataSheet: Data Access IntelligenceBigID DataSheet: Data Access Intelligence
BigID DataSheet: Data Access IntelligenceBigID Inc
 

Recommended

How to implement GDPR for the public sector, December 2017
How to implement GDPR for the public sector, December 2017How to implement GDPR for the public sector, December 2017
How to implement GDPR for the public sector, December 2017Browne Jacobson LLP
 
UX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUser Vision
 
GDPR for your Payroll Bureau
GDPR for your Payroll BureauGDPR for your Payroll Bureau
GDPR for your Payroll BureauBrightPay Payroll and Auto Enrolment Software
 
BigID GDPR Privacy Automation Data Sheet
BigID GDPR Privacy Automation Data SheetBigID GDPR Privacy Automation Data Sheet
BigID GDPR Privacy Automation Data SheetDimitri Sirota
 
(SACON) Nandan Nilekani - Identity Payments and Data Empowerment 
(SACON) Nandan Nilekani - Identity Payments and Data Empowerment (SACON) Nandan Nilekani - Identity Payments and Data Empowerment 
(SACON) Nandan Nilekani - Identity Payments and Data Empowerment Priyanka Aash
 
BigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance AutomatedBigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance AutomatedBigID Inc
 
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...BigID Inc
 
BigID DataSheet: Data Access Intelligence
BigID DataSheet: Data Access IntelligenceBigID DataSheet: Data Access Intelligence
BigID DataSheet: Data Access IntelligenceBigID Inc
 
India'a Proposed Privacy & Personal Data Protection Law
India'a Proposed Privacy & Personal Data Protection Law India'a Proposed Privacy & Personal Data Protection Law
India'a Proposed Privacy & Personal Data Protection Law Priyanka Aash
 
BigID Data Inventory & Data Mapping Data Sheet
BigID Data Inventory & Data Mapping Data SheetBigID Data Inventory & Data Mapping Data Sheet
BigID Data Inventory & Data Mapping Data SheetDimitri Sirota
 
BigID Data Sheet HIPAA Data Security & Privacy
BigID Data Sheet HIPAA Data Security & Privacy BigID Data Sheet HIPAA Data Security & Privacy
BigID Data Sheet HIPAA Data Security & Privacy BigID Inc
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
BigID Enterprise Privacy Management Data Sheet
BigID Enterprise Privacy Management Data SheetBigID Enterprise Privacy Management Data Sheet
BigID Enterprise Privacy Management Data SheetDimitri Sirota
 
WB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection BillWB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection BillTrustArc
 
National Volunteering Forum: May18
National Volunteering Forum: May18National Volunteering Forum: May18
National Volunteering Forum: May18NCVO - National Council for Voluntary Organisations
 
BigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingBigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingDimitri Sirota
 
BigID Data sheet: Consent Governance & Orchestration
BigID Data sheet: Consent Governance & OrchestrationBigID Data sheet: Consent Governance & Orchestration
BigID Data sheet: Consent Governance & OrchestrationBigID Inc
 
BigID Datasheet: CCPA Data Rights Automation
BigID Datasheet: CCPA Data Rights AutomationBigID Datasheet: CCPA Data Rights Automation
BigID Datasheet: CCPA Data Rights AutomationBigID Inc
 
WB-2022-01-25-India's Data Protection Bill
WB-2022-01-25-India's Data Protection BillWB-2022-01-25-India's Data Protection Bill
WB-2022-01-25-India's Data Protection BillTrustArc
 
BigID PII & PI Discovery for GDPR Data Sheet
BigID PII & PI Discovery for GDPR Data SheetBigID PII & PI Discovery for GDPR Data Sheet
BigID PII & PI Discovery for GDPR Data SheetDimitri Sirota
 
Public sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, ExeterPublic sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, ExeterBrowne Jacobson LLP
 
Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson LLP
 
BigID Virtual MDM Data Sheet
BigID Virtual MDM Data SheetBigID Virtual MDM Data Sheet
BigID Virtual MDM Data SheetDimitri Sirota
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID Inc
 
BigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Inc
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsHarrison Clark Rickerbys
 
GDPRforum London
GDPRforum LondonGDPRforum London
GDPRforum LondonAngry Creative (UK)
 
DPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamDPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamBrowne Jacobson LLP
 
GDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterGDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterBrowne Jacobson LLP
 
GDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamGDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamBrowne Jacobson LLP
 

