The GDPR Transfer Regime and Modern Technologies

Melania Tudorica, Trix Mulder

Research output: Contribution to conferenceAbstractAcademic


Health data comes within a person's most intimate sphere. It is therefore considered to be sensitive data due to the great impact it could have on a person's life if this data were freely available. Unauthorised disclosure may lead to various forms of discrimination and violation of fundamental rights. Rapid modern technological developments bring enormous benefits to society. However, with this digitisation, massive amounts of health data are generated. This makes our health data vulnerable, especially when transferred across borders. The new EU General Data Protection Regulation (GDPR) legal framework provides for rights for users of modern technologies (data subjects) and obligations for companies (controllers and processors) with regard to processing of personal data. Chapter V of the GDPR protects personal data that are transferred to third countries, outside the EU. The term 'transfer' itself however is not defined by the GDPR. This paper examines whether transfer within the meaning of the GDPR applies to health data processed by modern technologies and if the complexity of the GDPR legal framework as such sufficiently reflects reality and protects health data that moves across borders, in particular to jurisdictions outside the EU.
Original languageEnglish
Publication statusPublished - 2019
Event11th ITU Academic conference: ITU Kaleidoscope: ICT for Health: Networks, standards and innovation - Georgia Institute of Technology, Atlanta, Georgia, United States
Duration: 4-Dec-20196-Dec-2019


Conference11th ITU Academic conference: ITU Kaleidoscope
Country/TerritoryUnited States
CityAtlanta, Georgia
Internet address


  • transfer regime
  • data protection
  • GDPR
  • health data
  • modern technologies

Cite this