SlideShare a Scribd company logo
GDPR AND DATA PROTECTION:
WHAT DO CANCER ADVOCATES
NEED TO KNOW?
Julius Zaleskis, PhD
Founder of Dataprotection.lt
Lecturer at Vilnius University, Lithuania
info@dataprotection.lt
Content
 1. Key elements of GDPR
 2. How GDPR protects cancer patients?
 3. How cancer patient organisations should comply with GDPR?
 4. Patients related GDPR case study
12/07/2019 2
1. Key elements of GDPR
 What does GDPR language mean?
 When GDPR is relevant for cancer patient organisations?
 Which parts of GDPR are old?
 Which parts of GDPR are new?
 Does GDPR already work?
12/07/2019 3
What does GDPR language mean?
 Data (personal data)
 Data controller
 Data processing
 Data processor
 Data subject
 Data protection authority (DPA)
 Data protection officer (DPO)
 European Economic Area (EEA)
 General Data Protection Regulation (2016/679) (GDPR)
 Special categories of data (sensitive data)
12/07/2019 4
When GDPR is relevant for cancer patient
organisations?
 Collection, use and retention of data
 Healthcare service providers & cancer patient organisations as data controllers
 Patients as data subjects
 Entities established in EEA
 Entities targeting patients in EEA
 Applicability as of 25 May 2018
12/07/2019 5
Which parts of GDPR are old?
 Scope of data (Art. 4(1))
 Data processing principles (Art. 5(1))
 Data processing grounds (Art. 6(1))
 Rights of data subjects (Chapter III)
 Prohibition of sensitive data processing (Art. 9(1))
 Restriction to transfer data outside EEA (Chapter V)
12/07/2019 6
Which parts of GDPR are new?
 Representation of data subjects (Art. 80)
 Data protection officer (Chapter IV Section 4)
 Data protection impact assessments (Art. 35)
 Prior consultations with DPAs (Art. 36)
 Data breach notifications to DPAs (Art. 33) and data subjects (Art. 34)
 Accountability (Art. 5(2))
 Fines (4% of annual turnover / EUR 20 million) (Art. 83)
 Right to data portability (Art. 20)
 Data processor agreements (Art. 28)
 Data processing records (Art. 30)
 European Data Protection Board (Chapter VII Section 3)
 Applicability to non-EEA data controllers (Art. 3(2))
 Promotion of self-regulation (Chapter IV Section 5)
12/07/2019 7
Does GDPR already work?
 February 2019: 55 955 871 EUR issued in fines (data by European Data Protection Board)
 France: 3 fines, 50 400 000 EUR
 Germany: 100 fines, 483 500 EUR
 Portugal: 1 fine, 400 000 EUR
 Denmark: 2 fines, 360 850 EUR
 Spain: 4 fines, 342 000 EUR
12/07/2019 8
2. How GDPR protects cancer patients?
 Prohibition of health data
 Prohibition of genetic data
 In which exceptional cases health and genetic data can processed?
 How does a patient consent have to look like?
 What information a cancer patient has a right to know?
 What rights cancer patients enjoy?
 How can patient rights be advocated?
12/07/2019 9
Prohibition of health data
 All data pertaining to the health status
 Past, current or future physical or mental health status
 Information about the natural person collected in the course of the registration for, or the
provision of, health care services as referred to in Directive 2011/24/EU
 A number, symbol or particular assigned to a natural person to uniquely identify the natural
person for health purposes
 Information derived from the testing or examination of a body part or bodily substance, including
from genetic data and biological samples
 Any information on a disease, disability, disease risk, medical history, clinical treatment
 Physiological or biomedical state of the data subject
 Source does not matter (a physician or other health professional, a hospital, a medical device or
an in vitro diagnostic test)
12/07/2019 10
Prohibition of genetic data
 Personal data relating to the inherited or acquired genetic characteristics of a natural person
 Results from the analysis of a biological sample from the natural person
 E.g.: chromosomal, deoxyribonucleic acid (DNA) or ribonucleic acid (RNA) analysis, or the
analysis of another element enabling equivalent information to be obtained
12/07/2019 11
In which exceptional cases health and genetic data
can processed?
 Explicit consent of a patient
 Members of associations
 Protection of vital interests of the data subject or of another natural person where the data
subject is physically or legally incapable of giving consent
 Data manifestly made public by the data subject
 Establishment, exercise or defence of legal claims
 Reasons of substantial public interest on the basis of law
 Healthcare services
 Reasons of public interest in the area of public health
 Scientific research purposes on the basis of law
12/07/2019 12
Exception of healthcare services
 Necessity:
• to achieve the purposes for the benefit of natural persons
 Specific purposes:
• Preventive medicine
• Occupational medicine
• Assessment of the working capacity of the employee
• Medical diagnosis
• Treatment
• Provision or management of health or social care systems and services
 Specific legal basis:
• EU, Member State law or a contract with a health professional
 Specific data controller:
• Professional subject to the obligation of professional secrecy under law
 Further national conditions, including limitations, possible
12/07/2019 13
Exception of public health reasons
12/07/2019 14
 Necessity:
• to achieve the purposes of society as a whole
 Specific purposes:
• protecting against serious cross-border threats to health
• ensuring high standards of quality and safety of health care, medicinal products or medical devices
• other reasons of public health
 Concept of public health:
• health status, including morbidity and disability, the determinants having an effect on that health status
• health care needs
• resources allocated to health care
• the provision of, and universal access to, health care
• health care expenditure and financing
• the causes of mortality
 Specific legal basis
• EU or Member State law
 No access by third parties (employers, insurance and banking companies, etc.)
How does a patient consent have to look like?
12/07/2019 15
 Freely given
 Specific / granular
 Unambiguous
 Informed
 Provable
 Revocable
What information a cancer patient has a right to
know?
12/07/2019 16
 Identity and contact details of the data controller
 Data processing purposes
 Grounds of lawful data processing
 Data retention periods
 Rights of the data subjects
 Right to file a complaint with DPA
 Whether the data subject is obliged to provide the personal data
 The right to withdraw consent at any time
 Specific interests of the data controller or a third party
 The existence of automated decision-making, including profilig, the logic involved, envisaged
consequences of such processing
 The recipients or categories of recipients of the personal data
 Transfer of data to a third country or international organisation and the ground thereof
 Contact details of the DPO
What rights cancer patients enjoy?
12/07/2019 17
 Right of access
 Right to rectification
 Right to be forgotten
 Right to restriction of processing
 Right to data portability
 Right to object to data processing
 Right not be subject to automated individual decision-making, including profiling
How can patient rights be advocated?
12/07/2019 18
 Complaints with DPAs
 Administrative fines
 Civil law claims for compensation
 Representation by cancer advocates:
• not-for-profit body, organisation or association
• properly constituted in accordance with the law
• statutory objectives which are in the public interest
• active in the field of the protection of data subjects' rights and freedoms
• mandated by data subjects
• right to lodge a complaint or receive a compensation
3. How cancer patient organisations should comply
with GDPR?
12/07/2019 19
 Conduct GDPR compliance audit
 Follow principles
 Establish procedures
 Consult DPO
 Revise IT security
 Educate staff
Conduct GDPR compliance audit
12/07/2019 20
 Make an inventory of data based on purposes of their use
 Review internal procedures and documentation
 Check compliance of inventorised data with GDPR principles
 Identify and prioritize risks
 Draw a roadmap for compliance
Follow principles
12/07/2019 21
 Specific and clear purpose of data
 As less data as possible
 Access on a need to know basis
 As less actions with data as possible
 At least one ground for processing
 Clear data deletion periods
 Transparency
 Respect for rights of individuals
 Accuracy
 Implement technical and organization security means
At least one ground for processing
12/07/2019 22
 Consent of a data subject
 Contract with a data subject
 Legal obligation
 Vital interests of a data subject
 Public authority
 Legitimate interests of a patient organization
• Where interests of a data subject are not more important
• Need for a documented balancing test
Establish procedures
12/07/2019 23
 Personal data protection policy
 Consulting DPO
 Data subject requests
 Data protection impact assessments
 Data disclosures
 Provision of information to data subjects
 Data breaches
 Data processing records
 DPA inquiries
 Data protection documentation
 IT & Data security policy
Consult DPO
12/07/2019 24
 Doubts on how to comply
 Questions re internal rules and documents
 Belief that a violation occurred
 Belief that a security breach occurred
 Intention to develop data-related functionality or process
 Intention to grant access to data to someone from outside
 Doubts on whether users are informed
 Intention to use sensitive data
 Intention to monitor working tools or accounts
 Awareness of an inquiry from DPA
 Awareness of a data subject request
 Need for new documents
 Noticing of discrepancy in data processing records
Revise IT security
12/07/2019 25
 Abstract principle of appropriate security of the personal data, including protection against
unauthorised, unlawful processing, against accidental loss, destruction or damage (Art. 5(1)(f))
 Abstract requirement to implement appropriate technical and organisational measures to ensure
a level of security appropriate to the risk (Art. 32)
 No specific technical standards – this is a responsibility of a data controller
 Data security means promoted by Art. 32 of GDPR:
• the pseudonymisation and encryption of personal data;
• the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and
services;
• the ability to restore the availability and access to personal data in a timely manner in the event of a physical or
technical incident;
• a process for regularly testing, assessing and evaluating the effectiveness of measures
• authorisations to process data
 Need for IT assessment and IT security policy (Art. 5(2))
 ENISA’s Handbook on Security of Personal Data Processing as a good practice (2018)
Educate staff
12/07/2019 26
 Top management
 Legal
 Medical
 Accountancy
 Security
 Marketing
 HR
 Data analytics
 IT
4. Patients related GDPR case study
12/07/2019 27
 Centro Hospitalar Barreiro Montijo was investigated by Portuguese DPA
 9 administrative staff members had same rights of access to full medical records as doctors
 All doctors had access to full medical records notwithstanding their areas of practice
 There were 985 systems users with access to medical records while there were 296 doctors at
the hospital the time of investigation
 No policy on access to patients data was adopted
Assess the situation from GDPR perspective
12/07/2019 28
 Excessive access to patient records breached data confidentiality principle (Art 5(1)(f))
 Lack of access rights management breached the requirement of appropriate technical and
orgnisational security means (Art. 32)
 Fine of EUR 400 000 was imposed

