In the United States, processing of health data (under the Health Insurance Portability and Accountability Act 1996 with all of the updated requirements since inception) creates a regulatory regime substantially similar to that in Europe for health imposed by the EU’s General Data Protection Regulation. Kaleidoscope has mapped these two frameworks together to support our clients that work under both regimes, such that a fairly common set of operational standards can meet both requirements.
This area of law and compliance is evolving rapidly, which we monitor for updates and most recent fines to ensure that our advice, guidance and materials reflect the latest thinking.