Enforcement of data breaches in the Dutch and British healthcare sector: a contribution to clarifying requirements of data protection by design?

Jessica P. Hof*

*Bijbehorende auteur voor dit werk

OnderzoeksoutputAcademicpeer review

5 Downloads (Pure)


Within the healthcare sector, highly sensitive personal data, including data concerning health, is processed. The careless handling of such data can have a significant impact on the fundamental rights and freedoms of natural persons. It is central that data protection principles, including data protection by design, are followed by the healthcare sector. When these requirements are not met, it is crucial that enforcement action is taken to prevent personal data breaches. This article compares the enforcement carried out in the Netherlands and in the UK for breaches in the healthcare sector of the General Data Protection Regulation and the UK Data Protection Act 2018. The author reflects on whether more effective enforcement measures would lead to healthcare developments that are compliant with the data protection by design obligation (Article 25 of the GDPR). It is argued that in turn,compliance with this obligation can prevent personal data breaches and data protection complaints, rendering enforcement, and consequently recovery, superfluous.

Originele taal-2English
TijdschriftInternational Review of Law, Computers and Technology
StatusE-pub ahead of print - 5-mrt.-2024

Citeer dit