GDPR For patient advocacy organisations

Part 3: Key GDPR Obligations
Processing Health Data 

Health related data is any information about an individual that might reveal their health status.

The GDPR puts additional safeguards for processing of health data. If your organisation has access to patient's medical records, conducts studies on a patient's disease or otherwise processes health data, you must take extra measures according to the GDPR.

Here is what you will learn in this course

Part 3: Key GDPR Obligations for Patient Organisations

Defining health data

  • Understand what constitutes as health related data under the GDPR

How to process health data

  • What additional actions you must take to process health data
  • Which lawful grounds are most relevant to patient advocacy organisations

Additional considerations for processing health data

  • Which additional actions you must implement for processing health data
    Which security measures you must put in place

Course Overview

Understand the basic concepts of the GDPR.

Presented by

Tim Van Canneyt

Partner at Fieldfisher Belgium – Member of the Brussels Bar

Specialist data protection and 
e-commerce advisor and an information technology contract negotiator and litigator.

About the Instructor
Tim provides strategic and practical advice on global data protection compliance issues to start-ups, large multinationals, associations and public organisations. He has a particular interest in privacy challenges relating to digital technologies and services (geo-localisation, IoT, cloud computing, big data, AI, etc.).

Tim is a certified privacy specialist (CIPP/E.).  He is on the Teaching Faculty of the International Association of Privacy Professionals (IAPP), an association that brings together privacy experts from around the world.  He is also Co-Chair of the OneTrust PrivacyConnect Brussels Chapter and a member of Ecomlex, a European network of lawyers specialising in e-commerce and ICT law.  Tim is also a member of editorial board of Computer Law review.  He is a former member of the IAPP European Advisory Board.

Tim is a regular speaker at high-profile data protection conferences and he regularly publishes in the field of data protection. For several years, he has been invited as a guest lecturer on IT contracting practices at the Master after Master IP/IT of the KULeuven Odisee. He is the creator of, a free online database of all Court of Justice case law on data protection.