GDPR (General Data Protection Regulation)
The General Data Protection Regulation (GDPR) is the most comprehensive data protection regulation in the world. Healthcare data is, of course, regulated by GDPR.
GDPR, while an EU regulation, may even apply to organizations based outside of the EU. Organizations such as academic medical centers who recruit patients from abroad or cloud vendors who service clients internationally are likely subject to GDPR.
Eagle specializes in helping organizations who must comply with both HIPAA and GDPR. HIPAA and GDPR overlap in that both require the confidentiality of individuals who receive healthcare.
GDPR is more extensive than HIPAA first in that it requires safeguards to protect information of any EU resident, for example, a contact from an EU vendor. Secondly, GDPR confers on individuals additional rights not afforded by HIPAA, for example, the right to be forgotten.
Eagle offers the following GDPR compliance services:
- GDPR Policies and Procedures Customization
- GDPR Risk Assessments
- GDPR Implementation Support