The information on which the search is based has been translated by a computer system without human intervention. It may contain errors in vocabulary, syntax or grammar. The translation may also produce mistakes in the searches performed.
162 results were found for your search terms Health data
Work reports, which include health data of the complainant, within the framework of a disciplinary procedure.
IP 424/2021
It is decided to file the present complaint, given that the accused City Council and, in particular, the Chief Inspector of the Local Police, included references to the data on the person's health reporting - who holds the status of local agent - since these were necessary to resolve the desirability of initiating a disciplinary file against him, for alleged withdrawal from service on health grounds. Thus, this Authority concludes that the processing of controversial personal data was covered by Article 6.1e) - processing carried out in the exercise of public powers - and that the circumstances provided for in Article 9.2 (f) and g) GDPR, which lift the prohibition on processing health data in Article 9.1 (GDPR).
24/11/2022
Possible access to medical data by administrative staff.
IP 429/2021
The complainant complains that they made him send medical documentation by email and that this would facilitate access to medical data by non-health administrative staff. RA is issued since this was an exceptional shipment since the patient requested urgent assistance by phone for the prescription of pain medication and since the last medical report was not yet included in the HC3, since the same one had been issued day at another medical center, he was asked to send it by e-mail in order to carry out the medical prescription. These emails are managed by the administrative staff entrusted with these functions and, moreover, management does not involve access to medical documentation; only if it becomes essential for the performance of its functions. Art. 16 Law 41/2022.
15/11/2022
Revelation of the complainant's health data by a co-worker.
IP 404/2021
RA is being prepared because the complainant was the one who in a workplace revealed his or her COVID (and his/her) results to other partners. He did so for organisational purposes. At the same time, his boss communicated the results (and those of his wife) to a colleague in charge of carrying out organizational functions. Although it was not necessary to disclose data on his wife's results, it would be disproportionate to hold the complainant responsible for this fact, when it was the complainant himself who revealed the information in a voluntary, trusted environment amongst colleagues. It should also be noted that the complainant confirmed that he had carried out an access audit and confirmed that there had been no access to the complainant's data.
15/11/2022
Communication of pseudonymized patient data in the pharmaceutical laboratory providing medication
CNS 28/2022
The hospital could communicate pseudonymized data relating to the health of patients treated with medicines for compassionate use in the pharmaceutical laboratory that facilitates the drug for clinical research purposes (Article 9.2.j) GDPR and paragraph 2.d) of DA 17a LOPDGDD) on the basis of the legitimate interest pursued by the laboratory.
02/11/2022
Indirect information that reveals personal information but does not constitute a breach.
IP 258/2022
The complainant complains that someone in Chief Manso would have disclosed his data (who is his family doctor to his ex-wife). RA is dictated as the ICS does not provide the complainant's data but merely informs the child's mother in common the reason why the child is not assigned the same doctor as her. The reason is that the child is a beneficiary of the parent's social security number and, by default, is assigned the same doctor/ssa as the cardholder. Therefore, with this information, you can guess who the complainant's doctor is. This fact does not constitute an infringement in respect of Article 6.1.h) in relation to Law 8/2007 regulating the functions of the ICS.In addition, information on the allocation of health professionals to beneficiaries is information easily accessible to any interested person.
22/09/2022
Implementation of a register for civil protection actions in emergency situations
CNS 22/2022
The City Council could create a register of the residents of the municipality who, given the concurrence of certain circumstances, would require a quick action by the civil protection forces in emergency situations. The use of data from the Register for this purpose would be compatible, but the incorporation of information relating to people's health would require their explicit consent.
08/09/2022
- SECTORIAL AREA
- Municipal Population Register
- Civil protection
- PERSONAL DATA
- Sensitive data
- Health data
- ENTITIES
- Public administration
- Local administration
- Council
- OBLIGATIONS
- Impact assessment
- PRINCIPLES
- Purpose limitation principle
- Lawfulness principle
- Consent
- In the public interest or in the exercise of official authority
Alcohol and drug controls on transport service personnel with driving or traffic safety features
CNS 17/2022
The treatment of driving staff's health data or functions related to the traffic safety of rail transport services to detect, by the company, alcohol or drug consumption, at the start or during working time, is enabled in Articles 6.1.c) and 9.2.h of the GPD in relation to rail legislation. In the case of personnel who carry out these duties in the transport services of the bus or cable network, the data protection regulations do not prevent regular controls on the consumption of the aforementioned substances, when it is established, justifiably, by the occupational risk prevention service, insofar as it may constitute a risk for third parties.
22/07/2022
Work absentee control of career civil service personnel. Labor agreement enabling.
IP 525/2021
The complaint complains that he has received calls from the company Tebex on behalf of the City Council, who does not know who he is and has not consented to the transfer of his personal data. The City Council informs him that Tebex is the adjudicator of providing the labor absentee control service. It is accredited at IP stage by providing a service provision contract and annex regulating data protection clauses. Furthermore, in response to a second requirement, it provides for an employment agreement which includes as Annex 1, a circular providing for the possibility of controlling absenteeism.
06/07/2022
The right to access the data source.
PT 154/2021
The person here claiming complained that the City Council had not provided him with the name of persons or entities that had provided the social services with a report issued by a court advisory body (EATAF). In relation to this, the complaint is estimated to the extent that Article 15.1.g of the GPD determines that it is part of the right of access "any information available about its origin", which would therefore include reporting on the identity of the person who submitted the report (if known). However, if the City Council considers that access may be limited, nothing prevents people from being moved from what data may be affected by access, so that they make the appropriate claims.
31/05/2022
Communication of data to third parties. Presumption of innocence.
IP 64/2022
It is archived to the extent that it has not been proven that the complainant has revealed or communicated to third parties data linked to the complainant and to professionals who would have visited it.
26/05/2022
Total number of pages: 17