Uncategorized

Commission publishes study on Assessment of the EU Member States’ rules on health data in the light of GDPR 150 150 gdpr4h-project.eu

Commission publishes study on Assessment of the EU Member States’ rules on health data in the light of GDPR

Today, the Commission published a study on the “Assessment of the EU Member States’ rules on health data in the light of GDPR”. The study finds that while the General Data Protection Regulation (GDPR) lays down horizontal directly applicable rules in all Member States, there remains variation in the range of national-level legislation linked to its implementation in the area of health. This, the study suggests, has led to a fragmented approach in the way that health data processing for health and research is conducted in the Member States. This can negatively impact cross-border cooperation for care provision, healthcare system administration, public health or research.

To ensure that European healthcare systems can make the best possible use of health data and to support the development of the European Health Data Space, a number of legal and operational issues need to be addressed in a multi-faceted approach. The study identified potential future EU level actions, including stakeholder-driven Codes of Conduct as well as new targeted and sector-specific EU level legislation. In addition to legal requirements and governance, the study also points to the need for a more harmonised approach across the Member States when it comes to technical infrastructure, technical and semantic interoperability. Data quality and acquisition, digital skills and capacity-building for primary and secondary use of health data were also areas identified where a harmonised approach could be beneficial.

The study goes on to highlight that co-operation between the EU, Member States and relevant stakeholders is important, with a particular focus on the interests of patients. The study specifies that they should be supported as active agents in their own health and care, with full capacity to exercise their health data related rights. In conclusion, the development of the European Health Data Space, including specific legislation to be adopted to complement the proposal for a Data Governance Act, is believed to offer the ideal opportunity to build upon the suggestions outlined in the study. In addition, it is believed to ensure that health data can be used to promote better patient care, more resilient healthcare systems and stronger collaborative public health protection and healthcare research across the European Union.

The study is available at: https://ec.europa.eu/health/sites/health/files/ehealth/docs/ms_rules_health-data_en.pdf .


GDPR APPLICATION IN MEDICAL PRACTICE. OPPORTUNITIES AND BARRIERS. EMA Parnters 622 186 gdpr4h-project.eu

GDPR APPLICATION IN MEDICAL PRACTICE. OPPORTUNITIES AND BARRIERS. EMA Parnters

This meeting, chaired by Vincenzo Costigliola, President of the European Medical Association (EMA), which is a partner of the GDPR for Health Project, https://gdpr4h-project.eu/ , took place as a webinar managed on MEET, with the participation of several members of EMA, February 8th 2021.

This summarized preliminary report is developed by the EMA Director for media, e-learning and e-medicine, integrating the main points developed in the discussion.

The General Data Protection Regulation (GDPR) 2016/679, directly applicable in all Member States by 25 May 2018 requires healthcare organizations to re-think about their data flows and how they handle and monitor patient data. This is needed to make sure they complies with the National and International regulation. Such very important step toward has the goal of building a more digital and inclusive society.

Dr. Costigliola described how its application is already increasing the distance and the promptness of feedback in the relationship between individual patient and physician. Diseases, and much more events that arise in urgency or with important psychological implications, can only rarely wait to be inserted into forms and templates.

The current digital architecture is still quite schematic if not frankly old-fashioned, so that solicits the doctor to a clinical approach based more on formalities rather than on needs deriving from the patient’s interview, visit and study.

The guarantees may become, and are already becoming, barriers for the direct physical contact and intervention in medical practice. Rules, forms and templates to be filled are actual slowing and distancing tools, and for the menaces of controversies, and the ever-looming threat of legal disputes is becoming an obstacle, as demonstrated by the large number of complaints in all European countries. Regardless of the relevance and outcome of these complaints, the effect on the mutual trust between the doctor and patient, and therefore on the final efficacy of many necessary medical acts, is highly disadvantageous.

The permanent confrontation between the many doctors Google and the doctor with immediate ethical, professional and legal responsibility for the patient who relies on him has become a source of positive stimulus, but also a trigger for useless discussions and behaviors full of fake news and irrational approaches, or for proposals and behaviors frankly fanatic or superstitious.

