Expert Advice Community

Guest

Consent, transferring and encrypting data

  Quote
Guest
Guest user Created:   Aug 28, 2019 Last commented:   Aug 28, 2019

Consent, transferring and encrypting data

1. Can I transfer medical data to a contractor that builds my database?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Aug 28, 2019

Answer:

Transferring personal data to third-party service providers acting as data processors is not forbidden by the EU GDPR. However, you need to ensure that the processors have on place adequate technical and organizational measures to protect the data.

2. Do I need to get consent if I want to transfer the data?

Answer:

No, you don't need to have consent to use and to transfer personal data to third party processors. However, you need to ensure that the data subjects are informed of the use of such processors via a Privacy Notice.

For more information on privacy notices check out this webinar Privacy Notices under the EU GDPR (https://advisera.com/eugdpracademy/webinar/privacy-notices-under-the-eu-gdpr-free-webinar-on-demand/).

3. Do I need to encrypt the data before sending or what measures I need to take?

Answer:

Although not mandatory under the EU GDPR, I would strongly advise you to use encryption while sending personal data and also ask the processor to have encryption at rest. This is due to the fact that data concerning health is transferred.

You can find more information about the EU GDPR requirements on security in this EU GDPR Foundations Course (https://training.advisera.com/se/eu-gdpr-foundations-course//).
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 28, 2019

Aug 28, 2019

Suggested Topics