GDPR For patient advocacy organisations

Part 1: Key GDPR Obligations
Requirements for processing personal data

Patient organisations may process personal data for a variety of reasons. Some examples include collecting emails to send a monthly newsletter or sending an invitation to a webinar or event.

It is important to understand the requirements that will allow your organisation to process personal data and remain compliant with the GDPR.

Here is what you will learn in this course

Part 1: Key GDPR Obligations for Patient Organisations

The GDPR requirements for processing personal data

  • When and how an organisation can process personal data
  • The lawful grounds for processing personal data
  • The myth that an organisation needs consent to process personal data

Key information obligations for patient organisations

  • What information organisations must share with individuals
  • What information to include on a Privacy Notice
  • How and when to share information with individuals

Understanding the data subject's rights

  • Individuals' right under the GDPR and what that means for patient organisations
  • What to do when a data breach happens
  • Understanding the obligations on transferring data outside of the EU

Course Overview

Understand the basic concepts of the GDPR.

Presented by

Tim Van Canneyt

Partner at Fieldfisher Belgium – Member of the Brussels Bar

Specialist data protection and 
e-commerce advisor and an information technology contract negotiator and litigator.

About the Instructor
Tim provides strategic and practical advice on global data protection compliance issues to start-ups, large multinationals, associations and public organisations. He has a particular interest in privacy challenges relating to digital technologies and services (geo-localisation, IoT, cloud computing, big data, AI, etc.).

Tim is a certified privacy specialist (CIPP/E.).  He is on the Teaching Faculty of the International Association of Privacy Professionals (IAPP), an association that brings together privacy experts from around the world.  He is also Co-Chair of the OneTrust PrivacyConnect Brussels Chapter and a member of Ecomlex, a European network of lawyers specialising in e-commerce and ICT law.  Tim is also a member of editorial board of Computer Law review.  He is a former member of the IAPP European Advisory Board.

Tim is a regular speaker at high-profile data protection conferences and he regularly publishes in the field of data protection. For several years, he has been invited as a guest lecturer on IT contracting practices at the Master after Master IP/IT of the KULeuven Odisee. He is the creator of, a free online database of all Court of Justice case law on data protection.