MedTech Europe’s participation in the public consultation on Article 25 Data Protection by Design and by Default Guidelines of the EDPB
Posted on 06.02.2020
MedTech Europe’s Data Protection committee (DPC) has recently participated in the public consultation on the Guidelines 4/2019 on Article 25 Data Protection by Design and by Default of the European Data Protection Board (EDPB). The Guidelines give general guidance on the obligation of Data Protection by Design and by Default (henceforth “DPbDD”) set forth in Art. 25 GDPR, where the core obligation is the effective implementation of the data protection principles and data subjects’ rights and freedoms by design and by default. This requires that controllers implement appropriate technical and organisational measures and necessary safeguards, designed to implement data protection principles in an effective manner and to protect the rights and freedoms of data subjects. In overall, more than 50 organisations and individuals sent comments to the EDPB. The Guidelines are available here, and MedTech Europe’s response here.