Code of conduct for the health sector
officially approved!
The President of the Data Protection Office has approved the “Code of Conduct for the Health Sector” prepared by the Polish Hospital Federation. The signed document is the first code in Europe covering public and private entities in the medical sector.
The document provides separate mechanisms for monitoring compliance with its provisions for public medical facilities. Joining the Code does not entail membership in any organization.
In the opinion of the supervisory authority, the code of conduct presented by the Polish Hospital Federation complies with the provisions of the General Data Protection Regulation (GDPR) and provides adequate safeguards in terms of data protection provided for by the regulation. An important aspect was the development of monitoring solutions for public entities. This is the first such code for the medical sector that allows public hospitals to confirm data processing compliance with GDPR.
The decision of the President of UODO ends the period of work on the content of the code and gives medical facilities the opportunity to start preparing for its implementation.
Adherence to the Code of Conduct comes with a number of benefits. First of all, entities that will apply it can have a guarantee of the correctness of the use of certain solutions approved by the supervisory authority. They can also count on supervision of personal data processing based on the monitoring mechanisms described in the code. Also of significance is the fact that under the GDPR, the supervisory authority, when considering imposing a penalty on an entity, must take into account in each case whether the entity is correctly applying the approved code of conduct.
The supervisory authority has accredited KPMG Advisory, which will act as a monitor of the code's application among its private sector members.
5th edition of the CYBERSEC & GDPR in Health conference
The largest data protection event in the medical sector!
Thank you for your participation in the 5th edition of the international conference CYBERSEC & GDPR in Health, which took place on 29.11.2023 at Lazarski University, Warsaw, from where it was also broadcast live. Held annually since 2019, the conference brings together the most prominent industry organizations and representatives of the public side to discuss issues related to the security of medical data in the digital environment.
With the increasing dependence on digital technology in medical practices and the growing benefits of using it, the issue of cyber security is becoming increasingly important as patients' personal medical data and medical systems are at greater risk of being attacked, causing sensitive medical data to malfunction or leak. The "CYBERSEC & GDPR in Health" conference provides a central forum for discussions on RODO and cyber security in health. Topics covered at the conference include issues related to current challenges in medical data protection, including patient data security and privacy breaches in the digital environment.
Sign up for the Newsletter to stay up to date!
Check out the video from last year's edition
Our projects
GDPR Code of Conduct
As of May 25, 2018, the General Data Protection Regulation, or GDPR, is in effect, which has a direct and significant impact on data processing by healthcare providers.
For this reason, we created the GDPR Code of Conduct in the healthcare sector. It is the only code od conduct for health care with a positive opinion from the President of the Office of Personal Data Protection.
EDUCATIONAL CAMPAIGN
GDPR FOR PATIENT
Legal acts concerning personal data are difficult for Patients to understand. "GDPR for the Patient" is an educational campaign aimed at raising Patients' awareness of the new regulations - after all, an informed Patient is a safer, empowered Patient and a safer medical facility.
The campaign is being implemented in cooperation with the public site.
NEWS
Prezes UODO zatwierdził Kodeks postępowania dla sektora ochrony zdrowia
Prezes Urzędu Ochrony Danych Osobowych zatwierdził „Kodeks postępowania dla sektora ochrony zdrowia” przygotowany przez Polską Federację Szpitali. Podpisany dokument to pierwszy w Europie kodeks obejmujący podmioty publiczne i prywatne [...]
Od edukacji do praktyki: Konferencja CYBERSEC & RODO w Zdrowiu jako odpowiedź na potrzeby branży medycznej w zakresie bezpieczeństwa cybernetycznego i ochrony danych
Wiodący eksperci branżowi spotkają się na cieszącej się dużym uznaniem międzynarodowej konferencji "CYBERSEC & RODO w Zdrowiu" 29 listopada 2023 r. podczas jej piątej edycji. Na bezpłatną [...]
Eksperci o cyberbezpieczeństwie danych medycznych
Praktyka organów publicznych w zakresie cyberbezpieczeństwa i ochrony danych medycznych, kodeks branżowy, szanse i wyzwania związane z bezpieczeństwem danych medycznych w środowisku cyfrowym – to główne [...]
GDPR in Health office
biuro@rodowzdrowiu.pl