GDPR: So You Think it Doesn’t Apply?

Scott Dresen, FACHE, FHIMSS, CISSP, CISM, Senior VP & CTO/CISO, Leah Voigt, JD, MPH, Chief Privacy & Research Integrity Officer, Spectrum Health System, Christy Wheaton, Chief Information Privacy & Security Officer, and Liz Callahan-Morris, Deputy General Counsel, Henry Ford Health System. The European Union’s General Data Protection Regulation (GDPR) has been in effect for almost a year, and the impact of this privacy regulation is still not well understood.  In fact, it’ll be several years before companies subject to GDPR fully understand how to comply with its comprehensive privacy protections.  For healthcare organizations in the U.S., it may not be clear whether this regulation applies to them and whether EU agencies can enforce it against companies with business operations exclusively in the U.S.  Join this panel of presenters as they discuss the key provisions of GDPR and how it compares with HIPAA and other U.S. privacy laws and regulations aimed at the healthcare industry.  They also share their thoughts on whether – and how – U.S. healthcare organizations should approach GDPR compliance.