The EU General Data Protection Regulation (GDPR) is a regulation under EU law, coming into force on May 25, 2018. The GDPR treats health data as sensitive personal data.
Health data refers to personal information (also called personal data) that relates to the health status of a person. This includes both medical data (medical examination reports, laboratory tests, radiographs, doctor prescriptions, etc.), but also other information about health (the scheduling of medical appointments, etc.). Health data is considered sensitive data and is subject to particularly strict rules and can only be processed by health professionals who are bound by the obligation of medical secrecy. Organisations collecting and using health data need to rely on a lawful ground – both for collecting personal data and sensitive personal data.
When providing medical advice on surgical infections, PRO-IMPLANT Foundation is going to rely either on patient's consent or on other grounds for processing health data through its Consultation Portal and advisory team.
All collected health data is processed and stored acording to the PRO-IMPLANT Foundation's Data Protection Policy.