More Related Content

What's hot

'THE RIGHTS OF “RARE”' by Dr. Wendy Lipworth - Sick or Treat Sessions
'THE RIGHTS OF “RARE”' by Dr. Wendy Lipworth - Sick or Treat Sessions'THE RIGHTS OF “RARE”' by Dr. Wendy Lipworth - Sick or Treat Sessions
'THE RIGHTS OF “RARE”' by Dr. Wendy Lipworth - Sick or Treat Sessions
RareCancersAustralia
 
Presentation for EPEMED Webinar (11-27-12) Final
Presentation for EPEMED Webinar (11-27-12) FinalPresentation for EPEMED Webinar (11-27-12) Final
Presentation for EPEMED Webinar (11-27-12) Final
Stig Albinus
 
Rare disease caucus
Rare disease caucusRare disease caucus
Rare disease caucus
Other Mother
 
Andrew Powrie-Smith (EFPIA) for European Patients' Rights Day
Andrew Powrie-Smith (EFPIA) for European Patients' Rights DayAndrew Powrie-Smith (EFPIA) for European Patients' Rights Day
Andrew Powrie-Smith (EFPIA) for European Patients' Rights Day
Cittadinanzattiva onlus
 
The role of real world data and evidence in building a sustainable & efficien...
The role of real world data and evidence in building a sustainable & efficien...The role of real world data and evidence in building a sustainable & efficien...
The role of real world data and evidence in building a sustainable & efficien...
Office of Health Economics
 
The future of patient data the danish perspective 2018
The future of patient data   the danish perspective 2018The future of patient data   the danish perspective 2018
The future of patient data the danish perspective 2018
Future Agenda
 
Value based care.
Value based care.Value based care.
Value based care.
Ahimanikya Satapathy
 
The involvement of patients and survivors in volunteer advocacy survey
The involvement of patients and survivors in volunteer advocacy surveyThe involvement of patients and survivors in volunteer advocacy survey
The involvement of patients and survivors in volunteer advocacy survey
Canadian Cancer Survivor Network
 
Ira Klein, Can Value-based Contracting Work for Pharma Companies?
Ira Klein, Can Value-based Contracting Work for Pharma Companies?Ira Klein, Can Value-based Contracting Work for Pharma Companies?
Ira Klein, Can Value-based Contracting Work for Pharma Companies?
The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics
 
mHealth Israel_Mony Weschler_Montefiore_How Data Exchange Is Essential In Sup...
mHealth Israel_Mony Weschler_Montefiore_How Data Exchange Is Essential In Sup...mHealth Israel_Mony Weschler_Montefiore_How Data Exchange Is Essential In Sup...
mHealth Israel_Mony Weschler_Montefiore_How Data Exchange Is Essential In Sup...
Levi Shapiro
 
Aaron S. Kesselheim, Prescription Drug Prices and "Value"
Aaron S. Kesselheim, Prescription Drug Prices and "Value"Aaron S. Kesselheim, Prescription Drug Prices and "Value"
Aaron S. Kesselheim, Prescription Drug Prices and "Value"
The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics
 
The Role of Telehealth in Emerging Models of Care
The Role of Telehealth in Emerging Models of CareThe Role of Telehealth in Emerging Models of Care
The Role of Telehealth in Emerging Models of Care
Health Informatics New Zealand
 
Including Patients in the Value Equation
Including Patients in the Value EquationIncluding Patients in the Value Equation
Including Patients in the Value Equation
flasco_org
 
Physician Leadership in Medicine's New Age
Physician Leadership in Medicine's New AgePhysician Leadership in Medicine's New Age
Physician Leadership in Medicine's New Age
flasco_org
 
What have we learned from NCCN Value Tools?
What have we learned from NCCN Value Tools?What have we learned from NCCN Value Tools?
What have we learned from NCCN Value Tools?
flasco_org
 
EPIS meeting - Dr Derick Mitchell - October 2017
EPIS meeting - Dr Derick Mitchell - October 2017EPIS meeting - Dr Derick Mitchell - October 2017
EPIS meeting - Dr Derick Mitchell - October 2017
ipposi
 
