European Data Protection Supervisor
European Data Protection Supervisor

Health

Health

The General Data Protection Regulation (GDPR) recognises data concerning health as a special category of data and provides a definition for health data for data protection purposes. Though the innovative principles introduced by the GDPR (privacy by design or the prohibition of discriminatory profiling) remain relevant and applicable to health data as well, specific safeguards for personal health data and for a definitive interpretation of the rules that allows an effective and comprehensive protection of such data have now been addressed by the GDPR. Processes that foster innovation and better quality healthcare, such as clinical trials or mobile health, need robust data protection safeguards in order to maintain the trust and confidence of individuals in the rules designed to protect their data.

Filters

Pages

04/06/2008
4
Jun
2008

Medical check-ups - CPVO

Opinion of 4 June 2008 on the notification for prior checking regarding pre-employment and annual medical check-ups (Case 2007-176)

This opinion concerns the pre-employment and annual medical check-ups organized at the CPVO. The recommendations of the EDPS include the following:

Regarding data quality, the scope of data collected on the medical overview form and the information included on the certificate of fitness should be revised to comply with the principles of relevance and proportionality.  As to the conservation of the data, a reasonable, definite time frame must be established by the CPVO for the conservation of each category of employee and candidate medical data held by the CPVO. On information to data subjects, clear and specific information needs to be provided to data subjects regarding all items listed under Articles 11 and 12 of the Regulation. With respect to the pre-employment medical check-up, the EDPS also recommends the additional information on anti-discrimination referred to in point 3.8.4 of the Opinion. Finally, with regard to processing data on behalf of controllers, the service contracts concluded with the CPVO Physician and the CPVO Medical Centre should be modified to address data protection aspects pursuant to Article 23 of the Regulation. Instructions should be provided to the processors to comply with the minimum data protection safeguards recommended in this Opinion.

19/09/2007
19
Sep
2007
05/09/2007
5
Sep
2007

Community statistics on health data

Opinion on the proposal for a Regulation of the European Parliament and of the Council on Community statistics on public health and health and safety at work (COM(2007) 46 final), OJ C 295, 7.12.2007, p. 1

COM(2007) 46 final of 07.02.2007 PDF icon
14/12/2006
14
Dec
2006

Pages