Data protection

Dutch Data Protection Authority publishes guide on cloud storage of patient data

Iradj Nazaryar

The Dutch Data Protection Authority (DPA) recently published a guide intended for healthcare providers about the cloud storage of patient data. The guide provides a practical interpretation of the DPA’s Guidelines on personal data protection (2013) which indicate how healthcare providers can fulfil data protection obligations. The key points within the guide refer to: Patient Read More

WP 29 releases an extensive opinion on data processing at work

Inge Vanderreken

The EU’s “Article 29 Working Party” (WP29) has adopted new guidance on the processing of personal data in the employment context (the New Opinion). This New Opinion complements their 2001 opinion and 2002 working document. WP29 is the Data Protection Working Party established by Article 29 of Directive 95/46/EC. It is an independent European advisory Read More

UK ICO investigation into the Royal Free’s use of patient data used as an opportunity to educate

Charlotte Mullarkey

In a case which has wide implications for the health care sector, the UK Information Commissioner’s Office (ICO) has ruled that the Royal Free NHS Foundation Trust failed to comply with the UK Data Protection Act when it provided personal data of about 1.6 million patients to Google DeepMind.  The personal data was provided as Read More

New National Institute for Health Data responsible for access to health data in France

Patricia Carmona Botana

The National Institute for Health Data (INDS) was established by an order dated 20 April 2017. The INDS replaces the Institute for Health Data and will serve as a one-stop-shop window through which access to the National System of Health Data (SNDS) database, which incorporates most public registries of health data, must be requested (see Read More

National System of Health Data increases access to health data in France

Eveline Van Keymeulen

On 1 April 2017, the implementing Decree of 26 December 2016 relating to the processing of personal data in the framework of the National System of Health Data (SNDS) entered into force. The decree lists the data that will be made available under the framework, establishes a list of public bodies that will have permanent Read More