Health: When data protection demands special attention - BAS - Sociedade de AdvogadosBAS

BAS > Communication > Press > Health: When data protection demands special attention

The sensitive nature of health data demands a specific assessment of the impact of the new General Regulation on Data Protection. An analysis of Cláudia Monge, lawyer and partner at BAS – Sociedade de Advogados, recently published on specialised media.

The General Regulation on Data Protection, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April on the protection of individuals with regard to the processing of personal data and on the free movement of such data, that repeals Directive 95/46/EC (Regulation), presents today, what Directive 95/46/EC of 24 October 1995 did not do, a concept on ‘health data’. It defines ‘health data’ as ‘personal data relating to the physical or mental health of a natural person, including the provision of health services, which disclose information about his or her state of health’.

According to the Regulation, the person responsible for the processing of personal data shall adopt technical and organizational measures appropriate to the nature of the data, the scope, context and purpose of the data processing and the risks to the rights and freedoms of individuals and to the probability and severity of such risks, making it essential and especially important, in view of the sensitive nature of health data, to carry out a thorough risk assessment prior to the treatment.

Being the processing of health data – a special category of data, in accordance with Article 9, no. 1 of the Regulation – it is necessary to refer to the previous impact assessment on data protection provided for in Article 35, no. 1, paragraph b) of the Regulation ‘in the case of: (…) (b) large-scale treatment operations of special categories of data referred to in Article 9, no. 1) (…)’. Large-scale treatment operations, as set out in Recital (91) of the Regulation, should be regarded as those which are intended to deal with a large amount of personal data at regional, national or supranational level, which may affect a considerable number of data holders and are likely to involve a high risk, for example, because of their sensitivity, where a new technology is used in line with the level of technological knowledge achieved, as well as other processing operations which entails a high risk to the rights and freedoms of data subjects, in particular where such operations make it difficult for the owners to exercise their rights’.

It’s recommended that an evaluation be done prior to the processing of health data, even in cases where such assessment is not a legal imperative. The assessment allows the identification of the risks and, in a coherent manner, the appropriate measures to prevent or mitigate them. And the identification of such security measures always constitutes a legal obligation by the person responsible for the processing, in accordance with the Regulation and also under the Personal Data Protection Act (LPDP); Law No. 67/98, of October 26, which transposed into Portuguese law the aforementioned Directive 95/46 /EC.

Article 14 of the LPDP states that ‘the responsible person must implement appropriate technical and organizational measures to protect personal data’ and that ‘these measures must ensure (…) an adequate level of security in relation to the risks the treatment has and the nature of the data to be protected ‘. The determination of the appropriate level of security depends on the evaluation. It’s our understanding that even where the particular situation does not fall within the situations in which the law requires the evaluation to be carried out, that assessment should still be carried out.

In light of Article 15 of the LPDP, concerning health data processing, data processors are required to take appropriate measures to ensure: access control to the premises, data media, data entry, data usage, access, transmission, a posteriori entry and transport.

In terms of health data processing, it is therefore recommended that a case-by-case impact assessment is always done, which will allow, in the specific case of health data processing, to: a) determine the best solution according to the legitimate purpose to be pursued, the nature of the data, the conditions of the internal organization, the means available, the attainable security measures; B) determine what security measures to implement and the terms of their implementation; C) determine the actions to update the measures, audit, inspection and adoption of corrective measures.

The prior evaluation is therefore a good management tool and a safeguard measure to ensure compliance with the regulatory framework for the protection of personal data.

Click here to read the original article in Advogar.

Back

More in Communication

24/05/2018 Company Agreement under the microscope Read more

27/02/2018 New regime of Article 256-A of the Public Procurement Code Read more

31/07/2017 New minimum wage and update of service contract values Read more

6/10/2017 Portuguese companies at the Real Estate Show in Paris Read more

21/06/2018 Football: The Right of Preference Read more

2/06/2017 Sports Law seen out of the box Read more

18/12/2017 Partner of BAS on the Best Lawyers’ directory Read more

24/01/2019 New sports law magazine Read more

26/03/2018 General Data Protection Regulation and Health Data Read more

25/10/2017 The changes in the Public Procurement Code Read more

28/10/2019 Public Health Policies in review Read more

27/12/2017 BAS on the directory Who’s Who in Business Law Read more

4/03/2019 Advogar: BAS present at MIPIM Read more

13/12/2018 Press: Best Lawyers distinguishes Portuguese law firms and lawyers Read more

