IT providers offering services based on genetic data face serious challenges in managing health data in compliance with the General Data Protection Regulation (GDPR). Based on a literature research and our experiences, an overview of GDPR compliant processing of sensitive data is given. The GDPR requirements for processing sensitive data were specified for a use case concerning a service provider of a pharmacogenomic decision support system. Start-ups who want to enter into the health market also have to comply with the Medical Device Regulation (MDR). The associated efforts for legal compliance constitute an impediment for many start-ups. We created a comprehensive overview, which aligned the requirements of the GDPR with the life-cycle of a medical device. This overview shall help start-ups to grasp and overcome the regulatory hurdles faster.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com