The CNIL (Commission Nationale de l’Informatique et des Libertés, the French data protection authority) has published guidelines for healthcare organisations on the processing of personal data.
The guidelines outline the criteria that these organisations must meet in order to obtain valid consent from individuals for the processing of their data.
They also specify the information that must be provided to individuals when collecting their data, as well as the conditions that must be met for data to be transferred to third parties.
The CNIL emphasizes the importance of ensuring data security and implementing appropriate technical and organizational measures to protect personal data.
The guidelines are intended to help healthcare organizations comply with the EU General Data Protection Regulation (GDPR) and French law.
To read the full guidelines visit: Link