Skip main navigation

New offer! Get 30% off one whole year of Unlimited learning. Subscribe for just £249.99 £174.99. New subscribers only. T&Cs apply

Find out more

Meet the Data Protection Officer

Watch the Data Protection Officer (DPO) explain more about her tasks.

Hospitals process large amounts of sensitive health data. This is why the GDPR provides that a Data Protection Officer (DPO) needs to be appointed. The DPO is involved whenever an issue relating to the protection of personal data arises within the hospital organisation.

A DPO has a number of main tasks based on Article 37 GDPR:

  1. To supervise all issues relating to the processing of personal data and monitor compliance with the principles of the GDPR and other policies and regulations of data protection;

  2. To inform and provide advice to all staff members on how best to handle issues relating to privacy;

  3. To provide advice when data protection impact assessments need to be carried out;

  4. To cooperate with and act as a contact person for the supervisory authority;

  5. To raise awareness and train staff members in data protection aspects of processing operations

The job of a DPO is not to limit processing, but to enable it while being compliant to the GDPR. He or she helps to identify risks and find the appropriate safeguards.

This job needs to be done with care considering that the right balance needs to be stricken between privacy protection and providing good healthcare. When lives are on the line, policies should not impede healthcare. This is why measures need to be well thought through in order to protect personal data and mitigate the privacy risks involved while not impeding the work of doctors and nurses.

We would like to hear from you. Do you know whether you have a DPO in your place of work? Or have you had any training on data protection yourself? Please feel free to share your experiences with other learners. We do of course ask you to do this in a respectful manner and please do not share any information that might be contentious. This is after all a course on data protection!

This article is from the free online

Protecting Health Data in the Modern Age: Getting to Grips with the GDPR

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now