In December 2023, the President of the Polish Office for Personal Data Protection approved the "Code of Conduct for the Health Sector" prepared by the Polish Federation of Hospitals. This document is the first code in Europe covering both public and private entities in the medical sector. According to the DPA, the code complies with the GDPR and provides adequate safeguards in terms of data protection. An important aspect was the development of monitoring solutions for public entities. This is the first such code for the medical sector that allows public hospitals to confirm compliance of data processing with the GDPR. Entities that will apply the code can have a guarantee of the correctness of the use of certain solutions approved by the DPA. They can also count on the supervision of personal data processing based on the monitoring mechanisms described in the code. Additionally, when considering imposing a penalty on an entity, the DPA must consider in each case whether the entity is correctly applying the approved code of conduct
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.