In April, Adequacy is mobilizing through GDPR webinars

What can the Adequacy team do to also participate in the national effort that is committed to fighting the coronavirus? Since the start of the pandemic, we have been asking ourselves this question. Recognizing that the protection of personal data may seem insignificant in the face of the threat of coronavirus and its impact on society, our first instinct was to limit our communication to give free rein to health-related information. Unfortunately, the news shows us that the security of personal data is still an important issue, both for health facilities That at Within companies And for Individuals.

So to make our contribution, we wanted to share with you our feedback, our recommendations and best practices in terms of personal data protection. Through GDPR webinars, we invite you to come back to the various problems and questions that DSI, DPO and RSSI may pose in this period with:

• Episodes specially oriented to the Protection of Health Information Systems
• Tips and recommendations to reconcile RGPD and Telework
• The possibility of asking our experts during these webinars about the specific problems you encounter in your organization.

This initiative complements the items best practices that we will offer you.

What are Adequacy's GDPR Webinars?

For us, these GDPR webinars are the most efficient and relevant way to bring the same level of professionalism as that provided during our workshops to our customers. The only differences: they are done remotely, are open to everyone and are free.

What is the benefit of participating in Adequacy's GDPR Webinars?

Whatever your sector, your activity or even your profession, daily life is often the main difficulty in initiating or extending the fundamental work that is to comply with GDPR. Taking advantage of these few special days to take a step back and identify areas for improvement in your organization may therefore seem interesting.

Participating in these webinars will allow you to benefit from the necessary monitoring work that any CISO, CIO, or DPO must carry out in this unprecedented period.

GDPR webinars, the proposed program

Tuesday, March 31, 2020: Uses of Real-Life Data in Health

Webinar presentation:

How is Real-Life data used in the field of health? This data is not collected in the experimental framework of a clinical trial but is generated during the care provided “routinely” for a patient or is linked to events in his daily life. The sources of this data can therefore be the web, social networks, connected objects, etc.

In the case of Covid-19, in some countries* (Austria, Belgium, Belgium, Israel or even Germany), the geolocation data of patients with Covid-19 is used to trace the movements and the spread of the epidemic.)

*In France, only the framework of the fight against terrorism allows the use of this type of data within a specific legal framework.

The answers we propose to answer:

• What is real life data and what are the use cases known to date in the health field?
• How to use real life data in the context of the current Covid-19 epidemic and in particular for research on the coronavirus?
• What are your possibilities/constraints with regard to the RGPD and the protection of health data?

Thursday April 9, 2020: Best practices for reconciling RGPD and Teleworking.

Webinar presentation

Many companies have praised their ability to adapt to the current situation thanks to their tools and their teams. Using the various services offered by the various actors is a real skill that should be welcomed. What about the personal data that passes through these new services? Do they need to be identified in your treatment sheets? Aren't we here to endorse the tacit permission of “Shadow IT” so often criticized by CIOs and CISOs?

The answers we propose to answer:

• The recommended tools to reconcile RGPD and Telework
• 5 actions to make your employees aware of data security

Tuesday, April 14, 2020: What are the particularities of crisis management within a hospital IT department?

Webinar presentation:

In the context of the Covid-19 pandemic, the announcements of the President of the Republic and the lockdown measures taken by the government and certain municipalities require, on the one hand, hospital CIOs to interconnect employees and management teams; and unlike other organizations or companies, hospital CIOs must do so while maintaining continuity of service in health institutions (public, private or private non-profit).

The role of the IT department is to put in place the necessary measures, in accordance with the new objectives defined by the General Management. This transformation must be done successfully, in record time. As a reminder, even in times of pandemic, the General Data Protection Regulation -RGPD- applies, including “at home”.

The answers we propose to answer:

• What are the best practices that should be implemented immediately?
• What specificities of the hospital world should be taken into account during the Covid-19 pandemic period?
• How to ensure that decisions comply with the GDPR?

Tuesday, April 28, 2020: Health Accommodation and RGPD: Differences and/or complementarities

Webinar presentation:

For many years, the question of the security of data stored in information systems has been a major issue in the field of health:

• the principle of approval in the field of hosting health data was established by Act No. 2002-303 of 4 March 2002,
• the conditions for obtaining approval were then established by Decree No. 2006-6 of 4 January 2006 relating to the hosting of personal health data and amending the Public Health Code,
• law No. 2016-41 of 26 January 2016 to modernize our health system clarified certain aspects of this procedure and above all, announced its evolution towards a certification process,
• Ordinance No. 2017-27 of January 12, 2017 defines the scope of application of health data hosting and announces the certification procedure for hosting providers.

However, HDS certification does not exempt from integrating respect for human rights, a subject that is a bit overlooked, sometimes completely forgotten. The RGPD must be at the center of the concerns of actors. The penalties for non-compliance with human rights are in fact heavier than those applicable to non-compliance with technical requirements.

The answers we propose to answer:

• What are the principles and impacts of the HDS regulation (health data hosting provider)?
• What differences/similarities with the GDPR?
• What methodologies for the compliance of your organization with the RGPD and its preparation for HDS certification?

We are convinced that at least one of these events concerns you so do not hesitate any longer and register for webinars that you think are relevant to your business and your goals.