How to ensure the best utilisation of healthcare resources in Ireland - the e...
How to ensure the best utilisation of healthcare resources in Ireland - the e...How to ensure the best utilisation of healthcare resources in Ireland - the e...
How to ensure the best utilisation of healthcare resources in Ireland - the e...
Irish Pharmaceutical Healthcare Association (IPHA)
 
How Effective is the Public in Influencing HTA Decisions?
How Effective is the Public in Influencing HTA Decisions?How Effective is the Public in Influencing HTA Decisions?
How Effective is the Public in Influencing HTA Decisions?
Kathi Apostolidis
 
Jornadas #PatientInHTA · Tamas Bereczky
Jornadas #PatientInHTA · Tamas BereczkyJornadas #PatientInHTA · Tamas Bereczky
Jornadas #PatientInHTA · Tamas Bereczky
Instituto Aragonés de Ciencias de la Salud - IACS
 
19. nguyen hoang lan
19. nguyen hoang lan19. nguyen hoang lan
19. nguyen hoang lan
BinhThang
 

What's hot (20)

'THE RIGHTS OF “RARE”' by Dr. Wendy Lipworth - Sick or Treat Sessions
'THE RIGHTS OF “RARE”' by Dr. Wendy Lipworth - Sick or Treat Sessions'THE RIGHTS OF “RARE”' by Dr. Wendy Lipworth - Sick or Treat Sessions
'THE RIGHTS OF “RARE”' by Dr. Wendy Lipworth - Sick or Treat Sessions
 
Presentation for EPEMED Webinar (11-27-12) Final
Presentation for EPEMED Webinar (11-27-12) FinalPresentation for EPEMED Webinar (11-27-12) Final
Presentation for EPEMED Webinar (11-27-12) Final
 
Rare disease caucus
Rare disease caucusRare disease caucus
Rare disease caucus
 
Andrew Powrie-Smith (EFPIA) for European Patients' Rights Day
Andrew Powrie-Smith (EFPIA) for European Patients' Rights DayAndrew Powrie-Smith (EFPIA) for European Patients' Rights Day
Andrew Powrie-Smith (EFPIA) for European Patients' Rights Day
 
The role of real world data and evidence in building a sustainable & efficien...
The role of real world data and evidence in building a sustainable & efficien...The role of real world data and evidence in building a sustainable & efficien...
The role of real world data and evidence in building a sustainable & efficien...
 
The future of patient data the danish perspective 2018
The future of patient data   the danish perspective 2018The future of patient data   the danish perspective 2018
The future of patient data the danish perspective 2018
 
Value based care.
Value based care.Value based care.
Value based care.
 
The involvement of patients and survivors in volunteer advocacy survey
The involvement of patients and survivors in volunteer advocacy surveyThe involvement of patients and survivors in volunteer advocacy survey
The involvement of patients and survivors in volunteer advocacy survey
 
Ira Klein, Can Value-based Contracting Work for Pharma Companies?
Ira Klein, Can Value-based Contracting Work for Pharma Companies?Ira Klein, Can Value-based Contracting Work for Pharma Companies?
Ira Klein, Can Value-based Contracting Work for Pharma Companies?
 
mHealth Israel_Mony Weschler_Montefiore_How Data Exchange Is Essential In Sup...
mHealth Israel_Mony Weschler_Montefiore_How Data Exchange Is Essential In Sup...mHealth Israel_Mony Weschler_Montefiore_How Data Exchange Is Essential In Sup...
mHealth Israel_Mony Weschler_Montefiore_How Data Exchange Is Essential In Sup...
 
Aaron S. Kesselheim, Prescription Drug Prices and "Value"
Aaron S. Kesselheim, Prescription Drug Prices and "Value"Aaron S. Kesselheim, Prescription Drug Prices and "Value"
Aaron S. Kesselheim, Prescription Drug Prices and "Value"
 
The Role of Telehealth in Emerging Models of Care
The Role of Telehealth in Emerging Models of CareThe Role of Telehealth in Emerging Models of Care
The Role of Telehealth in Emerging Models of Care
 
Including Patients in the Value Equation
Including Patients in the Value EquationIncluding Patients in the Value Equation
Including Patients in the Value Equation
 
Physician Leadership in Medicine's New Age
Physician Leadership in Medicine's New AgePhysician Leadership in Medicine's New Age
Physician Leadership in Medicine's New Age
 
What have we learned from NCCN Value Tools?
What have we learned from NCCN Value Tools?What have we learned from NCCN Value Tools?
What have we learned from NCCN Value Tools?
 
EPIS meeting - Dr Derick Mitchell - October 2017
EPIS meeting - Dr Derick Mitchell - October 2017EPIS meeting - Dr Derick Mitchell - October 2017
EPIS meeting - Dr Derick Mitchell - October 2017
 
How to ensure the best utilisation of healthcare resources in Ireland - the e...
How to ensure the best utilisation of healthcare resources in Ireland - the e...How to ensure the best utilisation of healthcare resources in Ireland - the e...
How to ensure the best utilisation of healthcare resources in Ireland - the e...
 
How Effective is the Public in Influencing HTA Decisions?
How Effective is the Public in Influencing HTA Decisions?How Effective is the Public in Influencing HTA Decisions?
How Effective is the Public in Influencing HTA Decisions?
 
Jornadas #PatientInHTA · Tamas Bereczky
Jornadas #PatientInHTA · Tamas BereczkyJornadas #PatientInHTA · Tamas Bereczky
Jornadas #PatientInHTA · Tamas Bereczky
 
19. nguyen hoang lan
19. nguyen hoang lan19. nguyen hoang lan
19. nguyen hoang lan
 

Similar to 0303 Julius Zaleskis - GDPR and data protection for cancer advocates

Legal barriers to better use of health data to deliver pharmaceutical innovation
Legal barriers to better use of health data to deliver pharmaceutical innovationLegal barriers to better use of health data to deliver pharmaceutical innovation
Legal barriers to better use of health data to deliver pharmaceutical innovation
Office of Health Economics
 
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationThe U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
Cognizant
 
GDPR Presentation
GDPR PresentationGDPR Presentation
GDPR Presentation
CILIP Ireland
 
Protection of patient data in EU vs. US
Protection of patient data in EU vs. USProtection of patient data in EU vs. US
Protection of patient data in EU vs. US
Erik R. Ranschaert, MD, PhD
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018
amirhannan
 
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient InformationData Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
ClinosolIndia
 
Why merging medical records, hospital reports, and clinical trial data is a v...
Why merging medical records, hospital reports, and clinical trial data is a v...Why merging medical records, hospital reports, and clinical trial data is a v...
Why merging medical records, hospital reports, and clinical trial data is a v...
Arete-Zoe, LLC
 
Data Privacy Laws in Vietnam - The Basics & Guidance For Practical Handling
Data Privacy Laws in Vietnam - The Basics & Guidance For Practical HandlingData Privacy Laws in Vietnam - The Basics & Guidance For Practical Handling
Data Privacy Laws in Vietnam - The Basics & Guidance For Practical Handling
Dr. Oliver Massmann
 
