It's GDPR gone mad, so it is

Quantum Erasure · 28-01-2020 8:16pm #1

I saw on the RTE news there that the HSE couldn't give out the locations of community defibrillator units, as it would be a breach of GDPR, so some lad decided to map them all (in Laois at least) and make the locations publicly available (article here, which doesn't give a link to the app or site or whatever...)

...And just after that report, there was a report about the GAA advising trainers / managers not to communicate with teams over Whatsapp, due to GDPR fears, and that the GAA will be setting up their own messaging app... whatever difference that will make, I don't know.

So, are these reasonable measures, or is it GDPR gone mad ?

Atlantic Dawn · 28-01-2020 8:17pm

Yes saw this myself, couldn't understand it, going by those rules a phonebook is a breach of GDPR.

Salary Negotiator · 28-01-2020 8:18pm

How hard is it to get the owners of the property to sign a waiver.

CrankyHaus · 28-01-2020 8:19pm

Quantum Erasure wrote: »

I saw on the RTE news there that the HSE couldn't give out the locations of community defibrillator units, as it would be a breach of GDPR, so some lad decided to map them all (in Laois at least) and make the locations publicly available (article here, which doesn't give a link to the app or site or whatever...)

...And just after that report, there was a report about the GAA advising trainers / managers not to communicate with teams over Whatsapp, due to GDPR fears, and that the GAA will be setting up their own messaging app... whatever difference that will make, I don't know.

So, is it GDPR gone mad, or are these reasonable measures?

Both examples sound like either a poor understanding of GDPR or using it as an excuse for laziness.

Other examples like the DPC opposing communities installing CCTV to protect against burglary are more concerning.

joebloggs32 · 28-01-2020 8:19pm

I don't think its GDPR gone mad......its the idiots who are afraid to say/do anything through a misguided fear of falling foul of it.

F34 · 28-01-2020 8:19pm

Some jobsworth in the HSE being an ass more than anything.

Didn’t the OPW have some lemon try to outlaw visitor books until they were told to cop on.

odyssey06 · 28-01-2020 8:19pm

Call me a cynic or is it coincidental that all these vague citings of GDPR are done in the name of actually doing less work???

Harry Palmr · 28-01-2020 8:20pm

Saw that, how does GDPR get in the way of revealing the location of a life saving device?

is_that_so · 28-01-2020 8:20pm

Did anyone say which regulations it breaks? Sounds like nonsense.

Obvious Desperate Breakfasts · 28-01-2020 8:27pm

The acronym I am sick of the mostest. And the bores who glom on to it to make themselves sound important.

beauf · 28-01-2020 8:45pm

odyssey06 wrote: »

Call me a cynic or is it coincidental that all these vague citings of GDPR are done in the name of actually doing less work???

In my experience it creates loads of completely pointless extra work.

odyssey06 · 28-01-2020 8:47pm

beauf wrote: »

In my experience it creates loads of completely pointless extra work.

For productive employees or does it 'create' a completely pointless extra job to oversee the pointlessness

punisher5112 · 28-01-2020 8:49pm

It's easier to do nothing, easier again to pass the can...

Absolutely ridiculous, these units should be known where they can be grabbed when needed.

whisky_galore · 28-01-2020 8:54pm

HSE on top form again, it's like something out of the former Soviet Union in terms of bloated inefficiency and unaccountablility.

riffmongous · 28-01-2020 8:57pm

A load of bull****.

I'm (EU but not Ireland) signed up for an app that alerts you to anyone within 5 minutes distance who has called in a cardiac arrest and guides you to the next defi and then to the patient, no problems with giving the locations of every single defi in the city

Sleeper12 · 28-01-2020 8:58pm

Atlantic Dawn wrote:

Yes saw this myself, couldn't understand it, going by those rules a phonebook is a breach of GDPR.

I don't disagree with you but with the phone book you volunteer the information & ask that it's put in the phone book (if we still have phone books). It would be a breach if you wanted to be ex directory but they published your details anyway.

I do get your point though

marieholmfan · 28-01-2020 8:59pm

The GAA building its own whatsapp clone is a disaster waiting to happen

angel eyes 2012 · 28-01-2020 9:05pm

On reading the article it appears that a number of the devices have been locked away on private property, therefore it wouldn't be appropriate to publish the address of the private individuals in the circumstances unless the individuals had given their explicit consent for their personal data ie name, address etc. to be made available or if the HSE rolls out contracts for the provision of defibrillators in these locations.

From my understanding of the article there is no data protection issue in providing details on the location of devices available in public places as there is no personal data to protect.

Edgware · 28-01-2020 9:08pm

It has replaced Health and Safety as an excuse for officials to do nothing

Sleeper12 · 28-01-2020 9:10pm

angel eyes 2012 wrote:

From my understanding of the article there is no data protection issue in providing details on the location of devices available in public places as there is no personal data to protect.

