It was remarkably interesting to guide the interviews with health professionals asking them about their experience with data protection according to GDPR. These interviews were guided within the project GDPR4H, cofounded by the ERSAMUS+ program. Here some insights: Some psychotherapists, working with young people mentioned that since the implementation of GDPR commonly used applications are no longer allowed without establishing alternatives. They were used to communicate via messengers like whatsapp, because their young clients are the best to reach in this way. Now it is prohibited. Patient data can´t be sent by email. Our interviewees always emphasized that the data protection solutions for medical equipment must be practicable in daily business and comply with data protection efforts. Otherwise data protection will be regarded as an obstacle only. For, example, employees should be provided with secure software and hardware like encrypted hard drives so that they can work on divers working places in a data protection conform manner.