Pdpa presentation
Pdpa presentationPdpa presentation
Pdpa presentation
Alan Teh
 
Confidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health CareConfidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health Care
Vaileth Mdete
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulation
N N
 
Key Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection RegulationKey Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection Regulation
Olivier Vandeputte
 
Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?
Edouard Nguyen
 
Data Privacy and consent management .. .
Data Privacy and consent management  ..  .Data Privacy and consent management  ..  .
Data Privacy and consent management .. .
ClinosolIndia
 
Data privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptxData privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptx
kandalamsailaja17
 
GDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
GDPR - Thoughts on the EU Data Protection Regulation, Research and LibrariesGDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
GDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
LIBER Europe
 
Master thesis defence Merve Şimşek
Master thesis defence Merve ŞimşekMaster thesis defence Merve Şimşek
Master thesis defence Merve Şimşek
MIPLM
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPR
Nupur Samaddar
 
Medical device data protection and security
Medical device data protection and security Medical device data protection and security
Medical device data protection and security
Erik Vollebregt
 
[DSC Adria 23]Josema Cavanillas How To Mitigate the Exposure Risk in Clinical...
[DSC Adria 23]Josema Cavanillas How To Mitigate the Exposure Risk in Clinical...[DSC Adria 23]Josema Cavanillas How To Mitigate the Exposure Risk in Clinical...
[DSC Adria 23]Josema Cavanillas How To Mitigate the Exposure Risk in Clinical...
DataScienceConferenc1
 

Similar to 0303 Julius Zaleskis - GDPR and data protection for cancer advocates (20)

Legal barriers to better use of health data to deliver pharmaceutical innovation
Legal barriers to better use of health data to deliver pharmaceutical innovationLegal barriers to better use of health data to deliver pharmaceutical innovation
Legal barriers to better use of health data to deliver pharmaceutical innovation
 
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationThe U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
 
GDPR Presentation
GDPR PresentationGDPR Presentation
GDPR Presentation
 
Protection of patient data in EU vs. US
Protection of patient data in EU vs. USProtection of patient data in EU vs. US
Protection of patient data in EU vs. US
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018
 
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient InformationData Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
 
Why merging medical records, hospital reports, and clinical trial data is a v...
Why merging medical records, hospital reports, and clinical trial data is a v...Why merging medical records, hospital reports, and clinical trial data is a v...
Why merging medical records, hospital reports, and clinical trial data is a v...
 
Data Privacy Laws in Vietnam - The Basics & Guidance For Practical Handling
Data Privacy Laws in Vietnam - The Basics & Guidance For Practical HandlingData Privacy Laws in Vietnam - The Basics & Guidance For Practical Handling
Data Privacy Laws in Vietnam - The Basics & Guidance For Practical Handling
 
Pdpa presentation
Pdpa presentationPdpa presentation
Pdpa presentation
 
Confidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health CareConfidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health Care
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulation
 
Key Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection RegulationKey Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection Regulation
 
Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?
 
Data Privacy and consent management .. .
Data Privacy and consent management  ..  .Data Privacy and consent management  ..  .
Data Privacy and consent management .. .
 
Data privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptxData privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptx
 
GDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
GDPR - Thoughts on the EU Data Protection Regulation, Research and LibrariesGDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
GDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
 
Master thesis defence Merve Şimşek
Master thesis defence Merve ŞimşekMaster thesis defence Merve Şimşek
Master thesis defence Merve Şimşek
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPR
 
Medical device data protection and security
Medical device data protection and security Medical device data protection and security
Medical device data protection and security
 
[DSC Adria 23]Josema Cavanillas How To Mitigate the Exposure Risk in Clinical...
[DSC Adria 23]Josema Cavanillas How To Mitigate the Exposure Risk in Clinical...[DSC Adria 23]Josema Cavanillas How To Mitigate the Exposure Risk in Clinical...
[DSC Adria 23]Josema Cavanillas How To Mitigate the Exposure Risk in Clinical...
 

More from Workgroup of European Cancer Patient Advocacy Networks

Clinical Benefit from a patient's perspective
Clinical Benefit from a patient's perspective Clinical Benefit from a patient's perspective
Clinical Benefit from a patient's perspective
Workgroup of European Cancer Patient Advocacy Networks
 
A patient perspective from the Cancer Mission Board.
A patient perspective from the Cancer Mission Board.A patient perspective from the Cancer Mission Board.
A patient perspective from the Cancer Mission Board.
Workgroup of European Cancer Patient Advocacy Networks
 
Supporting rare cancer patients' journey through national cancer control plans
Supporting rare cancer patients' journey through national cancer control plansSupporting rare cancer patients' journey through national cancer control plans
Supporting rare cancer patients' journey through national cancer control plans
Workgroup of European Cancer Patient Advocacy Networks
 
0201a pemberton w how to create evidence for advocacy impact 1.1
0201a pemberton w   how to create evidence for advocacy impact 1.10201a pemberton w   how to create evidence for advocacy impact 1.1
0201a pemberton w how to create evidence for advocacy impact 1.1
Workgroup of European Cancer Patient Advocacy Networks
 
0201 rachford pemberton w - using evidence to create advocacy impact 1.1
0201 rachford pemberton w - using evidence to create advocacy impact 1.10201 rachford pemberton w - using evidence to create advocacy impact 1.1
0201 rachford pemberton w - using evidence to create advocacy impact 1.1
Workgroup of European Cancer Patient Advocacy Networks
 
0201b rachford using qualitative and quantitative data how to structure you...
0201b rachford   using qualitative and quantitative data how to structure you...0201b rachford   using qualitative and quantitative data how to structure you...
0201b rachford using qualitative and quantitative data how to structure you...
Workgroup of European Cancer Patient Advocacy Networks
 
0201b rachford using qualitative and quantitative data how to structure you...
0201b rachford   using qualitative and quantitative data how to structure you...0201b rachford   using qualitative and quantitative data how to structure you...
0201b rachford using qualitative and quantitative data how to structure you...
Workgroup of European Cancer Patient Advocacy Networks
 
0406 Spurrier and Ryll: Interpreting scientific data
0406   Spurrier and Ryll: Interpreting scientific data0406   Spurrier and Ryll: Interpreting scientific data
0406 Spurrier and Ryll: Interpreting scientific data
Workgroup of European Cancer Patient Advocacy Networks
 
0207 1 Luca Mazzarella - precision medicine
0207 1 Luca Mazzarella - precision medicine0207 1 Luca Mazzarella - precision medicine
0207 1 Luca Mazzarella - precision medicine
Workgroup of European Cancer Patient Advocacy Networks
 
0403 1 Stefan Weber - approaches to value and pricing
0403 1 Stefan Weber - approaches to value and pricing0403 1 Stefan Weber - approaches to value and pricing
0403 1 Stefan Weber - approaches to value and pricing
Workgroup of European Cancer Patient Advocacy Networks
 
0407 Jan Geissler - WECAN Academy - What we have learned?
0407 Jan Geissler - WECAN Academy - What we have learned?0407 Jan Geissler - WECAN Academy - What we have learned?
0407 Jan Geissler - WECAN Academy - What we have learned?
Workgroup of European Cancer Patient Advocacy Networks
 
