To find out how U.S. health care providers must comply with the upcoming EU General Data Protection Regulation, GovInfoSecurity interviewed Stephen Wu, a regulatory attorney with the Silicon Valley Law Group. Wu explained that U.S. health care providers operating strictly within the U.S., making no attempts to market toward residents in the EU and with no operations in the territory, will not fall under requirements of the GDPR. The interview covers a range of topics, including insight on the EU-U.S. Privacy Shield agreement, a comparison between HIPAA and the GDPR, and the impact the GDPR will have on vendors, particularly cloud service providers. Editor's Note: An ongoing Privacy Tracker series includes an analysis of how HIPAA and the GDPR match up.
If you want to comment on this post, you need to login.