Save 20% on accredited EU GDPR course exams.
Limited-time offer – ends July 18, 2024
Use promo code:
EXAM20

Expert Advice Community

Guest

Questions regarding GDPR

  Quote
Guest
Guest user Created:   Oct 16, 2019 Last commented:   Oct 16, 2019

Questions regarding GDPR

I represent a hair implant clinic and I have some questions regarding GDPR.
  1. Is the GDPR applicable to the clinic if we have EU customers?
  2. We ask for some information form possible patients details about their health conditions and allergies. Is there any specific conditions to comply with?
  3. Do we need a DPO?
  4. Do we need to ask for consent before asking the health data?
  5. We have a contract with a hotel where we keep the patients after the procedure. We send them the names of the patients to the hotel. Do we need to do something?
  6. How much would it take to be compliant with GDPR?
Thank you in advance
0 1

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Oct 16, 2019

1. Is the GDPR applicable to the clinic if we have EU customers?

If you are specifically targeting clients in the EU then in relation to the processing activities of the health data the EU GDPR would be applicable.

2. We ask for some information form possible patients details about their health conditions and allergies. Is there any specific conditions to comply with?

If the health data is required strictly in relation to the medical procedure than it should be ok to ask for this information, You need to specify in your Privacy Notice for what purpose you are asking for health data.

If you want to find out more about Privacy Notices check out this webinar "Privacy Notices under the EU GDPR" (https://advisera.com/eugdpracademy/webinar/privacy-notices-under-the-eu-gdpr-free-webinar-on-demand/).

3. Do we need a DPO?

If your main activities imply the processing health data of EU data subjects you should consider hiring a DPO or contracting a third party that can provide such services.

4. Do we need to ask for consent before asking the health data?

No, consent is not needed provided you ask for the health data in order to protect the vital interest of the patients.

5. We have a contract with a hotel where we keep the patients after the procedure. We send them the names of the patients to the hotel. Do we need to do something?

This highly depends on your activity and the types and categories of personal data you are processing, 

6. How much would it take to be compliant with GDPR?

You can get an idea on the duration by accessing this EU GDPR Compliance Calculator (https://advisera.com/eugdpracademy/eu-gdpr-compliance-duration-calculator/)

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 16, 2019

Oct 16, 2019

Suggested Topics

Guest user Created:   Apr 29, 2021 EU GDPR
Replies: 1
0 0

Questions regarding GDPR

Guest user Created:   Feb 07, 2020 EU GDPR
Replies: 1
0 0

Questions regarding GDPR

Guest user Created:   Nov 11, 2019 EU GDPR
Replies: 1
0 0

Questions regarding EU GDPR