0405 Bettina Rryll - The clinical trials we want!
0405  Bettina Rryll - The clinical trials we want! 0405  Bettina Rryll - The clinical trials we want!
0405 Bettina Rryll - The clinical trials we want!
Workgroup of European Cancer Patient Advocacy Networks
 
0403 2 Zack PembertonW - Approaches to value and pricing
0403 2 Zack PembertonW - Approaches to value and pricing0403 2 Zack PembertonW - Approaches to value and pricing
0403 2 Zack PembertonW - Approaches to value and pricing
Workgroup of European Cancer Patient Advocacy Networks
 
0402 Anna Wagstaff - Not being victim of hidden agenda
0402 Anna Wagstaff - Not being victim of hidden agenda0402 Anna Wagstaff - Not being victim of hidden agenda
0402 Anna Wagstaff - Not being victim of hidden agenda
Workgroup of European Cancer Patient Advocacy Networks
 
0401 2 Ananda Plate - Patient Preferences
0401 2 Ananda Plate - Patient Preferences0401 2 Ananda Plate - Patient Preferences
0401 2 Ananda Plate - Patient Preferences
Workgroup of European Cancer Patient Advocacy Networks
 
0401 1 Denis Costello - Patient Generated Data
0401 1 Denis Costello - Patient Generated Data0401 1 Denis Costello - Patient Generated Data
0401 1 Denis Costello - Patient Generated Data
Workgroup of European Cancer Patient Advocacy Networks
 
0307 Mary Wang - Biobanks and registries
0307 Mary Wang - Biobanks and registries0307 Mary Wang - Biobanks and registries
0307 Mary Wang - Biobanks and registries
Workgroup of European Cancer Patient Advocacy Networks
 
0306 2 Madelaine Pe - Analysing and Comparing PRO
0306 2 Madelaine Pe - Analysing and Comparing PRO0306 2 Madelaine Pe - Analysing and Comparing PRO
0306 2 Madelaine Pe - Analysing and Comparing PRO
Workgroup of European Cancer Patient Advocacy Networks
 
0306 1 Sergio Diaz - Patient Reported Outcomes
0306 1 Sergio Diaz - Patient Reported Outcomes0306 1 Sergio Diaz - Patient Reported Outcomes
0306 1 Sergio Diaz - Patient Reported Outcomes
Workgroup of European Cancer Patient Advocacy Networks
 
0305 Spurrier - Ryll - Astratinei - Early access to new therapies spurrier - ...
0305 Spurrier - Ryll - Astratinei - Early access to new therapies spurrier - ...0305 Spurrier - Ryll - Astratinei - Early access to new therapies spurrier - ...
0305 Spurrier - Ryll - Astratinei - Early access to new therapies spurrier - ...
Workgroup of European Cancer Patient Advocacy Networks
 

More from Workgroup of European Cancer Patient Advocacy Networks (20)

Clinical Benefit from a patient's perspective
Clinical Benefit from a patient's perspective Clinical Benefit from a patient's perspective
Clinical Benefit from a patient's perspective
 
A patient perspective from the Cancer Mission Board.
A patient perspective from the Cancer Mission Board.A patient perspective from the Cancer Mission Board.
A patient perspective from the Cancer Mission Board.
 
Supporting rare cancer patients' journey through national cancer control plans
Supporting rare cancer patients' journey through national cancer control plansSupporting rare cancer patients' journey through national cancer control plans
Supporting rare cancer patients' journey through national cancer control plans
 
0201a pemberton w how to create evidence for advocacy impact 1.1
0201a pemberton w   how to create evidence for advocacy impact 1.10201a pemberton w   how to create evidence for advocacy impact 1.1
0201a pemberton w how to create evidence for advocacy impact 1.1
 
0201 rachford pemberton w - using evidence to create advocacy impact 1.1
0201 rachford pemberton w - using evidence to create advocacy impact 1.10201 rachford pemberton w - using evidence to create advocacy impact 1.1
0201 rachford pemberton w - using evidence to create advocacy impact 1.1
 
0201b rachford using qualitative and quantitative data how to structure you...
0201b rachford   using qualitative and quantitative data how to structure you...0201b rachford   using qualitative and quantitative data how to structure you...
0201b rachford using qualitative and quantitative data how to structure you...
 
0201b rachford using qualitative and quantitative data how to structure you...
0201b rachford   using qualitative and quantitative data how to structure you...0201b rachford   using qualitative and quantitative data how to structure you...
0201b rachford using qualitative and quantitative data how to structure you...
 
0406 Spurrier and Ryll: Interpreting scientific data
0406   Spurrier and Ryll: Interpreting scientific data0406   Spurrier and Ryll: Interpreting scientific data
0406 Spurrier and Ryll: Interpreting scientific data
 
0207 1 Luca Mazzarella - precision medicine
0207 1 Luca Mazzarella - precision medicine0207 1 Luca Mazzarella - precision medicine
0207 1 Luca Mazzarella - precision medicine
 
0403 1 Stefan Weber - approaches to value and pricing
0403 1 Stefan Weber - approaches to value and pricing0403 1 Stefan Weber - approaches to value and pricing
0403 1 Stefan Weber - approaches to value and pricing
 
0407 Jan Geissler - WECAN Academy - What we have learned?
0407 Jan Geissler - WECAN Academy - What we have learned?0407 Jan Geissler - WECAN Academy - What we have learned?
0407 Jan Geissler - WECAN Academy - What we have learned?
 
0405 Bettina Rryll - The clinical trials we want!
0405  Bettina Rryll - The clinical trials we want! 0405  Bettina Rryll - The clinical trials we want!
0405 Bettina Rryll - The clinical trials we want!
 
0403 2 Zack PembertonW - Approaches to value and pricing
0403 2 Zack PembertonW - Approaches to value and pricing0403 2 Zack PembertonW - Approaches to value and pricing
0403 2 Zack PembertonW - Approaches to value and pricing
 
0402 Anna Wagstaff - Not being victim of hidden agenda
0402 Anna Wagstaff - Not being victim of hidden agenda0402 Anna Wagstaff - Not being victim of hidden agenda
0402 Anna Wagstaff - Not being victim of hidden agenda
 
0401 2 Ananda Plate - Patient Preferences
0401 2 Ananda Plate - Patient Preferences0401 2 Ananda Plate - Patient Preferences
0401 2 Ananda Plate - Patient Preferences
 
0401 1 Denis Costello - Patient Generated Data
0401 1 Denis Costello - Patient Generated Data0401 1 Denis Costello - Patient Generated Data
0401 1 Denis Costello - Patient Generated Data
 
0307 Mary Wang - Biobanks and registries
0307 Mary Wang - Biobanks and registries0307 Mary Wang - Biobanks and registries
0307 Mary Wang - Biobanks and registries
 
0306 2 Madelaine Pe - Analysing and Comparing PRO
0306 2 Madelaine Pe - Analysing and Comparing PRO0306 2 Madelaine Pe - Analysing and Comparing PRO
0306 2 Madelaine Pe - Analysing and Comparing PRO
 
0306 1 Sergio Diaz - Patient Reported Outcomes
0306 1 Sergio Diaz - Patient Reported Outcomes0306 1 Sergio Diaz - Patient Reported Outcomes
0306 1 Sergio Diaz - Patient Reported Outcomes
 
0305 Spurrier - Ryll - Astratinei - Early access to new therapies spurrier - ...
0305 Spurrier - Ryll - Astratinei - Early access to new therapies spurrier - ...0305 Spurrier - Ryll - Astratinei - Early access to new therapies spurrier - ...
0305 Spurrier - Ryll - Astratinei - Early access to new therapies spurrier - ...
 

