Diagnostic Centers, Healthcare Centers, Medical Centers, Hospitals, Clinics and all Healthcare Professionals, are subject to compliance with the GDPR rules. Grafimedia SaaS Health IT is always at your side and consistently supports all developments in the Health sector.
Better Rules for Healthcare Professionals
Applying stricter rules on data protection starting on 25 May 2018 means that citizens will exercise more control over their data.
Grafimedia SaaS Health IT has developed a strategic partnership with the leading consulting company PRIORITY Consultants. The proven and multi-year experience of both companies ensures that all healthcare professionals can safely and professionally implement the necessary steps to comply with GDPR, at a legal, technical and IT level.
The most important GDPR rules apply to all necessary technical and organizational steps to be taken to protect personal data.
It is very important in every form of communication to use plain and comprehensible language. Tell them who you are when you request the data. Say why you are processing their data, how long it will be stored and who receives it. Get their clear consent to process the data. If you are collecting data from children for social media, check age limit for parental consent.
1. Give people the ‘right to be forgotten’. Erase their personal data if they ask, but only if it doesn’t compromise freedom of expression or the ability to research.
2. Let people access their data and give it to another company.
3. Inform people of data breaches if there is a serious risk to them.
4. Use extra safeguards for information on health, race, sexual orientation, religion and political beliefs.
5. Give people the right to opt out of direct marketing that uses their data.
6. Make legal arrangements when you transfer data to countries that have not been approved by the EU authorities.
Do I need a DPO?
The presence of a qualified Data Protection Officer is mandatory under certain conditions. It depends on the type and amount of data you collect, whether processing is your main business and if you do it on a large scale.
Especially for the medical industry, it is obligatory for Health Professionals who collect personal data in order to process them for example: in medical studies, research, genetics, hospitals, medical centers, diagnostic centers, care homes etc.
Is there a fine for non-compliance?
For those subject to the obligation and not complying with the GDPR Regulation, they will put themselves in an unpleasant position to receive a strict warning and a reprimand or/and even a suspension of data processing. The local Data Protection Authority monitors compliance; their work is coordinated at EU-level. The fine of non-compliance and/or violation may reach up to 4% of total annual turnover.
You can read the GDPR regulation as issued by the European Union here. Find out what your organization needs to do to comply with EU data protection rules and how you can help citizens exercise their rights under the regulation here.
GDPR How important is it?
General Data Protection Regulation GDPR is in effect from 25 May 2018. That means:
- Citizens have more control over their data
- One set of rules for all companies operating in the EU, wherever they are based
How can Grafimedia help me?
Grafimedia SaaS Health IT is always by your side and consistently supports all developments in the Healthcare sector. Grafimedia provides:
- Evaluation of your company’s current level of compliance
- Creation of Data Flow Maps
- Internal Audits
- Compliance Audits
- Personalized development of data security policies and procedures
- DPO Services
- Support to your DPO
Our partnership with PRIORITY provides to all levels of Healthcare professionals the guidance and support they need to be GDPR compliant. We undertake the preparation of your business for GDPR compliance and verification based on international standards.
We are at your disposal for further information at the telephone numbers +30 2103819350, +30 2103819939 or at the email: firstname.lastname@example.org