Information for member institutions of the EESZT (National eHealth Infrastructure)
As you may be aware, health care providers in the capacity of data controllers are required to provide information on the processing of the personal data of patients under the Information Act and the General Data Protection Regulation (GDPR) of the EU in force as of 25 May 2018. By virtue of joining the EESZT, such information must obviously also extend to data provided to and through the EESZT.
To ensure the effective and uniform fulfilment of such information obligation, the National Healthcare Service Center, as operator of the EESZT, has prepared the guide that can be downloaded from the link below:
“Information on the management of personal data within the National eHealth Infrastructure in the course providing care in health institutions” (HU)
This document contains readily comprehensible information to patients on data processing within the EESZT concerning them.
As a member data controller, please supplement your current privacy statement with the contents of the attached document and make available information relating to the EESZT as part of the statement in conformity with established practice.