Recently uploaded

Yoga for Beginner’s Course- yoga foundation course
Yoga for Beginner’s Course- yoga foundation courseYoga for Beginner’s Course- yoga foundation course
Yoga for Beginner’s Course- yoga foundation course
Karuna Yoga Vidya Peetham
 
Reimbursement Bootcamp- Coding, Coverage & Payment lecture by David Farber, K...
Reimbursement Bootcamp- Coding, Coverage & Payment lecture by David Farber, K...Reimbursement Bootcamp- Coding, Coverage & Payment lecture by David Farber, K...
Reimbursement Bootcamp- Coding, Coverage & Payment lecture by David Farber, K...
Levi Shapiro
 
Yogic Sukshma Vyayama Teacher Training Course
Yogic Sukshma Vyayama Teacher Training CourseYogic Sukshma Vyayama Teacher Training Course
Yogic Sukshma Vyayama Teacher Training Course
Karuna Yoga Vidya Peetham
 
Teaching Methodology of Hatha Yoga Teacher Training Course.pptx
Teaching Methodology of Hatha Yoga Teacher Training Course.pptxTeaching Methodology of Hatha Yoga Teacher Training Course.pptx
Teaching Methodology of Hatha Yoga Teacher Training Course.pptx
Karuna Yoga Vidya Peetham
 
physiotherapy assessment & management in arthritis.pptx
physiotherapy assessment & management in arthritis.pptxphysiotherapy assessment & management in arthritis.pptx
physiotherapy assessment & management in arthritis.pptx
AvaniAkbari
 
buy oxycodone online at chemworldstore.net
buy oxycodone online at chemworldstore.netbuy oxycodone online at chemworldstore.net
buy oxycodone online at chemworldstore.net
luciatcupups
 
AI in Patient Engagement and Follow-Up Care.pptx
AI in Patient Engagement and Follow-Up Care.pptxAI in Patient Engagement and Follow-Up Care.pptx
AI in Patient Engagement and Follow-Up Care.pptx
Gaurav Gupta
 
Girls Call Mumbai 000XX00000 Provide Best And Top Girl Service And No1 in City
Girls Call Mumbai 000XX00000 Provide Best And Top Girl Service And No1 in CityGirls Call Mumbai 000XX00000 Provide Best And Top Girl Service And No1 in City
Girls Call Mumbai 000XX00000 Provide Best And Top Girl Service And No1 in City
snehamittal#G05
 
Therapeutic Diets Applied Nutrition and Dietics in BSc Nursing
Therapeutic Diets Applied Nutrition and Dietics in BSc NursingTherapeutic Diets Applied Nutrition and Dietics in BSc Nursing
Therapeutic Diets Applied Nutrition and Dietics in BSc Nursing
MKSSS BTINE
 
Cyberattacks on Healthcare Systemss.pptx
Cyberattacks on Healthcare Systemss.pptxCyberattacks on Healthcare Systemss.pptx
Cyberattacks on Healthcare Systemss.pptx
JoeOrlando16
 
Principles of Arthroscopy and instruments
Principles of Arthroscopy and instrumentsPrinciples of Arthroscopy and instruments
Principles of Arthroscopy and instruments
RAdhavan
 
VITAMINS(referred as a Organic compound)
VITAMINS(referred as a Organic compound)VITAMINS(referred as a Organic compound)
VITAMINS(referred as a Organic compound)
saloniswain225
 
How dental support group work...........
How dental support group work...........How dental support group work...........
How dental support group work...........
AvilasDentalGroup
 
Top Rated Massage Center In Ajman | Massage Center Deals Sharjah
Top Rated Massage Center In Ajman | Massage Center Deals SharjahTop Rated Massage Center In Ajman | Massage Center Deals Sharjah
Top Rated Massage Center In Ajman | Massage Center Deals Sharjah
Jameela Massage and Relaxation Centre Ajman
 
Automated Feedback in Digital Depression Screening: DISCOVER Trial | The Life...
Automated Feedback in Digital Depression Screening: DISCOVER Trial | The Life...Automated Feedback in Digital Depression Screening: DISCOVER Trial | The Life...
Automated Feedback in Digital Depression Screening: DISCOVER Trial | The Life...
The Lifesciences Magazine
 
ISSUES AND CONCERNS HRH malitbog ph.pptx
ISSUES AND CONCERNS HRH malitbog ph.pptxISSUES AND CONCERNS HRH malitbog ph.pptx
ISSUES AND CONCERNS HRH malitbog ph.pptx
shae1212
 
TEST BANK For Physical Examination and Health Assessment 8th Edition, by Caro...
TEST BANK For Physical Examination and Health Assessment 8th Edition, by Caro...TEST BANK For Physical Examination and Health Assessment 8th Edition, by Caro...
TEST BANK For Physical Examination and Health Assessment 8th Edition, by Caro...
rightmanforbloodline
 
Abortion pills for sale in Qatar(+919707208804)Buy Cytotec tablet in Doha
Abortion pills for sale in Qatar(+919707208804)Buy Cytotec tablet in DohaAbortion pills for sale in Qatar(+919707208804)Buy Cytotec tablet in Doha
Abortion pills for sale in Qatar(+919707208804)Buy Cytotec tablet in Doha
maishakhanam230
 
Yoga, Anatomy & Physiology Certificate Course.pptxv.pptx
Yoga, Anatomy & Physiology Certificate Course.pptxv.pptxYoga, Anatomy & Physiology Certificate Course.pptxv.pptx
Yoga, Anatomy & Physiology Certificate Course.pptxv.pptx
Karuna Yoga Vidya Peetham
 
Mudra and Pranayama Teacher Training Certificate Course
Mudra and Pranayama  Teacher Training Certificate CourseMudra and Pranayama  Teacher Training Certificate Course
Mudra and Pranayama Teacher Training Certificate Course
Karuna Yoga Vidya Peetham
 

Recently uploaded (20)

Yoga for Beginner’s Course- yoga foundation course
Yoga for Beginner’s Course- yoga foundation courseYoga for Beginner’s Course- yoga foundation course
Yoga for Beginner’s Course- yoga foundation course
 
Reimbursement Bootcamp- Coding, Coverage & Payment lecture by David Farber, K...
Reimbursement Bootcamp- Coding, Coverage & Payment lecture by David Farber, K...Reimbursement Bootcamp- Coding, Coverage & Payment lecture by David Farber, K...
Reimbursement Bootcamp- Coding, Coverage & Payment lecture by David Farber, K...
 
