Healthcare data about children in social media

The GDPR applies some limited safeguards to the processing of personal data about children, particularly in the area of online activity. Nevertheless, the borders of these safeguards are unclear. In particular, those with parental responsibility can post, share or otherwise make public, personal information about children as long as the parent can assert that they are carrying out a “purely personal or household activity”. The risk is that “sharenting” (oversharing of personal information about children) may result in potential detrimental effects on children. This chapter considers the protections available to children under the GDPR and in UK law in respect to the oversharing of personal health information by parents on social media.