Evaluation of the Implementation of the General Data Protection Regulation in Health Clinics

Isabel Maria Lopes 1 * , Pedro Oliveira 1

J INFORM SYSTEMS ENG, Volume 3, Issue 4, Article No: 28.


OPEN ACCESS   783 Views   918 Downloads

Download Full Text (PDF) Cite this article


The new General Data Protection Regulation (GDPR) was approved on April 27 2016. The GDPR 2016/679 aims to ensure the coherence of natural persons’ protection within the European Union (EU), comprising very important innovative rules that will be applied across the EU and will directly affect every Member State. Furthermore, it aims to overcome the existing fragmented regulations and to modernise the principles of privacy in the EU. This regulation will come into force in May 2018, bringing along several challenges for citizens, companies and other private and public organisations. The protection of personal data is a fundamental right. The GDPR considers a ‘special category of personal data’, which includes data regarding health, since this is sensitive data and is therefore subject to special conditions regarding treatment and access by third parties. This premise provides the focus of this research work, where the implementation of the GDPR in health clinics in Portugal is analysed. The results are discussed in light of the data collected in the survey and possible future works are identified.


regulation (EU) 2016/679, general data protection regulation, personal data, health clinics




Lopes, I. M., and Oliveira, P. (2018). Evaluation of the Implementation of the General Data Protection Regulation in Health Clinics. Journal of Information Systems Engineering & Management, 3(4), 28. https://doi.org/10.20897/jisem/3939

Submit a Manuscript