The Office of Information and Data Protection Commissioner in cooperation with the Albanian Center for Sustainable Development (ASDO), and with the support of the Swiss Embassy in Tirana, held the 3rd event of a series within the project “Cybersecurity and protection of data”. The event gathered representatives and/or data protection officers from public institutions or private entities that operate in the healthcare system.

The purpose of this activity was to increase the awareness of the controllers operating in this sector regarding the obligations and responsibilities imposed on them by the legislation for the protection of personal data, with particular focus on the introduction of the new framework aligned with the European Union acquis (i.e. the GDPR). On behalf of the Commissioner’s Office, Mrs. Besa Velaj, Director of the Cabinet introduced the attendees with the specific provisions about the healthcare system (i.e. the Law, the Commissioner’s bylaws and guidelines), and presented the supervisory activity of the Commissioner’s Office.

In his presentation, Mr. Emirjon Marku, who is an expert of the domain, dealt with the national legal framework as illustrated with practical examples in the area at hand, from the angle of guaranteeing the rights of citizens in the healthcare context or while provisioning various related services. The lawful processing of personal data in the digital age requires implementation of appropriate mechanisms for ensuring the security of equipment and systems, as well as coherence between different units and structures of the institution or healthcare operators. Accordingly, the adoption of appropriate technical-organisational measures, particularly the creation of a safe digital/cyber environment, is essential in order to prevent or minimise the likelihood of breaches to personal data. In addition, our awareness as citizens plays an essential role in promoting lawful processing of personal data.