In such conditions, it is safer for the doctor to fall back on quasi-bureaucratic positions, leaving the patients to a fictitious participatory management of their health or illness. The Ethical call for privacy respect and transparency of processes and of data management, while is very appropriate for health organizations and facilities, as well for industries and research institutions, may seriously impair the freedom and the confidentiality of the doctor-patient relationship, challenging the limited possibilities of smaller family practice and limited resources facilities. The need of agile models and systems, well known and applied in several fields and tasks involving computer science, should be taken in greater account, as it is needed and possible.

Among the sustainable mitigation strategies, EMA Members recommend:

1. It is necessary to provide a clear and safe legal umbrella for the whole phase of meeting, interview and visit that the doctor must carry out in all contexts, but especially in small clinics and with minimal IT facilities.

2. National or local health systems, public or private, must be able to provide all context support to the individual professional, who must not be called upon to implement and control the many data, as appropriately required by EU directives and national laws.

3. Greater surveillance and limitation of all health-related activities that are illegally carried out by people who do not have the necessary qualifications (degrees and qualifications), nor an adequate level of professional and scientific updating and certifications are required.

4. The accuracy of the GDPR rules is clearly and appropriately designed and addressed to non-small health organizations and to clinical trials. These last, which are vital for the development of drugs and medical devices, has been and will be a real advance in scientific and ethical civilization. In this role, the European contribution is of pivotal relevance to build skills for life, and improve confidence and interest in learning for successful participation of all medical professionals in all the health aspects of our society.[CP1] 


 [CP1]

Μultiplier Event in Greece: The importance of Data Protection in Healtchare 150 150 gdpr4h-project.eu

Μultiplier Event in Greece: The importance of Data Protection in Healtchare

On January 29th, the final multiplier event in Greece took place online, due to Covid restrictions. The event was a great success with a total of 41 active participants that joined in the lively discussion about the significance of ensuring data protection in the healthcare sector.

Amongst the participants were current DPO professionals as well as inspiring DPO’s from the pharmaceutical industry and specialists, academia and information technology companies.

Participants were interested to learn about European developments in the field of data protection in a post GDPR and post Covid-era. The feedback acquired was valuable to the partnership as it included input and opinions regarding the GDPR4H courses which some participants has already concluded.

During the meeting, participants that were unaware of the GDPR4H Courses were re-introduced and described the outcomes of the GDPR4H partnership and had an exchange of view for the benefits to upskilling their knowledge on data protection rules. Participants were also able to discuss current predicaments and grey-zone legislations in Greece with professional DPO’s in two of the largest pharmaceutical companies of Greece, regarding Covid related data processing.

Mr. Antonis Evangelidis, Director of Regulatory Compliance and Data Protection at Vianex Group presented new digital technological advances used in light of the COVID-19 crisis. While Dr. Georgia Chatzitheodorou, Lawyer and Data Protection Officer at Elpen Group presented the legal challenges for data protection in Health as they were experienced by local pharmaceutical companies during the crises and the actions they took to mitigate legal challenges. Participants took part in a thorough discussion regarding how to handle ambiguous health data related to measures such as employee health information and temperature collection.

Furthermore, during the event the participants were presented with the new objectives of data protection for the next programming period 2021-2027 in the field of health by Ms. Marilida Tsiplakou, European Programs Advisor at AMC. They were also privy to a thorough presentation of how technology and data protection are two interlinked fields by Ms. Chrysa Psyllaki, European Programs Researcher at Skybridge.

Overall the event explored whether technology and skills development can help future DPOs to cope with future public health shocks and how the GDPR4H courses could help develop skills in all professionals dealing with health data. All participants that had not already begun the training courses expressed their interest in doing so and welcomed the initiative as a positive and added value experience that would be used and shared amongst colleagues of their businesses


Final Project Meeting 554 461 gdpr4h-project.eu

Final Project Meeting

The GDPR4H partners held the last project meeting on 13/01/2021. After the successful cooperation, the GDPR4H concludes at the end of January 2021.The meeting was held online and all partners were present. Each project partner presented the progress of the activities they were responsible for. The discussion of partners was held at a great climate and very useful conclusions were reached.

