Skip main navigation

Rights of data subjects in a medical context

The GDPR provides for several rights for data subjects whose data are being processed. This includes: Transparency of information and communication; Provision of information; Right of access; Right to rectification; …

Consent and health data

Within a medical context, the legal basis for processing health data is often the (implicit or explicit) contract between a patient and a medical professional (Article 6 (1, b) GDPR). …

When did Anna give her consent?

Take another look at the first part of Anna’s medical voyage. Can you identify if Anna gave consent to processing her health data to her GP, at the hospital or …

Consent and the GDPR

As you have learned, to be allowed to process data requires a legal basis. As regards health data, in many instances, the legal basis will be the provision of healthcare …

Transfer of health data

As you have seen in the previous step, Anna’s data is shared frequently between the various organisations involved in her medical journey. Anna’s General Practitioner (GP) shares information with her …

Sharing and transferring health data

Medical professionals have a lot of data about their patients. Not only personal data, but also sensitive data. This data is shared among medical professionals to help patients get the …

Obligations for sensitive data

You have seen that Anna required medical attention and we followed her to her General Practitioner (GP) and to the hospital. We also saw Anna using a lot of apps. …

Sensitive data and medical confidentiality

So far, you have learned the basics of data protection in light of the GDPR. However, for health data there is an additional set of rules. Data concerning health means …

What is health data?

In this video we follow Anna on her medical journey and explain some basic concepts based on her story. We see how many times she provides her healthcare providers with …

Principles and lawfulness of processing

The GDPR applies to the processing of personal data. Organisations and companies processing personal data for whatever purpose need to follow the rules of the GDPR. In this course you …

Anna and her apps

In this video you will meet Anna. We will follow her during the 2 weeks of this course and use her as an example to clarify the regulation of protecting …

Introduction to the course

Welcome to this course on Protecting Health Data in light of the General Data Protection Regulation (GDPR). The Security, Technology, and e-Privacy Research Group (STeP) at the Faculty of Law …