https://www.healthcareitnews.com/news/european-perspective-how-hospitals-should-be-approaching-gdpr-compliance
By Mike Miliard
Healthcare IT News
December 11, 2018
Since the European Union enacted its General Data Protection Regulation
law this past May, it's probable that many healthcare organizations in the
U.S. have been trying hard not to think much about it.
But most should be paying a lot more attention to the rules since, even if
the exact mechanisms of U.S. enforcement are still somewhat unclear, it's
likely they're expected to follow they law if they handle any data of EU
residents.
GDPR has a higher compliance threshold than HIPAA, since it defines
personal data as anything connected to an "identified or identifiable
natural person" – and that could be a photograph or an IP address, not
just protected health information as most U.S. hospitals think of it.
Stateside health systems are on the hook for GDPR if they have European
patients, and could face fines exceeding and could face fines exceeding
€20 million. And, as we've shown this week, those who are curious about
trying their hands at more advanced projects such as blockchain should
also be aware of the privacy law's ins and outs.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
