Skip to content

GDPR for Medical Devices

Home / Trainings and events / GDPR for Medical Devices
Medical devices, especially software, can involve storing and processing sensitive personal health data as defined in General Data Protection Regulation GDPR. Compliance with the regulation builds trust towards customers and patients, supports controlled and efficient data processing and helps to manage business-critical data protection risks. Practical considerations related to GDPR for Medical devices are summarized in this training.

Target group

All health tech developers and stakeholders interested in gaining specific knowledge on how to apply General Data Protection Regulation for medical devices. Special focus on start-up founders and staff, university innovator teams as well as young health tech professionals and new employees.

After this session, you

  • Know the basic GDPR considerations for medical devices
  • Are aware of data protection principles
  • Understand the necessary documents needed to demonstrate compliance
  • Are aware of the GDPR risks and controls


Markus Vattulainen
Markus Vattulainen
Data Manager
”I am a data management professional with experience in large-scale clinical research with software as a medical device. Having worked previously as a solution architect has given me hands-on knowledge of practical tasks for data protection such as data flow modelling (processing steps), server environments (data storage locations), access authorization and controls, event logging, security incident monitoring and data security.”

Topics of this session

  • Personal data – what is personal data?
  • Data protection principles
  • Legal basis of personal data collection
  • Planning and resources – critical tasks
  • Measures and reporting
  • Documentation
  • Perspectives (legal, process, technical)
  • Data protection risk management
  • Implementation challenges and solutions

Billing and cancellation policy

Participation in the training can be cancelled two weeks (14 days) before the event free of charge. For cancellations made after this, we will charge 50% of the participation fee, except for cancellations made one week before the event, we will charge a 100% participation fee.

Cancellations are always made in writing to:  
The participating organization may, if it wishes, change the participant free of charge by notifying it in writing before the event to: The participation fee will be invoiced immediately after the event. The training session will be confirmed to the participant by e-mail about a week before the event.  Labquality reserves the right to cancel the training session due to a small number of participants.

Subscribe to our newsletter

Subscribe to hear the latest news in the industry and keep track of what's happening behind the scenes.