GDPR For patient advocacy organisations

Part 2: Key GDPR Obligations
Accountability and Data Security 

Accountability  requires that your organisation take responsibility for what you do with personal data.

Your organisation must put in place appropriate technical and organisational processes to demonstrate that you are compliant with the GDPR.

Here is what you will learn in this course

Part 2: Key GDPR Obligations for Patient Organisations

Accountability obligations- Your responsibilities when processing data

  • The processes and documents your organisation should keep to demonstrate compliance 
  • What a Records for Processing document is and how to create one
  • If  and when you need to complete a Data Protection Impact Assessment
  • Who a Data Protection Officer is and if you need one
  • What a Data Processing Agreement is

Data security obligations

  • Measures you can take to protect personal data against data breach
  • What to do if/when a data breach occurs

What to do when transferring data outside of the EU

  • Understand what an international data transfer is
  • What documents and processes need to be put in place in order to transfer data internationally

Course Overview

Understand the basic concepts of the GDPR.

Presented by

Tim Van Canneyt

Partner at Fieldfisher Belgium – Member of the Brussels Bar

Specialist data protection and 
e-commerce advisor and an information technology contract negotiator and litigator.

About the Instructor
Tim provides strategic and practical advice on global data protection compliance issues to start-ups, large multinationals, associations and public organisations. He has a particular interest in privacy challenges relating to digital technologies and services (geo-localisation, IoT, cloud computing, big data, AI, etc.).

Tim is a certified privacy specialist (CIPP/E.).  He is on the Teaching Faculty of the International Association of Privacy Professionals (IAPP), an association that brings together privacy experts from around the world.  He is also Co-Chair of the OneTrust PrivacyConnect Brussels Chapter and a member of Ecomlex, a European network of lawyers specialising in e-commerce and ICT law.  Tim is also a member of editorial board of Computer Law review.  He is a former member of the IAPP European Advisory Board.

Tim is a regular speaker at high-profile data protection conferences and he regularly publishes in the field of data protection. For several years, he has been invited as a guest lecturer on IT contracting practices at the Master after Master IP/IT of the KULeuven Odisee. He is the creator of, a free online database of all Court of Justice case law on data protection.