WEBINAR REPLAY: GDPR for Healthcare: What You Need to Know to Comply with EU Regs
The European Union (EU) has enacted global sweeping security regulations in the form of the Global Data Protection Act (GDPR), which becomes effective in May 2018. Healthcare entities in the U.S. are scrambling to answer some key questions about how GDPR may or may not impact their own information security and privacy compliance posture.
Join us for this informative session which will address pressing questions facing healthcare organizations as they size up the new GDPR requirements. Specifically, we will speak to the following considerations:
- What is the scope of GDPR and how does it apply to U.S.-based healthcare entities?
- What data types and categories of information are covered by GDPR?
- Do compliance obligations vary depending on whether I am a provider, payer, or vendor (Business Associate) servicing the healthcare industry?
- What are the security controls required for GDPR and how do they align with HIPAA, NIST, HITRUST, and other U.S.- based regulations and standards?
- How is GDPR enforced and what are the potential penalties for noncompliance?
- Do I need to allocate resources and FTEs to GDPR compliance?
- What should I do next?
Partner, Meditology Services
Brian is a seasoned healthcare information security, privacy, and compliance leader and industry expert. He has over 15 years of experience and a deep understanding of the requirements and constraints for executing operational information security and risk management programs. He is a frequent presenter and expert speaker on an array of healthcare security topics, including HIPAA regulatory compliance, vendor security risk management, ethical hacking, medical device security, and other information security risk and compliance topics. Brian is a HIPAA expert witness for OCR and advises ONC and HHS on healthcare security topics. Prior to Meditology, Brian was CISO of a large health system and also has healthcare security consulting experience with PwC. Brian’s combination of consulting experience, technical security capabilities, and hands-on operational security leadership have established him as one of the nation’s leading experts on healthcare information risk management and compliance.