More Related Content

What's hot

India'a Proposed Privacy & Personal Data Protection Law
India'a Proposed Privacy & Personal Data Protection Law India'a Proposed Privacy & Personal Data Protection Law
India'a Proposed Privacy & Personal Data Protection Law Priyanka Aash
 
BigID Data Inventory & Data Mapping Data Sheet
BigID Data Inventory & Data Mapping Data SheetBigID Data Inventory & Data Mapping Data Sheet
BigID Data Inventory & Data Mapping Data SheetDimitri Sirota
 
BigID Data Sheet HIPAA Data Security & Privacy
BigID Data Sheet HIPAA Data Security & Privacy BigID Data Sheet HIPAA Data Security & Privacy
BigID Data Sheet HIPAA Data Security & Privacy BigID Inc
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
BigID Enterprise Privacy Management Data Sheet
BigID Enterprise Privacy Management Data SheetBigID Enterprise Privacy Management Data Sheet
BigID Enterprise Privacy Management Data SheetDimitri Sirota
 
WB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection BillWB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection BillTrustArc
 
BigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingBigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingDimitri Sirota
 
BigID Data sheet: Consent Governance & Orchestration
BigID Data sheet: Consent Governance & OrchestrationBigID Data sheet: Consent Governance & Orchestration
BigID Data sheet: Consent Governance & OrchestrationBigID Inc
 
BigID Datasheet: CCPA Data Rights Automation
BigID Datasheet: CCPA Data Rights AutomationBigID Datasheet: CCPA Data Rights Automation
BigID Datasheet: CCPA Data Rights AutomationBigID Inc
 
WB-2022-01-25-India's Data Protection Bill
WB-2022-01-25-India's Data Protection BillWB-2022-01-25-India's Data Protection Bill
WB-2022-01-25-India's Data Protection BillTrustArc
 
BigID PII & PI Discovery for GDPR Data Sheet
BigID PII & PI Discovery for GDPR Data SheetBigID PII & PI Discovery for GDPR Data Sheet
BigID PII & PI Discovery for GDPR Data SheetDimitri Sirota
 
Public sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, ExeterPublic sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, ExeterBrowne Jacobson LLP
 
Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson LLP
 
BigID Virtual MDM Data Sheet
BigID Virtual MDM Data SheetBigID Virtual MDM Data Sheet
BigID Virtual MDM Data SheetDimitri Sirota
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID Inc
 
BigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Inc
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsHarrison Clark Rickerbys
 

What's hot (19)

India'a Proposed Privacy & Personal Data Protection Law
India'a Proposed Privacy & Personal Data Protection Law India'a Proposed Privacy & Personal Data Protection Law
India'a Proposed Privacy & Personal Data Protection Law
 
BigID Data Inventory & Data Mapping Data Sheet
BigID Data Inventory & Data Mapping Data SheetBigID Data Inventory & Data Mapping Data Sheet
BigID Data Inventory & Data Mapping Data Sheet
 
BigID Data Sheet HIPAA Data Security & Privacy
BigID Data Sheet HIPAA Data Security & Privacy BigID Data Sheet HIPAA Data Security & Privacy
BigID Data Sheet HIPAA Data Security & Privacy
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
BigID Enterprise Privacy Management Data Sheet
BigID Enterprise Privacy Management Data SheetBigID Enterprise Privacy Management Data Sheet
BigID Enterprise Privacy Management Data Sheet
 
WB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection BillWB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection Bill
 
National Volunteering Forum: May18
National Volunteering Forum: May18National Volunteering Forum: May18
National Volunteering Forum: May18
 
BigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingBigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and Tagging
 
BigID Data sheet: Consent Governance & Orchestration
BigID Data sheet: Consent Governance & OrchestrationBigID Data sheet: Consent Governance & Orchestration
BigID Data sheet: Consent Governance & Orchestration
 
BigID Datasheet: CCPA Data Rights Automation
BigID Datasheet: CCPA Data Rights AutomationBigID Datasheet: CCPA Data Rights Automation
BigID Datasheet: CCPA Data Rights Automation
 
WB-2022-01-25-India's Data Protection Bill
WB-2022-01-25-India's Data Protection BillWB-2022-01-25-India's Data Protection Bill
WB-2022-01-25-India's Data Protection Bill
 
BigID PII & PI Discovery for GDPR Data Sheet
BigID PII & PI Discovery for GDPR Data SheetBigID PII & PI Discovery for GDPR Data Sheet
BigID PII & PI Discovery for GDPR Data Sheet
 
