The protection of patient privacy and the security of the personal data is one of the major priorities in the Network for Personalized Medicine. The Network aims at being the point of reference for medical data management in Greece.
It is one of the first efforts to design and implement a complicated health data workflow in a large ecosystem that is compliant with the General Data Protection Regulation. The network has the following priorities in the area of privacy protection and data security:
- Inspire trust to data subjects.
- Provide a safe and user-friendly environment to clinical practitioners.
- Promote research by creating an environment where patients will feel safe to make available their medical data for research.
The patients who receive health services from the Network and provide their data should feel that their privacy is protected, that there are clearly informed about the usage of their data and that they remain in control of their personal information. The network will enhance the trust of the patients to the personalized health service providers by (a) establishing uniform guidelines for GDPR conformity in all involved parties, (b) encouraging and helping the members involved to get certified in information security (e.g., ISO 27001) and (c) using state-of-the-art mechanisms for protecting sensitive data.
The IT tools and the practices that will be put in place in the context of the Network will provide privacy-by-design and will reduce the risks and effort required by the health practitioner to protect patient privacy.
By setting rigorous data protection regulations and providing control and transparency to users, the network will be able to acquire the consent of patients for using their data to advance personalized medicine.