Support Centre

Ukraine: Commissioner announces audit of Medstar Solushens' data protection compliance

The Ukrainian Parliamentary Commissioner for Human Rights ('the Commissioner') announced, on 11 February 2020, that it will conduct an audit of Medstar Solushens, LLC's compliance with data protection legislation ('the Audit'). In particular, the Commissioner highlighted that the purpose of the audit is to determine whether Medstar Solushens' electronic medical system satisfies the requirements of legislation in the field of personal data protection as well as established how the personal information of patients contained in the central database is protected. In addition, the Commissioner outlines that in cases of violations, companies will be required to take appropriate measures. Finally, the Commissioner notes that the Audit of Medstar Solushens forms part of its larger compliance check on companies that provide electronic health care systems. 

You can read the press release, only available in Ukrainian, here.

UPDATE (6 March 2020)

Commissioner releases results of Medstar Audit

The Commissioner released, on 6 March 2020, the results of its Audit on Medstar Solushens. In particular, the Commissioner noted that the Audit revealed shortcomings in Medstar Solushens' implementation of Ukrainian data protection laws. Consequently, the Commissioner recommended, among other things, that Medstar Solushens clearly define instances where consent is necessary for the processing of a patient's personal information, and ensure that the template of consent presented to data subjects is in accordance with the purposes defined in Medstar Solutions procedures of processing.

You can read the press release, only available in Ukrainian, here.