11/06/2019 Margarida Ferreira discusses European legislation and its application in Portugal Read more

18/02/2019 Cláudia Monge speaks about medical secrecy and secrecy in law Read more

30/05/2017 Public Procurement and Innovation Read more

24/04/2018 BAS organizes the workshop “Two years of General Data Protection Regulation. Are we ready?” Read more

4/05/2018 BAS represents the Portuguese jurisdiction in Employment & labour 2018 in the International Comparative Legal Guide Read more

23/05/2018 BAS grows stronger with the arrival of Isabel Sousa Castro as associate lawyer Read more

26/06/2018 General framework of the new GDPR and national law – Of medical data in particular Read more

30/05/2017 General Regulation on Data Protection and the processing of personal data Read more

25/01/2018 Summary of the ruling of the Supreme Administrative Court (First section) of 16.11.2017, case No 0935/17, rapporteur: Teresa de Sousa Read more

18/09/2017 Funchal debates Public Procurement and Litigation Read more

13/03/2019 News from MIPIM 2019 Read more

15/07/2019 Marco Real Martins nominated for the Forty Under Forty awards Read more

29/11/2018 Best Lawyers Distinguishes Pedro Madeira as Lawyer of the Year in Portugal Read more

12/10/2018 BAS reinforces its team with three trainee lawyers Read more

3/05/2019 BAS debates restructuring processes in webinar on Labour Law Read more

30/11/2017 Catholic University’s Law JobShop: BAS at the market of opportunities Read more

28/10/2019 Changes to the Labour Code Read more

14/09/2020 BAS integrates two associate lawyers and a consultant, strengthening strategic areas and betting on new areas of expertise Read more

29/11/2019 Pedro Madeira de Brito co-authors the ‘Commentary on the European Convention on Human Rights and Additional Protocols’ Read more

9/02/2018 FDUL provides courses in Law, Finance and Justice of Sport Read more

31/10/2017 Master of Sports Law Read more

30/10/2018 What changes with the new Local Housing Law? Read more

31/01/2018 Developments in data protection and compliance can mean employment laws are quickly outdated Read more

3/10/2019 Information session on the changes to the Labour Code Read more

14/02/2020 Iberian Lawyer: “10 years of BAS Law Firm” Read more

30/11/2017 The intriguing figure of the Data Protection Officer Read more

30/10/2017 The framework of satellite clubs Read more

22/02/2019 BAS in the 14th In-Lex Edition Read more

5/09/2017 Claúdia Monge coordinates Medical Law course Read more

13/04/2017 Chambers and Partners recognizes BAS lawyers Read more

29/03/2019 New BAS services: Immigration and Foreign Investment Read more

31/10/2017 Direct award and the re-enacting of prior consultation Read more

31/01/2018 Preliminary consultation: the implementation of informality Read more

5/03/2020 Women in Law Read more

2/05/2019 Real Estate Consulting Read more

13/03/2020 BAS shortlisted for the Iberian Lawyer Labour Awards Read more

31/05/2017 Sports Law in 5 questions Read more

19/12/2017 BAS strengthens its team with the arrival of Luciana Sousa Santos Read more

26/09/2018 GDPR and consent for scientific research Read more

19/10/2017 Smart work and the new trends on the labor sector Read more

28/10/2019 The consent of minors and the GDPR Read more

12/11/2017 Cláudia Monge will be a speaker at the conference on General Regulations for the Protection of Personal Data Read more

30/05/2017 Transparency in the advertising of medicinal products and medical devices Read more

12/10/2018 BAS with three new trainee lawyers Read more

29/06/2017 Rebenta a Bolha! (The game is over) Read more

27/12/2017 Partnerships for innovation, for what and how? Read more

25/09/2019 II Workshop – The National GDPR Enforcement Act: What to Expect? Read more

27/03/2020 Take a step back and reassess your priorities Read more

30/05/2017 BAS and Sports Law Read more

30/10/2018 BAS represents Portugal in EU Employment and Social Security Law Webinar Read more

31/01/2020 BAS celebrates its 10th anniversary Read more

30/05/2017 New general regulation for data protection Read more

16/07/2019 Cláudia Monge in a conference in Sintra on Medical Error Read more

17/12/2019 Beneficiary Central Registry BCR Legal Regime – What are the obligations of a Company After the First Declaration Read more

