Meeting of the Personal Data Protection Office with KPMG
The President of the Personal Data Protection Office, Mirosław Wróblewski, together with his colleagues, met with representatives of KPMG - the entity monitoring the Code of Conduct for the health sector.
The Code of Conduct for the Healthcare Sector has been prepared by the Polish Hospital Federation. The President of the Personal Data Protection Office approved the document on 11 December 2023. The Code is dedicated to both private and public sector entities. KPMG Advisory sp. z o.o. sp. k. (KPMG) acts as an entity monitoring the application of the Code among its members from the private sector, and also conducts preliminary audits. Candidates who are public entities or bodies are subject to an assessment of their ability to apply the provisions of the Code.
The aim of the meeting was to discuss the experiences related to the approval of the Polish Hospital Federation’s Code. There were also discussions about ways to encourage controllers and processors to join the Code. Representatives of the monitoring body proposed the implementation of solutions that could provide an incentive to apply for the status of a member of the Code, in particular among entities from the public sector.
The participants of the meeting also talked about the challenges associated with the rapid development of new technologies and the increase in the popularity of their use in the health sector. An important point of the discussion was to draw attention to the need for entities from the medical industry to adapt to the obligations resulting from the newly adopted legal regulations, including the so-called EU digital package and the Artificial Intelligence Act. Both parties agreed that such solutions should be reviewed on an ongoing basis in terms of compliance with personal data protection and privacy regulations.
Grzegorz W. Cimochowski, PhD, Head of the Consulting Department at KPMG, presented Mirosław Wróblewski, President of the Personal Data Protection Office, with a report entitled "Cybersecurity Barometer" prepared by the monitoring body. The document provides detailed analyses on cybersecurity and compliance in this area. The report also includes information showing that controllers and processors overwhelmingly declare their readiness to join the Code of Conduct if such a compliance tool is available for their industry.
"We want to popularise the Code. The Personal Data Protection Office will support initiatives related to the implementation of this goal. We are also happy to analyse the "Cybersecurity Barometer" report and discuss its conclusions together. I am convinced that further cooperation between the Personal Data Protection Office and KPMG will be fruitful." said Mirosław Wróblewski, President of the Personal Data Protection Office.
We encourage all entities interested in joining the Code of Conduct the KMPG monitoring entity. Detailed information on the creation of codes can be found on the website https://uodo.gov.pl/en/674 . We encourage you to contact the Case Law and Legislation Department dol@uodo.gov.pl.