In October 2018, a Portuguese hospital was fined 400,000 euros for 3 GDPR violations. The violations stem from the hospital’s alleged improper data access controls, failure to apply basic technical and organizational safeguards to prevent access to personal data, and failure to test the safeguards that ensure the security of data processing. The hospital is contesting the decision.
With the General Data Protection Regulation (GDPR) in effect, US-based healthcare organizations and HIPAA business associates who handle data of European Union citizens may have to comply with GDPR and HIPAA simultaneously. Our comprehensive and customizable HIPAA and GDPR policy templates help you comply with both.
NOTICE: We use cookies for a variety of reasons, such as keeping sites reliable and secure, personalizing content and ads, providing social media features, to analyze how our site is being used, and to give us insights into user behavior so we can improve our communications and services. OkPrivacy policy