Yogic Sukshma Vyayama Teacher Training Course
Yogic Sukshma Vyayama Teacher Training CourseYogic Sukshma Vyayama Teacher Training Course
Yogic Sukshma Vyayama Teacher Training Course
 
Teaching Methodology of Hatha Yoga Teacher Training Course.pptx
Teaching Methodology of Hatha Yoga Teacher Training Course.pptxTeaching Methodology of Hatha Yoga Teacher Training Course.pptx
Teaching Methodology of Hatha Yoga Teacher Training Course.pptx
 
physiotherapy assessment & management in arthritis.pptx
physiotherapy assessment & management in arthritis.pptxphysiotherapy assessment & management in arthritis.pptx
physiotherapy assessment & management in arthritis.pptx
 
buy oxycodone online at chemworldstore.net
buy oxycodone online at chemworldstore.netbuy oxycodone online at chemworldstore.net
buy oxycodone online at chemworldstore.net
 
AI in Patient Engagement and Follow-Up Care.pptx
AI in Patient Engagement and Follow-Up Care.pptxAI in Patient Engagement and Follow-Up Care.pptx
AI in Patient Engagement and Follow-Up Care.pptx
 
Girls Call Mumbai 000XX00000 Provide Best And Top Girl Service And No1 in City
Girls Call Mumbai 000XX00000 Provide Best And Top Girl Service And No1 in CityGirls Call Mumbai 000XX00000 Provide Best And Top Girl Service And No1 in City
Girls Call Mumbai 000XX00000 Provide Best And Top Girl Service And No1 in City
 
Therapeutic Diets Applied Nutrition and Dietics in BSc Nursing
Therapeutic Diets Applied Nutrition and Dietics in BSc NursingTherapeutic Diets Applied Nutrition and Dietics in BSc Nursing
Therapeutic Diets Applied Nutrition and Dietics in BSc Nursing
 
Cyberattacks on Healthcare Systemss.pptx
Cyberattacks on Healthcare Systemss.pptxCyberattacks on Healthcare Systemss.pptx
Cyberattacks on Healthcare Systemss.pptx
 
Principles of Arthroscopy and instruments
Principles of Arthroscopy and instrumentsPrinciples of Arthroscopy and instruments
Principles of Arthroscopy and instruments
 
VITAMINS(referred as a Organic compound)
VITAMINS(referred as a Organic compound)VITAMINS(referred as a Organic compound)
VITAMINS(referred as a Organic compound)
 
How dental support group work...........
How dental support group work...........How dental support group work...........
How dental support group work...........
 
Top Rated Massage Center In Ajman | Massage Center Deals Sharjah
Top Rated Massage Center In Ajman | Massage Center Deals SharjahTop Rated Massage Center In Ajman | Massage Center Deals Sharjah
Top Rated Massage Center In Ajman | Massage Center Deals Sharjah
 
Automated Feedback in Digital Depression Screening: DISCOVER Trial | The Life...
Automated Feedback in Digital Depression Screening: DISCOVER Trial | The Life...Automated Feedback in Digital Depression Screening: DISCOVER Trial | The Life...
Automated Feedback in Digital Depression Screening: DISCOVER Trial | The Life...
 
ISSUES AND CONCERNS HRH malitbog ph.pptx
ISSUES AND CONCERNS HRH malitbog ph.pptxISSUES AND CONCERNS HRH malitbog ph.pptx
ISSUES AND CONCERNS HRH malitbog ph.pptx
 
TEST BANK For Physical Examination and Health Assessment 8th Edition, by Caro...
TEST BANK For Physical Examination and Health Assessment 8th Edition, by Caro...TEST BANK For Physical Examination and Health Assessment 8th Edition, by Caro...
TEST BANK For Physical Examination and Health Assessment 8th Edition, by Caro...
 
Abortion pills for sale in Qatar(+919707208804)Buy Cytotec tablet in Doha
Abortion pills for sale in Qatar(+919707208804)Buy Cytotec tablet in DohaAbortion pills for sale in Qatar(+919707208804)Buy Cytotec tablet in Doha
Abortion pills for sale in Qatar(+919707208804)Buy Cytotec tablet in Doha
 
Yoga, Anatomy & Physiology Certificate Course.pptxv.pptx
Yoga, Anatomy & Physiology Certificate Course.pptxv.pptxYoga, Anatomy & Physiology Certificate Course.pptxv.pptx
Yoga, Anatomy & Physiology Certificate Course.pptxv.pptx
 
Mudra and Pranayama Teacher Training Certificate Course
Mudra and Pranayama  Teacher Training Certificate CourseMudra and Pranayama  Teacher Training Certificate Course
Mudra and Pranayama Teacher Training Certificate Course
 

