Sensitive Personal Data

From Open Risk Manual

Definition

Sensitive Personal Data. Special categories of Personal Data include data that reveals "racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural's sex life or sexual orientation" (Article 10 of Regulation (EU) 2018/1725; Article 9 of the GDPR)

The Data Processing of such information is in principle prohibited, except in specific circumstances. It is possible to process sensitive data for instance if the processing is necessary for the purpose of medical diagnosis, or with specific safeguards in the field of employment law, or with explicit consent of the data subject.

Retrieved from "https://www.openriskmanual.org/wiki/index.php?title=Sensitive_Personal_Data&oldid=26100"
  • Creative Commons Attribution-NonCommercial-ShareAlike
  • Powered by MediaWiki
  • Powered by Semantic MediaWiki