Public sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, ExeterPublic sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, Exeter
 
Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017
 
BigID Virtual MDM Data Sheet
BigID Virtual MDM Data SheetBigID Virtual MDM Data Sheet
BigID Virtual MDM Data Sheet
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
 
BigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and Tagging
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 
GDPRforum London
GDPRforum LondonGDPRforum London
GDPRforum London
 

Similar to Implementing GDPR Health Sector

DPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamDPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamBrowne Jacobson LLP
 
GDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterGDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterBrowne Jacobson LLP
 
GDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamGDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamBrowne Jacobson LLP
 
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...Harrison Clark Rickerbys
 
DPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, LondonDPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, LondonBrowne Jacobson LLP
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsHarrison Clark Rickerbys
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...Harrison Clark Rickerbys
 
What does the GDPR mean for charity communicators? | Scotland Networking Grou...
What does the GDPR mean for charity communicators? | Scotland Networking Grou...What does the GDPR mean for charity communicators? | Scotland Networking Grou...
What does the GDPR mean for charity communicators? | Scotland Networking Grou...CharityComms
 
GDPR Briefing for marketers
GDPR Briefing for marketersGDPR Briefing for marketers
GDPR Briefing for marketersSmart Insights
 
Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Peter Procházka
 
UX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesStephen Denning
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRNupur Samaddar
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare IndustryEMMAIntl
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
GDPR clinic - CloudWATCH at Cloud Security Expo 2017
GDPR clinic - CloudWATCH at Cloud Security Expo 2017GDPR clinic - CloudWATCH at Cloud Security Expo 2017
GDPR clinic - CloudWATCH at Cloud Security Expo 2017CloudWATCH Consortium
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? SecurityScorecard
 
Media_644046_smxx (1).pptx
Media_644046_smxx (1).pptxMedia_644046_smxx (1).pptx
Media_644046_smxx (1).pptxMichelleSaver
 

Similar to Implementing GDPR Health Sector (20)

DPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamDPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, Birmingham
 
GDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterGDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, Manchester
 
GDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamGDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, Nottingham
 
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
 
DPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, LondonDPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, London
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
 
Gdpr for business full
Gdpr for business fullGdpr for business full
Gdpr for business full
 
What does the GDPR mean for charity communicators? | Scotland Networking Grou...
What does the GDPR mean for charity communicators? | Scotland Networking Grou...What does the GDPR mean for charity communicators? | Scotland Networking Grou...
What does the GDPR mean for charity communicators? | Scotland Networking Grou...
 
GDPR Briefing for marketers
GDPR Briefing for marketersGDPR Briefing for marketers
GDPR Briefing for marketers
 
Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...
 
UX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital Experiences
 
GDPR for your Payroll Bureau
GDPR for your Payroll BureauGDPR for your Payroll Bureau
GDPR for your Payroll Bureau
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPR
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPR
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
 
GDPR clinic - CloudWATCH at Cloud Security Expo 2017
GDPR clinic - CloudWATCH at Cloud Security Expo 2017GDPR clinic - CloudWATCH at Cloud Security Expo 2017
GDPR clinic - CloudWATCH at Cloud Security Expo 2017
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
 
Media_644046_smxx (1).pptx
Media_644046_smxx (1).pptxMedia_644046_smxx (1).pptx
Media_644046_smxx (1).pptx
 

More from Browne Jacobson LLP

Employment law update - Browne Jacobson Exeter - 06 February 2020
Employment law update - Browne Jacobson Exeter - 06 February 2020Employment law update - Browne Jacobson Exeter - 06 February 2020
Employment law update - Browne Jacobson Exeter - 06 February 2020Browne Jacobson LLP
 
Exclusions: keeping you informed
Exclusions: keeping you informed Exclusions: keeping you informed
Exclusions: keeping you informed Browne Jacobson LLP
 
Procurement workshop training slides - Birmingham session
Procurement workshop training slides - Birmingham sessionProcurement workshop training slides - Birmingham session
Procurement workshop training slides - Birmingham sessionBrowne Jacobson LLP
 
Local authority acquisition and disposal of land - July 2019
Local authority acquisition and disposal of land - July 2019Local authority acquisition and disposal of land - July 2019
Local authority acquisition and disposal of land - July 2019Browne Jacobson LLP
 
Your employees, their future employers, and your intellectual property - July...
Your employees, their future employers, and your intellectual property - July...Your employees, their future employers, and your intellectual property - July...
Your employees, their future employers, and your intellectual property - July...Browne Jacobson LLP
 
