GDPR – importance for the health sector
From May 25, 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC applies. (General Data Protection Regulation, i.e. GDPR). This regulation has a direct and significant impact on the processing of data by healthcare providers. The GDPR has introduced new obligations for data controllers / processors and new rights for data subjects.
Correct fulfillment of obligations under the GDPR is extremely important, in particular due to the fact that it will be secured with severe sanctions: civil, administrative (up to EUR 20 million or 4% of the annual turnover), criminal and professional sanctions.
Entities from the medical industry are obliged to comply with the provisions of the GDPR to the full extent from the first day of the Regulation’s application. The regulations generally do not provide for any reduced tariff. The specificity of the medical industry, in particular the processing of large amounts of sensitive data on health and the often unsatisfactory awareness of data protection, are the source of significant challenges and threats in the context of the GDPR that the industry has to face.