The European GDPR (General Data Protection Regulation) is one of the most influential consumer privacy laws that has affected 500,000 companies throughout the world. This law has played a crucial role in formulating another substantial privacy law known as the California Consumer Privacy Act that came into effect on January 1, 2020.
GDPR recently breezed past its second birthday and, like many two-year-olds, continues to cause concern and confusion for those who have to deal with it. Unlike real two-year-olds, however, GDPR is quite clear in what it demands and there could be big consequences if they are not met. For businesses, failure to meet GDPR’s requirements represents an increased risk of data breaches and the reputational damage and legal repercussions that breaches inevitably lead to.
The global cases of Novel Coronavirus are continually ticking upward in most parts of the world, and with every new case come further questions about the patients. Hospitals, governments and even general population is interested to know who the affected people are, what their health history is, which locations they visited, and who they interacted with prior to receiving positive test results.
In April 2016, European legislators passed the General Data Protection Regulation (GDPR) and announced that it would become enforceable in May 2018. With less than 24 months to get their acts together and avoid hefty fines, organizations scrambled to prepare for compliance. Data breaches have unfortunately become the norm over recent years, and the legislation was formed to better regulate and hold these companies accountable for protecting individual privacy rights.
A growing attack surface and the exponential rise of data has opened the floodgates for breaches, leading to increased scrutiny by regulatory agencies. It’s not surprising that in recent years, regulators have had to double down with compliance mandates that are more stringent and punitive than ever before.
May 25, 2020 marks the second anniversary of when the European Union’s General Data Protection Regulation (GDPR) took full effect. Undoubtedly, many organizations have succeeded in achieving compliance with the Regulation by now. But that raises some important questions. What benefits have those organizations experienced in achieving compliance, for instance? Have they encountered any drawbacks along the way?
The Health Information Technology for Economic and Clinical Health Act (HITECH Act) was signed into law as part of the American Recovery and Reinvestment Act (ARRA) in 2009. The HITECH Act encourages the meaningful use of electronic health records (EHRs) by healthcare providers and their business associates.