Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

This page describe relevant GDPR issues covered by the eHealth platform.

1) Lawful, fair and transparent processing

Data is treated under the law of sundhedsloven or plejeloven. All access to data is logged. This log covers who accessed data, which action, at what time and on what citizen. The access is also registered the citizen's MinLog, giving the possibility of data control by the citizen.

2) Limitation of purpose, data and storage

Only data relevant to the given treatment is stored. Data is only used in connection with the given treatment.

3) Data subject rights

Data subjects can receive a copy of data and have wrong data corrected. As long as data is used in the treatment of the data subject, it cannot be deleted since this might have a negative impact on the treatment.

4) Consent

  • not covered by the platform

5) Personal data breaches

  • not covered by the platform

6) Privacy by Design

Patient data is stored under a pseudonym. Data is encrypted under transport. Access to data is guarded by rules where only certain roles has access. These roles is only granted to personal accounts.

7) Data Protection Impact Assessment

  • not covered by the platform

8) Data transfers

Data can be exported in the FHIR format.

9) Data Protection Officer

  • not covered by the platform

10) Awareness and training

  • not covered by the platform

  • No labels