Information Security News mailing list archives
European perspective: How hospitals should be approaching GDPR compliance
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 12 Dec 2018 09:39:12 +0000 (UTC)
https://www.healthcareitnews.com/news/european-perspective-how-hospitals-should-be-approaching-gdpr-compliance By Mike Miliard Healthcare IT News December 11, 2018Since the European Union enacted its General Data Protection Regulation law this past May, it's probable that many healthcare organizations in the U.S. have been trying hard not to think much about it.
But most should be paying a lot more attention to the rules since, even if the exact mechanisms of U.S. enforcement are still somewhat unclear, it's likely they're expected to follow they law if they handle any data of EU residents.
GDPR has a higher compliance threshold than HIPAA, since it defines personal data as anything connected to an "identified or identifiable natural person" – and that could be a photograph or an IP address, not just protected health information as most U.S. hospitals think of it.
Stateside health systems are on the hook for GDPR if they have European patients, and could face fines exceeding and could face fines exceeding €20 million. And, as we've shown this week, those who are curious about trying their hands at more advanced projects such as blockchain should also be aware of the privacy law's ins and outs.
[...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- European perspective: How hospitals should be approaching GDPR compliance InfoSec News (Dec 12)