Irish hospital ran DNA program without GDPR compliance

The Irish Times reports Temple Street Children’s Hospital knowingly operated a DNA program that did not comply with the EU General Data Protection Regulation for eight months after the regulation went into effect. While the GDPR took force in May 2018, Children’s Health Ireland confirmed the hospital only suspended the program in February 2019 to address regulatory compliance. CHI said patients participating in the program provided consent for the use of their data, which CHI claims is deleted at the program’s completion. Privacy advocates have questioned why the program ran without compliance and why CHI has not reported its misstep to the Irish Data Protection Commission.
Full Story

Share this post

Share on facebook
Share on linkedin
Share on print
Share on email

Subscribe to our Monthly Cyber Security Digest

Get monthly content to keep you up to date on the latest news and tips