Mainly health professionals are required to be particularly sensitive to the management of their patients’ personal data. Prior to the entry into force of the European Regulation on the protection of personal data, the legal obligations of healthcare professionals were already laid down in a clear legislative framework.
Professional secrecy (medical, dental, nursing, physiotherapeutic, etc.) is enshrined in specific laws and codes of conduct, as well as in the Penal Code. It is clear, however, that the implementation of the GDPR has significantly expanded the range of obligations imposed on the healthcare industry.
Whether small or larger health care units, the processed personal data are included in the “special category of data” (Art. 9 GDPR), called “sensitive data” to the statutory regime (Art.2 and Art.7 Law 2472 / 97).
The processing of such data is accompanied by additional statutory guarantees and obligations. A basic requirement is to designate a Data Protection Officer (DPO) even in smaller health units. The sensitivity of the health units to the issues of personal data becomes even greater if one takes into account the fact that there is yet another processing which is treated by the common lawmaker with a correspondingly high sensitivity: videotaping, which is extremely common health units to safeguard legal or vital interests.
The GDPR Team is your health data advisor. We are specialized in medical law, matters of medical consensus, medical records, medical confidentiality, health data processing. We have an active role as data consultants in the management of personal data in hospitals (public and private), diagnostic centers, psychiatric units, mental health centers, assisted reproductive units, genetic laboratories, pharmaceutical companies and clinics, dental practitioners, physicians and physiotherapists.