Recognising personal data in healthcare projects

In healthcare projects, personal data could include:

  • Socio-economic data, such as household income, and ages and education levels of each household member.

  • Electronic health records, such as individual episodes of care including doctor visits, prescriptions supplied, or hospital or day care surgeries.

  • Health and wellness tracking from mobile phones, digital watches and other wearable technologies that measure, for example, heart rate, levels of physical activity and sleeping patterns.

  • Mobile phone numbers, which often have associated geo-location that could identify an individual.

  • Information about employees working in healthcare systems, for example name, address and bank details.

Key actions to take:

  • Could the data in your project directly or indirectly identify individuals? If the answer is yes, refer to the section below on minimising risks.

  • Consider developing a data protection impact assessment to keep a record of specific risks and mitigations.

  • Consider speaking to your data protection officer or seeking legal advice to confirm which data protection laws and regulations will need to be complied with.

Last updated