Public Sector Planning Club - 4 July 2019
Public Sector Planning Club - 4 July 2019Public Sector Planning Club - 4 July 2019
Public Sector Planning Club - 4 July 2019Browne Jacobson LLP
 
Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019Browne Jacobson LLP
 
Education Law Conference Exeter - Thursday 6 June 2019
Education Law Conference Exeter - Thursday 6 June 2019Education Law Conference Exeter - Thursday 6 June 2019
Education Law Conference Exeter - Thursday 6 June 2019Browne Jacobson LLP
 
Redress Schemes for Abuse and Misconduct, March 2019
Redress Schemes for Abuse and Misconduct, March 2019Redress Schemes for Abuse and Misconduct, March 2019
Redress Schemes for Abuse and Misconduct, March 2019Browne Jacobson LLP
 
Claims Club - March 2019 - Birmingham
Claims Club - March 2019 - BirminghamClaims Club - March 2019 - Birmingham
Claims Club - March 2019 - BirminghamBrowne Jacobson LLP
 
Claims Club - March 2019 - London
Claims Club - March 2019 - London Claims Club - March 2019 - London
Claims Club - March 2019 - London Browne Jacobson LLP
 
Admin and Public Law - April 2019 - London
Admin and Public Law - April 2019 - London Admin and Public Law - April 2019 - London
Admin and Public Law - April 2019 - London Browne Jacobson LLP
 
State aid and IP in R&D agreements, March 2019
State aid and IP in R&D agreements, March 2019 State aid and IP in R&D agreements, March 2019
State aid and IP in R&D agreements, March 2019 Browne Jacobson LLP
 
Privileged communications webinar, March 2019
Privileged communications webinar, March 2019 Privileged communications webinar, March 2019
Privileged communications webinar, March 2019 Browne Jacobson LLP
 
Social care forum, March 2019, Manchester
Social care forum, March 2019, ManchesterSocial care forum, March 2019, Manchester
Social care forum, March 2019, ManchesterBrowne Jacobson LLP
 
Public sector breakfast club, February 2019, Exeter
Public sector breakfast club, February 2019, Exeter Public sector breakfast club, February 2019, Exeter
Public sector breakfast club, February 2019, Exeter Browne Jacobson LLP
 
Public sector planning club, February 2019, Nottingham
Public sector planning club, February 2019, NottinghamPublic sector planning club, February 2019, Nottingham
Public sector planning club, February 2019, NottinghamBrowne Jacobson LLP
 
Mental health, capacity and deprivation of liberty case law update, February ...
Mental health, capacity and deprivation of liberty case law update, February ...Mental health, capacity and deprivation of liberty case law update, February ...
Mental health, capacity and deprivation of liberty case law update, February ...Browne Jacobson LLP
 

More from Browne Jacobson LLP (20)

Employment law update - Browne Jacobson Exeter - 06 February 2020
Employment law update - Browne Jacobson Exeter - 06 February 2020Employment law update - Browne Jacobson Exeter - 06 February 2020
Employment law update - Browne Jacobson Exeter - 06 February 2020
 
Exclusions: keeping you informed
Exclusions: keeping you informed Exclusions: keeping you informed
Exclusions: keeping you informed
 
Procurement workshop training slides - Birmingham session
Procurement workshop training slides - Birmingham sessionProcurement workshop training slides - Birmingham session
Procurement workshop training slides - Birmingham session
 
Local authority acquisition and disposal of land - July 2019
Local authority acquisition and disposal of land - July 2019Local authority acquisition and disposal of land - July 2019
Local authority acquisition and disposal of land - July 2019
 
Your employees, their future employers, and your intellectual property - July...
Your employees, their future employers, and your intellectual property - July...Your employees, their future employers, and your intellectual property - July...
Your employees, their future employers, and your intellectual property - July...
 
