Day 2: October 16th, 2025

09:00 – 10:00 – Session 3 – Plenary 3 Adopting AI systems within a healthcare organisation

Lead from our committee
and CHAIR
Dipak KALRA
I-HD
Gent, BELGIUM

10:00 – 10:30 – Coffee Break

10:30 – 11:30 – Session 4 – Workshop 1- Cross-Border Telemedicine: Data Protection, Security, and Compliance Between the EU and Third Countries

Medical device and AI developers, Legal experts in data transfers will analyze GDPR mechanisms for third-country processing, cybersecurity specialists. Healthcare administrators, and doctors practicing telemedicine i.e.(telesurgeons) and bioethicists.

Cross-Border Data Transfers & GDPR Compliance
Mechanisms for legally transferring patient data outside the EU (e.g., Standard Contractual Clauses (SCCs), adequacy decisions, Binding Corporate Rules (BCRs)).
The impact of Schrems II on data transfers for health services. EHDS?
Handling jurisdictional conflicts in privacy laws between EU and non-EU states.
Ensuring secure, encrypted real-time telesurgery connections.
Risks of cyberattacks and hacking in remote procedures.
Privacy by Design approaches in telesurgery infrastructure.
AI, Data Accuracy & Ethical Concerns
Ensuring AI-assisted telemedicine complies with GDPR and the AI Act.
Ethical considerations
Patient Rights, Consent & Data Ownership
Respecting the right to data access, portability, and erasure across borders.
Managing conflicts in data ownership between healthcare providers and patients.

Lead from our Committee
Sophia PALMIERI
U-GENT
GENT, Belgium

10:00 – 11:30 – Session 5 – Workshop 2 – Implementation of a uniform DPIA

Implementing a uniform Data Protection Impact Assessment (DPIA) in the development of digital health tools presents several hurdles for the Data Protection Officer (DPO). One of the primary challenges is the complexity of integrating diverse legal and technical standards into a cohesive framework. This requires expertise across multiple domains to ensure comprehensive and effective implementation. Additionally, the rapid evolution of digital health technologies necessitates continuous updates to the DPIA framework to address emerging privacy risks. Keeping the DPIA framework up-to-date requires ongoing effort and resources, which can be resource-intensive.
Another significant hurdle is the need for effective stakeholder coordination. Implementing a uniform DPIA requires collaboration among various stakeholders. Ensuring effective communication and collaboration among these stakeholders can be challenging. Furthermore, balancing the need for innovation with the requirements for compliance can be a delicate task. While DPIAs support innovation by enabling secure data sharing, they also impose certain constraints to ensure compliance with data protection regulations.

Lead from our Committee
Christophe MAES
I-HD
Deinze, Belgium

CHAIR
NATHAN LEA
DPO, I-HD
GENT, BELGIUM

Speaker 1
Jan-Willem BOITEN
lygature
nimègue, gueldre, netherland

10:00 – 11:30 – Session 6 – Workshop 3 – Traceability, reproductibility and reliability of results of AI systems

As traceability and reproductibility are key quality criteria in clinical research, the reliability of AI systems in this regards are often questioned. How can AI systems comply with these requirements and how can they be controlled by their users?

Lead from our Committee
Pierre-Yves Lastic
EFDPO
Paris, France

11:30 – 12:30 – Session 7 – Workshop 4 – GDPR compliance through certification and codes of conduct

Lead from our Committee
Pierre-Yves Lastic
EFDPO
Paris, France

11:30 – 12:30 – Session 8 – Workshop 5 – Innovative clinical trial designs utilising EHR data

Biomedical research generally involves many partners such as hospitals, pharma companies, CROs, central labs etc. Certifications and codes of conducts are are ways to document compliance towards partners and authorities. Practical examples of thses tools will be presented in this session.

Lead from our committee
Dipak KALRA
I-HD
Gent, BELGIUM