The Irish Times reports Temple Street Children's Hospital knowingly operated a DNA program that did not comply with the EU General Data Protection Regulation for eight months after the regulation went into effect. While the GDPR took force in May 2018, Children's Health Ireland confirmed the hospital only suspended the program in February 2019 to address regulatory compliance. CHI said patients participating in the program provided consent for the use of their data, which CHI claims is deleted at the program's completion. Privacy advocates have questioned why the program ran without compliance and why CHI has not reported its misstep to the Irish Data Protection Commission.
If you want to comment on this post, you need to login.