Public Sector Planning Club - 4 July 2019
Public Sector Planning Club - 4 July 2019Public Sector Planning Club - 4 July 2019
Public Sector Planning Club - 4 July 2019
 
Health tech slides 12 june 2019
Health tech slides 12 june 2019Health tech slides 12 june 2019
Health tech slides 12 june 2019
 
Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019Education Law Conference Manchester - Monday 10 June 2019
Education Law Conference Manchester - Monday 10 June 2019
 
Education Law Conference Exeter - Thursday 6 June 2019
Education Law Conference Exeter - Thursday 6 June 2019Education Law Conference Exeter - Thursday 6 June 2019
Education Law Conference Exeter - Thursday 6 June 2019
 
Redress Schemes for Abuse and Misconduct, March 2019
Redress Schemes for Abuse and Misconduct, March 2019Redress Schemes for Abuse and Misconduct, March 2019
Redress Schemes for Abuse and Misconduct, March 2019
 
Claims Club - March 2019 - Birmingham
Claims Club - March 2019 - BirminghamClaims Club - March 2019 - Birmingham
Claims Club - March 2019 - Birmingham
 
Claims Club - March 2019 - London
Claims Club - March 2019 - London Claims Club - March 2019 - London
Claims Club - March 2019 - London
 
Admin and Public Law - April 2019 - London
Admin and Public Law - April 2019 - London Admin and Public Law - April 2019 - London
Admin and Public Law - April 2019 - London
 
State aid and IP in R&D agreements, March 2019
State aid and IP in R&D agreements, March 2019 State aid and IP in R&D agreements, March 2019
State aid and IP in R&D agreements, March 2019
 
In House Lawyers, March 2019
In House Lawyers, March 2019In House Lawyers, March 2019
In House Lawyers, March 2019
 
Privileged communications webinar, March 2019
Privileged communications webinar, March 2019 Privileged communications webinar, March 2019
Privileged communications webinar, March 2019
 
Social care forum, March 2019, Manchester
Social care forum, March 2019, ManchesterSocial care forum, March 2019, Manchester
Social care forum, March 2019, Manchester
 
Public sector breakfast club, February 2019, Exeter
Public sector breakfast club, February 2019, Exeter Public sector breakfast club, February 2019, Exeter
Public sector breakfast club, February 2019, Exeter
 
Public sector planning club, February 2019, Nottingham
Public sector planning club, February 2019, NottinghamPublic sector planning club, February 2019, Nottingham
Public sector planning club, February 2019, Nottingham
 
Mental health, capacity and deprivation of liberty case law update, February ...
Mental health, capacity and deprivation of liberty case law update, February ...Mental health, capacity and deprivation of liberty case law update, February ...
Mental health, capacity and deprivation of liberty case law update, February ...
 

Recently uploaded

Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书1k98h0e1
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791BlayneRush1
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书SD DS
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsAbdul-Hakim Shabazz
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Companyaneesashraf6
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaAbheet Mangleek
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书Fir L
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxNeeteshKumar71
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesHome Tax Saver
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书SD DS
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书FS LS
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeBlayneRush1
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementShubhiSharma858417
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》o8wvnojp
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiBlayneRush1
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceMichael Cicero
 
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书srst S
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书SD DS
 

Recently uploaded (20)

Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Company
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in India
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptx
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax Rates
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreement
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
 
