GDPR workshops January 2018
The project is working with expert from Health Connect Partners on the coming law GDPR (General Data Protection Regulation), who has held two days workshop with us to perform a data privacy assessment for the Health integrator. The workshop covered following topics:
The politics and regulation of data – how we go to the GDPR and its core objectives:
- Legitimate processing
- Individual rights
- Transparency & Accountability
- Security & privacy
Legitimate processing
- Consent
- Legitimate interests
- Secondary purposes
- Case study – a consent form
Individual Rights
- General principles relevant to individual rights
- Access, rectification and portability
- Rights to object and to erasure and restriction
Transparency & Accountability
- Information notices
- Data privacy by design
- Data privacy impact assessment
- Data protection officer
About GDPR
The new GDPR was finally approved by the EU Parliament on 14 April 2016 and the enforcement date is 25 May 2018 – at which time those organizations in non-compliance may face heavy fines.
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. Key articles of the GDPR, as well as information on its business impact, can be found throughout this site: https://www.eugdpr.org/