Ah Jasus. Where are you going, with your reading the full article? We were enjoying having a good old moan and you come charing in with facts! Jasus wept

Dravokivich · 28-01-2020 9:14pm

WhatsApp is a 3rd party messaging app. People may not want their information going through it.

The location of publically accessible defibrillators should be posted. Its no more trivial than where's the nearest petrol station.

Dravokivich · 28-01-2020 9:15pm

Atlantic Dawn wrote: »

Yes saw this myself, couldn't understand it, going by those rules a phonebook is a breach of GDPR.

No it isnt. GDPR is about the purposes of retaining data.

CrankyHaus · 28-01-2020 9:19pm

angel eyes 2012 wrote: »

On reading the article it appears that a number of the devices have been locked away on private property, therefore it wouldn't be appropriate to publish the address of the private individuals in the circumstances unless the individuals had given their explicit consent for their personal data ie name, address etc. to be made available or if the HSE rolls out contracts for the provision of defibrillators in these locations.

From my understanding of the article there is no data protection issue in providing details on the location of devices available in public places as there is no personal data to protect.

If that is the case then why did any contract between the HSE and private individuals for the provision of the defibrillator not include contracted disclosure of their locations to the public?

GDPR is a 2016 regulation that was years in development and isn't a huge departure from our preexisting Data Protection Acts going back to 1988. It's hardly a bolt from the blue that the HSE are struggling to adapt to.

listermint · 28-01-2020 9:23pm

Dravokivich wrote: »

WhatsApp is a 3rd party messaging app. People may not want their information going through it.

The location of publically accessible defibrillators should be posted. Its no more trivial than where's the nearest petrol station.

You can remove from group or just not join a team sport if you are going to be such a sad sack to give out about gdpr arranging training sessions.

angel eyes 2012 · 28-01-2020 9:29pm

CrankyHaus wrote: »

If that is the case then why did any contract between the HSE and private individuals for the provision of the defibrillator not include contracted disclosure of their locations to the public?

GDPR is a 2016 regulation that was years in development and isn't a huge departure from our preexisting Data Protection Acts going back to 1988. It's hardly a bolt from the blue that the HSE are struggling to adapt to.

I am only reading the OP's linked article and there is nothing to say that the HSE actually owns these defibrillators, perhaps the communities just purchased them for their own local activities. Suddenly someone suggested that a map showing the location of all the devices would be very beneficial and asked the HSE to prepare the map.

Now either the HSE doesn't "own" the privately stored devices or they assisted with the rollout of devices and overlooked ensuring any contracts had data protection covered. (I am guessing it's the former).
Again, there is nothing stopping them providing location information on devices located in public areas ie local Garda station, local park etc.

marieholmfan · 28-01-2020 9:30pm

Maybe someone promised it would be done by Feb 1 and hasn't started and needs to delay a bit.

Thargor · 28-01-2020 10:05pm

Slightly o/t but I see those defibrillators sited in some dodgy places around Dublin and Bray and they never seem to get stolen or vandalized, one place in particular in Bray I said WTF are they thinking when I saw it but a couple of years later not a scratch on it, nice to see.

Dravokivich · 28-01-2020 10:07pm

listermint wrote: »

You can remove from group or just not join a team sport if you are going to be such a sad sack to give out about gdpr arranging training sessions.

They dont have to be arranged via WhatsApp. And it's not about removing from a group either. The concern is with being someone who doesnt want their information handled through a 3rd party service. Which in this case would be whatsapp. Especially if it's not a service one uses.

Elemonator · 28-01-2020 10:09pm

It is a lazy attempt and a total misinterpretation of GDPR. GDPR applies to businesses or entities that process data as part of their operations ie. commercial. Personal use is exempt (so don’t worry about your dash cam). I really can’t see how the location of a medical device is any issue.

Mrs OBumble · 28-01-2020 10:17pm

The HSE don't provide the defibs. If they published a list, and your relative died because someone went to the place of the list only to find that the unit wasn't there anymore (because the owner decided to move it or lock it away or whatever), then you might try suing the HSE for their death.

If you think you need a defib, just call the emergency number and follow their instructions.

And the GAA is justified. Problems they've had include parents sharing inappropriate material to a group and then leaving it. When this happens, the GAA have no way to deleting the material.

The whole WhatsApp thing is a nightmare. I started a new contract 2 months ago, and was told to get a certain manager to add me to the company WhatsApp. So far have just ignored the request, because I really don't fancy giving my private mobile number to all my colleagues. But the question is going to come up again.

angel eyes 2012 · 28-01-2020 10:21pm

Elemonator wrote: »

It is a lazy attempt and a total misinterpretation of GDPR. GDPR applies to businesses or entities that process data as part of their operations ie. commercial. Personal use is exempt (so don’t worry about your dash cam). I really can’t see how the location of a medical device is any issue.

Not correct. Public bodies such as Government Departments etc. and in the case the HSE are all non-commercial bodies and must comply with the GDPR.

It's GDPR gone mad, so it is

Comments