On May 25th 2018 the General Data Protection Regulation is enforced. PALGA started in 2017 with preparations to comply with the GDPR. To do so PALGA followed the directions of the Dutch Data Protection Authority (DPA).
The GDPR imposes extra obligations for organisations that process personal data for scientific research. An important obligation is that PALGA has to be able to show that PALGA is compliant with the GPDR. This implies that PALGA has to prove that the appropriate technical and organisational measurements have been taken to comply with the GPDR. The DPA enforces the GDPR.
For scientific research special rules apply with regard to the processing of personal data. PALGA composed a letter with information about this topic which was sent to all pathology departments. How patients can exert their rights is also explained in a leaflet.
PALGA has appointed a Data Protection Officer (DPO) which is an obligation according to the GDPR. The DPO can be contacted by mail: firstname.lastname@example.org.
According to the GPDR patients have a right to look into and correct their data and have these data removed if they whish so. How PALGA implemented these rights is described in the above mentioned leaflet. On another page of this website more information can be found regarding this topic.
PALGA informed all pathology departments about the consequences of the GPDR. The document answers frequently asked questions. Th document will be available in English soon.