Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 General solutions to exchanging personal health data between
   compliant and non-compliant countries
   5.1 General approach
6 Judging the adequacy of data protection
   6.1 General
   6.2 Content Principles
   6.3 Procedural/Enforcement Mechanisms
   6.4 Third Countries that have ratified the Council of Europe
        Convention 108
   6.5 Industry self-regulation
7 Making adequate provisions
   7.1 Introduction
   7.2 Meeting the "Content Principles"
   7.3 Providing for the "Procedural/Enforcement Mechanisms"
   7.4 Overriding law
8 Permissible derogations, Articles 26.1 and 26.2
   8.1 Article 26.1
        8.1.1 General
        8.1.2 Consent
   8.2 Article 26.2
9 Anonymisation
   9.1 Definition of personal data
   9.2 Rendering personal data anonymous
10 Notification to Supervisory Authorities
   10.1 Introduction
   10.2 Implementation of Articles 18 to 20
11 Steps in establishing an international application with adequate
   data protection safeguards from the view point of an EU data
   controller
   11.1 Introduction
   11.2 Step One: Can the data be non-personal?
   11.3 Step Two: Is the recipient third country an EEA country?
   11.4 Step Three: Is the recipient country recognised by the
         Commission as having adequate data protection provisions?
   11.5 Step Four: Is the recipient organisation in compliance with
         arrangements formally recognized by the Commission as
         providing adequate data protection provisions?
   11.6 Step Five; If the recipient third country is not EEA, has
         it signed the Council of Europe Convention
   11.7 Step Six: Is the recipient country applying to become a
         member of the EU?
   11.8 Step Seven: Can adequacy of data protection be established?
   11.9 Step Eight: If adequacy of data protection cannot be
         established can the derogations in Article 26.1 provide
         a solution?
   11.10 Step Nine: If adequacy of data protection cannot be
         established can the derogation in Article 26.2
         regarding contractual clauses provide a solution?
   11.11 Step Ten: If transfer of personal data health data to the
         recipient third country is permissible has the recipient
         implemented adequate security measures and can the
         application proceed?
12 Steps in establishing an international application with
   adequate data protection safeguards from the viewpoint
   of a non-EU data controller
   12.1 Establishing data protection adequacy in the EU
13 Model contract clauses
   13.1 Published models
14 Security measures
   14.1 Introduction
   14.2 General security
   14.3 Security contracts with processors and with controllers in
         non-compliant countries
   14.4 Security policy
   14.5 Risk analysis
   14.6 Security organisation and allocation of duties
   14.7 Reporting of security incidents or breaches
   14.8 Staff and contractor contracts
   14.9 Training and awareness
   14.10 Transmission of data
   14.11 Limitations of purpose and access
   14.12 Onward transfers
   14.13 Audit trails
   14.14 Loss, damage and destruction
   14.15 Business Continuity Plans
   14.16 Network Security
   14.17 Patients Rights
   14.18 Compliance
   14.19 Standards
15 Declaration of grounds on which transfers are to take place
   15.1 Statement of grounds
Annex A (informative) Key primary international documents on
        data protection
      A.1 EU Data Protection Directive
          A.1.1 General
          A.1.2 Coverage
          A.1.3 Rules for lawfulness of processing
          A.1.4 Special categories of processing
          A.1.5 Data subject's rights
          A.1.6 Security of processing
          A.1.7 Supervisory Authorities
          A.1.8 Remedies and sanctions
          A.1.9 Transfer of personal data to third countries
      A.2 Organisation for Economic Co-operation and Development
          (OECD)
      A.3 Council of Europe
      A.4 United Nations General Assembly
          A.4.1 General
          A.4.2 Principles concerning minimum guarantees that
                should be provided in any national legislation
          A.4.3 Application of the Guidelines to personal data
                files kept by governmental international
                organisations
Annex B (informative) Text of Articles 25 and 26 of the EU Data
        Protection Directive
      B.1 Article 25: Principles
      B.2 Article 26: Derogations
Annex C (informative) Text of Article 28 of the EU Data
        Protection Directive
Annex D (informative) Questionnaire for Assessing Data
        Protection Adequacy
Annex E (informative) Safe harbour privacy principles
Annex F (informative) Standards and sources of advice
      F.1 EU Security projects
      F.2 CEN/ISSS
      F.3 Non-CEN Standards
      F.4 Selected web sites
Annex G (informative) Model Declaration of Grounds upon which
        Transfer of Personal Health Data is Regarded as in
        Compliance with the EU Data Protection Directive
Annex H (informative) Model contractual clauses for controller to
        controller transfers to a country with inadequate data
        protection provisions
      H.1 Introduction
      H.2 Model standard contractual clauses
Annex I (informative) Model contractual clauses for controller to
        processor transfers to a country with inadequate data
        protection provisions
      I.1 Introduction
      I.2 Model standard contractual clauses
Bibliography