The Polish Data Protection Authority (GIODO) has just released its inspection plans for 2017. This year, the GIODO has decided to target its review of compliance with data protection laws on the health services and consumer sectors, with particular attention to certain profiling activities taking place in stores and shopping malls.
The health sector inspections will be directed at healthcare professionals and clinics. The inspections will focus on the process of patient registration, the circumstances under which registration data is collected from patients, and the overall data security provided. The inspections will be conducted either by the GIODO’s inspectors or by Data Protection Officers (ABI) registered with the GIODO.
The store inspections will focus on devices, particularly those carrying out video or closed-circuit television monitoring, which are used by a growing number of companies in Poland to profile their customers. These surveillance systems not only count the number of customers visiting a store but also establish the gender and age of shoppers using facial recognition software.
In addition, the GIODO announced that it will conduct inspections into entities that access the Schengen Information System and Visa Information Systems, as well as Eurodac and Europol systems.