GDPR right to be forgotten for health Applications

Article 17 of the GDPR gives data subjects the right to erasure (right to be forgotten). In essence, once you no longer have a lawful basis to process a Subject's data, you should erase it from your system (and ensure it is erased from the system of any other Data Processors). There are several specific occasions when you should erase a subject's data. These include:

• where the personal data are no longer necessary in relation to the purposes for which they are collected or otherwise processed
• where a data subject has withdrawn his or her consent or objects to the processing of personal data concerning him or her
• where the processing of his or her personal data does not otherwise comply with this Regulation

The particular situations where the right to erasure applies are explained in more detail in Recital 65 of the GDPR.

To help developers with this task, Chino.io offers an extremely simple API that ensures compliance with all requirements and eliminates all risks in less than 5 minutes.