Workshops on GDPR 554 311 gdpr4h-project.eu

Workshops on GDPR

Starting on January 25th 2021, we organized daily workshops on GDPR in health in Romania, Greece and Germany. The kick-off workshop took place via Zoom and was well attended. To see the presentation, see below 

C training

GDPR4H presentation intro

GDPR4H Mobility tool for DPOS in Greece, Germany and Romania 554 355 gdpr4h-project.eu

GDPR4H Mobility tool for DPOS in Greece, Germany and Romania

The online web platform for supporting the mobility of DPOS in Greece, Germany and Romania was established as “mobility tool” for WBL, supporting cross-border mobility.

The GDPR4H Mobility tool is available at: https://mobility.gdpr4h-project.eu/help-page/ .

Το register, you have to:

  • add your name, email, and set a password.
  • Choose among the 2 options: Candidate or Company. Your selected option will be dispayed in a green box.

Read the terms and conditions and please consent that you agree to proceed.

After creating your account, you will be able to complete your data either s candidate, seeking for WBL or as a Company offering WBL positions.

Free Online Course for Vocational Training: Specialization Course for Data Protection in Health, available in German, Greek and Romanian 960 641 gdpr4h-project.eu

Free Online Course for Vocational Training: Specialization Course for Data Protection in Health, available in German, Greek and Romanian

Specialization Course for Data Protection in Health aims at the skills’ enhancement for Data Protection Officers.  The Course Modules are:

  1. Legal Aspects – the basis for every DPO: Data Protection Law
  2. It Security – how to ensure the security of IT systems in organizations: IT tools and methodologies applied to data protection
  3. Soft Skills – how to communicate and implement data protection thinking in organizations: Soft Skills for the DPOs
  4. Work based Learning (WBL) –Learning from practical examples (online via interactive videos and webinars)

The Course is available in:

Free Online Course: AWARENESS RAISING IN DATA PROTECTION AND HEALTH available in German, Greek and Romanian 554 398 gdpr4h-project.eu

Free Online Course: AWARENESS RAISING IN DATA PROTECTION AND HEALTH available in German, Greek and Romanian

The Awareness Raising Course introduces healthcare professionals and people who are interested in data protection in health, in the basic concepts of the GDPR in healthcare.

The Course is available in:

Questionnaires for Graduate Tracking 1024 1024 gdpr4h-project.eu

Questionnaires for Graduate Tracking

Τhe GDPR4H Consortium launched the survey for the 1.  Graduate Tracking Mechanisms in partner countries.

If you are an educational institution or training provider, in Germany, Greece and Romania, please dedicate 5-10 minutes to complete the following questionnaire.

The questionnaire is available in the following languages:

Free Online Course: AWARENESS RAISING IN DATA PROTECTION AND HEALTH 522 207 gdpr4h-project.eu

Free Online Course: AWARENESS RAISING IN DATA PROTECTION AND HEALTH

The Awareness Raising Course introduces healthcare professionals and people who are interested in data protection in health, in the basic concepts of the GDPR in healthcare. The course will last approximately 10 hours.

It includes 4 units in which the history of EU data protection, doctors’ responsibilities, risk assessment procedures and rights of patients are analyzed and presented.

  • Unit 1: lists the basic responsibilities and duties of a DPO, as well as the importance of the Data Processors and Controllers.
  • Unit 2: contains information on the importance of handling data breaches, as well as the basic patients’ rights in EU.
  • Unit 3: describes the basic digital threats that exist in our world. Moreover, it introduces the learner to the basic functionalities of the new E-health plan.
  • Unit 4:includes a summary of the main historical aspects of the GDPR as well as the main responsibilities of doctors in processing and protecting personal and health data

Target group: Employees in the health sector, who are not DPOs but who come into contact with patient data and any other interested persons.

Privacy Policy

You may find our privacy policy here.

Privacy Settings

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
 
Our website uses cookies, mainly from 3rd party services. Feel free to define your Privacy Preferences and/or agree to our use of cookies.