29/11/2018 The Women’s Human Rights Summit Read more

19/12/2018 Team BAS reinforced Read more

26/09/2018 BAS joins the Helpo sponsorship program Read more

9/06/2017 BAS lawyers at the annual EELA meeting Read more

2/04/2018 Exclusion of people from a football stadium Read more

3/05/2017 BAS at the Portuguese Real Estate and Tourism Show in Paris Read more

6/11/2018 Advocatus: BAS distinguished with The Best Health Law Firm 2018 Award Read more

21/11/2019 Pedro Madeira de Brito speaker at the ILO centenary Read more

19/11/2018 Dália Cardadeiro in the Who is Who in Business Law in Portugal directory Read more

30/06/2017 EELA Conference 2017 Read more

29/03/2019 The new Equal Remuneration Law under review Read more

2/11/2018 BAS named the Best Health Law Firm 2018 Read more

23/03/2020 COVID-19 – Exceptional Measures for Public Procurement and Expenditure Authorization Read more

31/01/2020 SB2020: Overall charges paid for service contracts Read more

26/03/2018 Processing data of children and young people in light of the new GDPR Read more

9/03/2018 Chambers Europe 2018 recognizes BAS partners in the area of Labor Law in Portugal Read more

24/06/2018 BAS at the EELA annual conference Read more

26/07/2019 The recent changes in the assumption of multiannual liabilities by NHS entities Read more

28/09/2016 BAS presence in Expo Real 2016 Read more

14/05/2019 Press: Alexandra Almeida Mota practical talks about restructuring in Europe Read more

19/02/2020 Press: BAS with five lawyers listed in Best Lawyers Read more

29/07/2019 The impact of the new Data Protection Regulation on the Schools Read more

28/09/2017 Key developments in the revised Public Procurement Code Read more

26/12/2017 BAS in the Iberian Lawyer’s Lisbon Annual Report Read more

9/05/2019 BAS supports the 4th Public e-Procurement Congress Read more

24/01/2019 BAS celebrates its ninth year Read more

24/03/2020 BAS lawyers distinguished by Leaders League Read more

27/06/2018 The draft law for a new Industrial Property Code Read more

18/10/2017 JM Seminar: Sports Law and Sports Policies Read more

4/11/2019 Video surveillance, GDPR Implementing Law and the Labour Code Read more

2/10/2019 Real Estate: BAS will be present at Expo Real in Munich Read more

7/03/2019 BAS ranked in Chambers Europe 2019 Read more

13/04/2020 Effects COVID-19: Extension of deadlines for implementation of electronic invoicing in public contracts Read more

19/12/2018 Young lawyers and entry into the labor market Read more

9/04/2019 BAS authors chapter on Labour Law in Portugal and Mozambique Read more

23/07/2018 BAS in the Advocatus Search a Lawyer Guide Read more

29/03/2019 BAS named Marco Aurélio as new partner Read more

24/04/2018 Data Protection: BAS joins APDPO Read more

6/04/2020 BAS authors a chapter on Mozambique at ICLG Read more

24/05/2019 What has changed in the contribution regime for self-employed workers? Read more

26/03/2018 10 Key steps for compliance with the GDPR Read more

28/04/2017 Paris opens its doors in May to receive Portuguese real estate Read more

30/06/2017 The reform of the employment contract of sports practitioners Read more

29/11/2018 In 2019, there will be more changes in the contributory scheme for Independent Workers Read more

23/05/2018 Isabel Sousa Castro joins BAS team (Advogar) Read more

19/11/2018 Press: Employment Law Webinar Read more

20/12/2019 2019 Highlights Read more

4/03/2020 Sports Law under analysis at the Faculty of Law of the University of Lisbon Read more

28/09/2017 Public Procurement and Pre-contractual Litigation under discussion: Analysis and evaluation of the proposals Read more

28/10/2019 Cláudia Monge contributes to the book The Secrets in Law Read more

27/02/2018 BAS in the 13th In-Lex Edition Read more

7/03/2019 BAS and real estate trends Read more

11/06/2019 Catarina José focuses on the practical implications of GDPR Read more

5/09/2017 Sérvulo and BAS lawyers will debate about public procurement in Funchal Read more

