The European regulation is much more stringent than HIPAA, and those health systems that handle EU patient data, even in the U.S., must adjust their privacy measures to comply. The European Union’s General Data Protection Regulation goes into effect today, May 25. U.S. healthcare providers who treat patients from any of the 28 EU countries should, by now, be familiar with the law and whether or not they need to be in compliance.As part of GDPR, all businesses must gain affirmative consent from EU citizens before collecting their data. The result of violating the law can cost up to four percent of a company’s annual revenue or 20 million Euros whichever amount is higher.GDPR is more stringent than HIPAA, which means by adhering to the regulation, organizations can only benefit from an improved security posture. As the compliance deadline loomed, so did the privacy notices sent from businesses outlining privacy policies. Some vendors have even launched tools to help healthcare organizations manage the new regulation.

Source: Click here

Share this article

Facebook Comments