Doctors are subject to the RGPD!
Doctors and, for that matter, all liberal or independent therapists are subject to the RGPD. But surprisingly enough, when contacted about this, they answer that they have a "medical secret" and therefore have no obligation with regard to the RGPD.
However, the RGPD is fully applicable to doctors and all health professionalswho process sensitive and confidential data of their patients.
While medical secrecy exists, it is nonetheless true that doctors process a lot of their patients' personal data, and moreover, health data that is considered by the GDPR as special data that requires absolute security and specific consent.
Let's be clear, who has heard their doctor talk about privacy, consent, given or proposed a safety policy?
Several doctors have been fined up to 5,000 euros for non-compliance with the RGPD.
It is no longer unusual throughout Europe to see doctors and therapists being convicted for non-compliance with the GDPR. Fines of several thousand euros are imposed on them.
But these examples do not seem to change the behavior of the majority of doctors, while patients trust them and would be unpleasantly surprised to see their unsecured data on the Internet for all to see.
Disciplinary sanctions up to and including a temporary ban for non-compliance with the RGPD.
There are not only sanctions from the European CNIL. National disciplinary authorities, such as the Order of Physicians, have also taken sanctions against doctors for not respecting the protection of their patients' personal data. These sanctions have even gone as far as a temporary suspension from practicing the profession.
And let's not forget that in some cases, the unauthorized copying or disclosure of medical data can even lead to criminal sanctions...
What are the obligations of physicians with regard to the GDPR?
Physicians have obligations to comply with the GDPR:
- To be in full compliance
- Be able to demonstrate compliance with a complete file
- Informing patients
- Ask them for informed consent
- Allow them the right toaccess their medical records
- Implementing data security measures like:
- Password security
- Secure paper files
- Update computer security
- Verify the GDPR compliance of its subcontractors
- Etc.
Want to know more?
Are you looking for a turnkey solution for your RGPD management?
Contact us to learn more about our solution and its applications.