Caught in the Compliance Web: DPOs and the art of their Code of Conduct, Certification and digital health technology assessment Journey.
Chair: Christophe Maes
This workshop aims to highlight:
Data Protection Officers (DPOs) face a complex landscape when striving for compliance with privacy and transparency regulations dealing with different areas of digital health, including the novel areas such as AI and telemedicine.
This complexity is magnified by the need to know what can be checked and what cannot beassessed. Each of the assessment instruments present unique challenges and demand a thorough understanding of digital health area specific GDPR and cybersecurity implications.The DPOs must ensure that the data processing activities meet the stringent criteria set by Data Protection Certification bodies, those of the internal Code of Conduct as well those defined by the health technology assessment frameworks. A lack of a uniform & standardised PAN-EU privacy and transparency requirements framework for the different digital health areas, makes it even more difficult as DPO to contribute to procurement and adoption decisions, and potentially to be able to review and make judgements about conformityassessments.
The 90-minute session will begin with three 10-minutes presentations:
The presentations will be followed by an interactive workshop discussing, scoping and defining the digital health area specific objective privacy and transparency requirements.Downsizing the number of existing criteria to mandatory, relevant and feasible criteria.
The aim is to draw up a set of criteria relevant to DPOs that will be submitted to the health technology assessment bodies to establish a harmonised assessment framework.