42 results were found for your search terms Healthcare facility
It is necessary to apply the principle of presumption of innocence since the professional who attended and responded to the consultation of the complainant acted in the exercise of its functions and only treated the personal data that the same complainant provided him for the purpose of managing his query.
The hospital could communicate pseudonymized data relating to the health of patients treated with medicines for compassionate use in the pharmaceutical laboratory that facilitates the drug for clinical research purposes (Article 9.2.j) GDPR and paragraph 2.d) of DA 17a LOPDGDD) on the basis of the legitimate interest pursued by the laboratory.
The processing of personal data by administrative personnel in order to schedule a medical visit, in the exercise of the tasks entrusted, and complying with the provisions of the data protection regulations, in accordance with the health regulations, is a legal treatment.
The whistleblower suspected that a nurse who is his neighbour would have entered his clinical history. He based his suspicions on insults that the person denouncing him offered him the husband of the so-called nurse. The list of accesses provided by the reported entity states that the nurse did not access her clinical history and that all accesses had been made by doctors and were duly justified. The "insults" that the complainant claimed the nurse's husband did not reflect any particular health data.
The communication by a hospital - which is part of the public use network - to CatSalut of data from its staff, so that this promoter of the study for the evaluation of the immune status of health personnel in Catalonia against the sars-cov2 virus (VISCAT) - contact these people in order to recruit them to participate in the said study, you do not need of your consent, to the extent that the processing of such data would be covered by the legal basis provided for in Article 6.1.e) of the RGPD
Access by ICM nursing staff to the clinical history of primary education, until December 2020 - when the Law 48/2020 decree was passed - was not permissible as it did not comply with any of the exceptions provided for in the art. 9 GDPR.
Access by a private company that is part of a business group providing health services to medical data stored by another company in the same group within the framework of the public provision of health services.
The company that provides public health services is penalised as being responsible for an infringement of the principle of application (which subsumes violations of the principles of purpose limitation and of loyalty, given its connection); in an ideal contest with the infringement of the data protection obligation from design and by default.
The communication of data from the clinical history of a minor to the ABSS may have sufficient authorization (e.g. arts. 6.1.e) and 9.2.h) RGPD, in relation to the LSS and the LDOIA), with the purpose of caring for the child and assessing and managing their risk situation, and always in accordance with the principle of minimization. For these purposes, it is justified to ask for proof of the identity of the claimant.
Communication to the Mossos d'Esquadra of the medical report of a patient victim of a homicide attempt
The police Police it can obtain data of health of a person, the number of the room included in the one that is entered, without its their consent when they act exercising exerting functions of judicial policeman within the framework of a research it only specifies. In case the request of the Police is not clear enough to in the effects from determining the fulfillment compliment of the requirements established in article item 22.3 LOPD, the sanitary center can request a clarification.
The FFCCS may obtain a copy of the statement of injuries, including injuries linked to situations of gender-based violence or assault on minors, without the consent of the data owner, when acting as a judicial police officer for a specific investigation. The delivery to FFCCS agents of the statement of injuries in sealed and sealed envelopes when the interested party cannot take care of them may be a procedure appropriate to the data protection regulations as long as their purpose is only to deposit them until at the time when the person concerned can take charge of it. This is without prejudice to other practices such as indicating to the affected person that they may obtain a copy of the statement by accessing their medical history.