3/01/2017 Pedro Madeira de Brito distinguished by Best Lawyers Portugal 2017 Read more

7/01/2020 Advogar: BAS lawyers author a chapter on real estate in Portugal at ICLG Read more

11/06/2019 Registrations open for the workshop on GDPR implementation Read more

20/03/2020 COVID-19: Exceptional and temporary Measures in Response to the Epidemiological Situation Read more

10/12/2019 Five lawyers of BAS were recognized in Best Lawyers Read more

9/06/2017 BAS lawyers at EELA meeting Read more

25/09/2019 Labour Law: changes to the Labour Code Read more

14/09/2017 New legislation to fight against money laundering Read more

19/04/2017 Cláudia Monge analyses new data protection regulation Read more

10/05/2017 Real Estate Brochure Read more

27/04/2017 BAS at SIPP Read more

27/02/2018 Local Housing: Global Problem, National Solution? Read more

21/10/2019 BAS Agenda: 13th National Congress of Electronic Public Procurement Read more

19/05/2020 Isabel Sousa Castro in the ranking Top 50 Iberian Lawyer Rising Stars Read more

27/03/2020 10 years, 10 partners, 10 stories: Marco Aurélio Constantino Read more

11/06/2019 Cláudia Monge opens workshop intended to review the first year of GDPR Read more

24/01/2019 Do you still receive advertising emails to which you did not give consent? Read more

29/06/2018 BAS and Legalline Mozambique in Employment & Labour Law 2018 Read more

17/04/2020 Updated Version: BAS Simplified Lay Off Guide Read more

31/01/2018 BAS celebrates eight years Read more

27/06/2018 GDPR Organizational Technical Measure – What now? Read more

16/04/2018 Local accommodation: will a global problem have a national solution? Read more

26/04/2017 Catholic Porto analyses the impact of the processing of personal data Read more

27/02/2020 BAS listed in the 15th edition of In-Lex Read more

25/01/2018 The new restrictions on loans of professional football players Read more

19/03/2020 COVID-19 – Support clients in times of mutual assistance of all and for all Read more

10/06/2016 BAS at the European Employment Lawyers Association conference Read more

18/07/2019 Pedro Madeira de Brito Publishes Book on Labour Law Read more

13/10/2017 JM Sports Seminar: Pedro Madeira de Brito opens afternoon session Read more

28/01/2020 Pedro Madeira de Brito participates in the new edition of the Annotated Labour Code 2020 Read more

25/09/2019 Cláudia Monge participates in a book celebrating the 40th anniversary of the NHS Read more

25/11/2019 Who’s Who in Business Law in Portugal: Dalia Cardadeiro’s expectations for 2020 Read more

1/09/2017 Smart work: The Law and the new trends in the labour market Read more

19/09/2018 Cláudia Monge is a speaker at the Infarmed symposium Read more

6/04/2020 ICLG: BAS writes about Labour and Employment Law in Portugal Read more

7/01/2019 Press: BAS reinforces its team with two new associate lawyers Read more

11/05/2017 New rules for transparency in advertising Read more

7/11/2018 Advogar: BAS distinguished with The Best Health Law Firm 2018 Award Read more

24/05/2018 Data protection in Workshop Read more

22/11/2018 Advogar: BAS partners discuss Public Purchases in Health Read more

15/05/2019 Debate and book on Public Procurement Legal Framework Read more

7/03/2019 How Portugal adopted the Real Estate Investment Trusts (REIT) regime Read more

29/06/2017 Healthcare security and State Civil Liability: imprisonment and mastery of guilt? Read more

30/05/2017 BAS was present at Real Estate Fair in Paris Read more

2/01/2020 Artur Filipe da Silva e Diogo Moreira Ramos author a chapter on real estate in Portugal Read more

26/03/2018 Clinical Research and GDPR: Are compromises possible? Read more

15/03/2020 BAS ranked in Chambers Europe 2020 Read more

31/07/2018 Summer Course on General Data Protection Regulation at the University of Lisbon School of Law Read more

3/05/2019 BAS and the outcomes of MIPIM Read more

The sensitive nature of health data demands a specific assessment of the impact of the new General Regulation on Data Protection. An analysis of Cláudia Monge, lawyer and partner at BAS – Sociedade de Advogados, recently published on specialised media.

More in Communication

Cookies