Andrew Shindler, Thomas Smedinghoff and David Szabo presented a webinar hosted by the Massachusetts Health Data Consortium (MHDC) entitled "Does US Healthcare Need GDPR?" on April 24, 2018.
Today, Facebook faces intense Federal and State scrutiny for their failure to prevent the theft and misuse of Facebook data in the 2016 election. One-in-every-two Americans was affected by the Equifax credit data breach. Healthcare in the United States has been victimized by massive data breaches affecting millions of people.
Some greater form of mandated data protection in the US seems more and more likely, especially in healthcare where patient privacy remains a very sensitive issue.
On May 25, a European privacy law that restricts how personal data is collected and handled will go into effect. The rule, called General Data Protection Regulation or GDPR, focuses on ensuring that users know, understand, and consent to the data collected about them. Under GDPR, clicking "Agree" to pages of fine print won’t suffice. Neither will forcing users to click yes in order to sign up.
Instead, companies must be clear and concise about their collection and use of personal data. Additionally, consumers will gain the right to access data companies store about them, the right to correct inaccurate information, and the right to limit the use of decisions made by algorithms, among others.
What is GDPR and is US healthcare ready for this level of consumer protection?
To register, please click here.