Aim of the study : To analyse practical aspects of implementing the Personal Data Security Management System (PDSMS) in an oncology centre based on applicable legal requirements and professional standards.

Material and methods : The research method is based on the analysis of legal documents, quality standards, analysis of progress in the achievement of objectives of the PDSMS based on interviews with heads of units and on review of data protection documentation.

Results : The implementation of the PDSMS has caused the processed data to be adequately protected, minimised the risk of such data being used in a manner incompatible with their purpose, while ensuring the hospital’s compliance with applicable legal regulations.

Conclusions : The implementation of the PDSMS has required technical and organisational measures to be taken in the centre’s organisational units, in particular appointing data protection officers, engaging staff in the data protection process by awarding them with authorisations to process data and familiarising them with securities that have been put in place.