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
 

Implementing GDPR Health Sector

  • 1. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn How to implement GDPR for the health sector
  • 2. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Connect with Dmitrije dmitrije.sirovica@brownejacobson.com +44 (0)115 976 6238 Connect with Gerard gerard.hanratty@brownejacobson.com +44 (0)330 045 2159 How to implement GDPR for the health sector
  • 3. for news, legal updates, real opinions and training: https://www.linkedin.com/company /health-and-social-care follow our showcase page…
  • 4. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • key definitions • legal grounds for processing • guidance and tips • questions GDPR
  • 5. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn – achieve consistency with the existing system for ensuring privacy online • nine substantive chapters - including specific data processing provisions on health • GDPR applies from 25 May 2018 • creates a level-ish playing field across EU • new elements contain measures that: – harmonise data protection procedures and enforcement across the EU What is the GDPR?
  • 6. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • Status, duties and powers of national supervisory authorities • Co-operation and consistency between member states • Remedies, liabilities and sanctions • Provisions relating to specific data processing situations (including health) The nine chapters, cover: • General Provisions • Data protection principles • Rights of the data subject • Obligations on controllers and processors • Transfer of personal data to third countries Structure of the GDPR
  • 7. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • retention • rights • security • cross-border transfers Broad principles remain • lawful basis • fairness • purpose limitation • data minimisation • accuracy Similarities
  • 8. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • accountability and demonstrating compliance • enhanced transparency and fair processing requirements • requirement for a Data Protection Officer (DPO) for all public authorities • stricter consent requirements What is new?
  • 9. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • mandatory breach reporting – to the ICO and data subjects • significant increase in sanctions • direct liability for data processors • Data Protection Impact Assessments, and requirements of privacy by design and by default • records of processing What is new?
  • 10. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn “Personal data relating to the inherited or acquired genetic characteristics of a person which give unique information about their physiology or the health of that person and which results, in particular, from an analysis of a biological sample from the person in questions” Genetic data
  • 11. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn “Personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a person, which all or confirm the unique identification of that person, such as facial images or fingerprint data” Biometric data
  • 12. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn “Personal data related to the physical or mental health of a person, including the provision of health care services, which reveal information about his or her health status” Data concerning health
  • 13. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • lawfully, fairly and transparently processed – fair processing or privacy notice – being clear Data protection principles
  • 14. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • processed for a specific, explicit and legitimate purpose – why are you processing? – what is the purpose? Data protection principles
  • 15. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • adequate, relevant and limited to what is necessary in relation to the purpose(s) – data minimisation – only keep what you need Data protection principles
  • 16. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • accurate and, where necessary, kept up to date – reasonable steps should be taken • only kept for as long as is necessary for the purpose Data protection principles
  • 17. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Personal data must be: • processed using appropriate technical and organisational measures – data security Data protection principles
  • 18. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn a) consent of the data subject (must be clear affirmation) b) processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract c) processing is necessary for compliance with a legal obligation d) processing is necessary to protect the vital interests of a data subject or another person Lawful basis for processing personal data 6(1)
  • 19. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller f) necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject (does not apply to public authorities) Lawful basis for processing personal data 6(1)
  • 20. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn a) explicit consent of the data subject, unless reliance on consent is prohibited by EU or Member State law b) processing is necessary for carrying out obligations under employment, social security or social protection law, or a collective agreement c) processing is necessary to protect the vital interests of a data subject or another individual where the data subject is physically or legally incapable of giving consent Lawful basis for processing special category personal data 9 (2)
  • 21. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn d) processing carried out by a not-for-profit body with a political, philosophical, religious or trade union aim provided the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes) and provided there is no disclosure to a third party without consent e) processing relates to personal data manifestly made public by the data subject f) processing is necessary for the establishment, exercise or defence of legal claims or where courts are acting in their judicial capacity Lawful basis for processing special category personal data 9 (2)
  • 22. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn g) processing is necessary for reasons of substantial public interest on the basis of Union or Member State law which is proportionate to the aim pursued and which contains appropriate safeguards h) processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or a contract with a health professional Lawful basis for processing special category personal data 9 (2)
  • 23. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn i) relates to public interest in the area of public health j) processing is necessary for archiving purposes in the public interest, or scientific and historical research purposes or statistical purposes in accordance with Article 89(1) Lawful basis for processing special category personal data 9 (2)
  • 24. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Consent “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”
  • 25. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Conditions for Consent • Controller must be able to demonstrate that the data subject has consented • The request for consent must be clearly distinguishable from other matters, and presented in a manner clearly distinguishable from other matters in an intelligible and easily accessible form, using clear and plain language • The withdrawal of consent must be as easy as the grant of consent • Consent is not to be regarded as freely given if there is no genuine or free choice or is unable to withdraw consent without detriment
  • 26. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn 1. Right to information – fair processing notice 2. Subject access rights – free – one month to comply Individuals’ rights
  • 27. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn 3. Right to rectification – data accuracy 4. Right to be forgotten – right to erasure in certain circumstances 5. Right to restrict processing Individuals’ rights
  • 28. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn 6. Right to data portability – ability to move data 7. Right to object – right to erasure in certain circumstances 8. Rights in relation to automated decision making and profiling Individuals’ rights
  • 29. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn Contracts between data controllers and data processors must include: • subject matter and duration of processing • nature and purpose of processing • type of personal data and categories of data subject • obligations and rights of the controller Contractual requirements
  • 30. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • act only on written instructions of the controller • ensure that people processing the data are subject to a duty of confidence • take appropriate measures to ensure the security of processing • only engage a sub-processor with the prior consent of the data controller and a written contract Processors must
  • 31. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • assist the data controller in providing subject access and allow data subjects to exercise their rights under the GDPR • assist the data controller in meeting its GDPR obligations in relation to the security of processing, notification of personal data breaches and data protection impact assessments Processors must
  • 32. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • delete or return all personal data to the controller as requested at the end of the contract Processors must
  • 33. Join in the conversation #GenerationGDPR Connect with our experts | LinkedIn • submit to audits and inspections, provide the controller with whatever information it needs to ensure that they are both meeting their Article 28 obligations, and tell the controller immediately if it is asked to do something infringing the GDPR or other data protection law of the EU or a member state Processors must