After the entry into force of the GDPR, the change in the regulatory framework also affected the health profession, since the entire set of rules on data processing, including data concerning health, was amended. This paper argues that the purpose of the personal data protection legislation is not the mere defence of the personal data, but the protection of the most inner dimension and dignity of the natural person. It is from this point of view that any provision with respect to the protection of personal data, including data concerning health, should be read.

privacy; patient; healthcare organization