0303 Julius Zaleskis - GDPR and data protection for cancer advocates

  • 1. GDPR AND DATA PROTECTION: WHAT DO CANCER ADVOCATES NEED TO KNOW? Julius Zaleskis, PhD Founder of Dataprotection.lt Lecturer at Vilnius University, Lithuania info@dataprotection.lt
  • 2. Content  1. Key elements of GDPR  2. How GDPR protects cancer patients?  3. How cancer patient organisations should comply with GDPR?  4. Patients related GDPR case study 12/07/2019 2
  • 3. 1. Key elements of GDPR  What does GDPR language mean?  When GDPR is relevant for cancer patient organisations?  Which parts of GDPR are old?  Which parts of GDPR are new?  Does GDPR already work? 12/07/2019 3
  • 4. What does GDPR language mean?  Data (personal data)  Data controller  Data processing  Data processor  Data subject  Data protection authority (DPA)  Data protection officer (DPO)  European Economic Area (EEA)  General Data Protection Regulation (2016/679) (GDPR)  Special categories of data (sensitive data) 12/07/2019 4
  • 5. When GDPR is relevant for cancer patient organisations?  Collection, use and retention of data  Healthcare service providers & cancer patient organisations as data controllers  Patients as data subjects  Entities established in EEA  Entities targeting patients in EEA  Applicability as of 25 May 2018 12/07/2019 5
  • 6. Which parts of GDPR are old?  Scope of data (Art. 4(1))  Data processing principles (Art. 5(1))  Data processing grounds (Art. 6(1))  Rights of data subjects (Chapter III)  Prohibition of sensitive data processing (Art. 9(1))  Restriction to transfer data outside EEA (Chapter V) 12/07/2019 6
  • 7. Which parts of GDPR are new?  Representation of data subjects (Art. 80)  Data protection officer (Chapter IV Section 4)  Data protection impact assessments (Art. 35)  Prior consultations with DPAs (Art. 36)  Data breach notifications to DPAs (Art. 33) and data subjects (Art. 34)  Accountability (Art. 5(2))  Fines (4% of annual turnover / EUR 20 million) (Art. 83)  Right to data portability (Art. 20)  Data processor agreements (Art. 28)  Data processing records (Art. 30)  European Data Protection Board (Chapter VII Section 3)  Applicability to non-EEA data controllers (Art. 3(2))  Promotion of self-regulation (Chapter IV Section 5) 12/07/2019 7
  • 8. Does GDPR already work?  February 2019: 55 955 871 EUR issued in fines (data by European Data Protection Board)  France: 3 fines, 50 400 000 EUR  Germany: 100 fines, 483 500 EUR  Portugal: 1 fine, 400 000 EUR  Denmark: 2 fines, 360 850 EUR  Spain: 4 fines, 342 000 EUR 12/07/2019 8
  • 9. 2. How GDPR protects cancer patients?  Prohibition of health data  Prohibition of genetic data  In which exceptional cases health and genetic data can processed?  How does a patient consent have to look like?  What information a cancer patient has a right to know?  What rights cancer patients enjoy?  How can patient rights be advocated? 12/07/2019 9
  • 10. Prohibition of health data  All data pertaining to the health status  Past, current or future physical or mental health status  Information about the natural person collected in the course of the registration for, or the provision of, health care services as referred to in Directive 2011/24/EU  A number, symbol or particular assigned to a natural person to uniquely identify the natural person for health purposes  Information derived from the testing or examination of a body part or bodily substance, including from genetic data and biological samples  Any information on a disease, disability, disease risk, medical history, clinical treatment  Physiological or biomedical state of the data subject  Source does not matter (a physician or other health professional, a hospital, a medical device or an in vitro diagnostic test) 12/07/2019 10
  • 11. Prohibition of genetic data  Personal data relating to the inherited or acquired genetic characteristics of a natural person  Results from the analysis of a biological sample from the natural person  E.g.: chromosomal, deoxyribonucleic acid (DNA) or ribonucleic acid (RNA) analysis, or the analysis of another element enabling equivalent information to be obtained 12/07/2019 11
  • 12. In which exceptional cases health and genetic data can processed?  Explicit consent of a patient  Members of associations  Protection of vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent  Data manifestly made public by the data subject  Establishment, exercise or defence of legal claims  Reasons of substantial public interest on the basis of law  Healthcare services  Reasons of public interest in the area of public health  Scientific research purposes on the basis of law 12/07/2019 12
  • 13. Exception of healthcare services  Necessity: • to achieve the purposes for the benefit of natural persons  Specific purposes: • Preventive medicine • Occupational medicine • Assessment of the working capacity of the employee • Medical diagnosis • Treatment • Provision or management of health or social care systems and services  Specific legal basis: • EU, Member State law or a contract with a health professional  Specific data controller: • Professional subject to the obligation of professional secrecy under law  Further national conditions, including limitations, possible 12/07/2019 13
  • 14. Exception of public health reasons 12/07/2019 14  Necessity: • to achieve the purposes of society as a whole  Specific purposes: • protecting against serious cross-border threats to health • ensuring high standards of quality and safety of health care, medicinal products or medical devices • other reasons of public health  Concept of public health: • health status, including morbidity and disability, the determinants having an effect on that health status • health care needs • resources allocated to health care • the provision of, and universal access to, health care • health care expenditure and financing • the causes of mortality  Specific legal basis • EU or Member State law  No access by third parties (employers, insurance and banking companies, etc.)
  • 15. How does a patient consent have to look like? 12/07/2019 15  Freely given  Specific / granular  Unambiguous  Informed  Provable  Revocable
  • 16. What information a cancer patient has a right to know? 12/07/2019 16  Identity and contact details of the data controller  Data processing purposes  Grounds of lawful data processing  Data retention periods  Rights of the data subjects  Right to file a complaint with DPA  Whether the data subject is obliged to provide the personal data  The right to withdraw consent at any time  Specific interests of the data controller or a third party  The existence of automated decision-making, including profilig, the logic involved, envisaged consequences of such processing  The recipients or categories of recipients of the personal data  Transfer of data to a third country or international organisation and the ground thereof  Contact details of the DPO
  • 17. What rights cancer patients enjoy? 12/07/2019 17  Right of access  Right to rectification  Right to be forgotten  Right to restriction of processing  Right to data portability  Right to object to data processing  Right not be subject to automated individual decision-making, including profiling
  • 18. How can patient rights be advocated? 12/07/2019 18  Complaints with DPAs  Administrative fines  Civil law claims for compensation  Representation by cancer advocates: • not-for-profit body, organisation or association • properly constituted in accordance with the law • statutory objectives which are in the public interest • active in the field of the protection of data subjects' rights and freedoms • mandated by data subjects • right to lodge a complaint or receive a compensation
  • 19. 3. How cancer patient organisations should comply with GDPR? 12/07/2019 19  Conduct GDPR compliance audit  Follow principles  Establish procedures  Consult DPO  Revise IT security  Educate staff
  • 20. Conduct GDPR compliance audit 12/07/2019 20  Make an inventory of data based on purposes of their use  Review internal procedures and documentation  Check compliance of inventorised data with GDPR principles  Identify and prioritize risks  Draw a roadmap for compliance
  • 21. Follow principles 12/07/2019 21  Specific and clear purpose of data  As less data as possible  Access on a need to know basis  As less actions with data as possible  At least one ground for processing  Clear data deletion periods  Transparency  Respect for rights of individuals  Accuracy  Implement technical and organization security means
  • 22. At least one ground for processing 12/07/2019 22  Consent of a data subject  Contract with a data subject  Legal obligation  Vital interests of a data subject  Public authority  Legitimate interests of a patient organization • Where interests of a data subject are not more important • Need for a documented balancing test
  • 23. Establish procedures 12/07/2019 23  Personal data protection policy  Consulting DPO  Data subject requests  Data protection impact assessments  Data disclosures  Provision of information to data subjects  Data breaches  Data processing records  DPA inquiries  Data protection documentation  IT & Data security policy
  • 24. Consult DPO 12/07/2019 24  Doubts on how to comply  Questions re internal rules and documents  Belief that a violation occurred  Belief that a security breach occurred  Intention to develop data-related functionality or process  Intention to grant access to data to someone from outside  Doubts on whether users are informed  Intention to use sensitive data  Intention to monitor working tools or accounts  Awareness of an inquiry from DPA  Awareness of a data subject request  Need for new documents  Noticing of discrepancy in data processing records
  • 25. Revise IT security 12/07/2019 25  Abstract principle of appropriate security of the personal data, including protection against unauthorised, unlawful processing, against accidental loss, destruction or damage (Art. 5(1)(f))  Abstract requirement to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk (Art. 32)  No specific technical standards – this is a responsibility of a data controller  Data security means promoted by Art. 32 of GDPR: • the pseudonymisation and encryption of personal data; • the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; • the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; • a process for regularly testing, assessing and evaluating the effectiveness of measures • authorisations to process data  Need for IT assessment and IT security policy (Art. 5(2))  ENISA’s Handbook on Security of Personal Data Processing as a good practice (2018)
  • 26. Educate staff 12/07/2019 26  Top management  Legal  Medical  Accountancy  Security  Marketing  HR  Data analytics  IT
  • 27. 4. Patients related GDPR case study 12/07/2019 27  Centro Hospitalar Barreiro Montijo was investigated by Portuguese DPA  9 administrative staff members had same rights of access to full medical records as doctors  All doctors had access to full medical records notwithstanding their areas of practice  There were 985 systems users with access to medical records while there were 296 doctors at the hospital the time of investigation  No policy on access to patients data was adopted
  • 28. Assess the situation from GDPR perspective 12/07/2019 28  Excessive access to patient records breached data confidentiality principle (Art 5(1)(f))  Lack of access rights management breached the requirement of appropriate technical and orgnisational security means (Art. 32)  Fine of EUR 400 000 was imposed