The EU’s GDPR in the Health Care Context 

Photo by Descrier/Flickr

By Sara Gerke 

The EU’s General Data Protection Regulation, which came into force two years ago but became directly applicable in all EU Member States only last week, aims to establish an equal level of protection for the rights and freedoms of natural persons with regard to the processing of personal data in all EU Member States.

Each of us has been inundated with emails in the last few days and weeks, informing us about the GDPR and asking us, among other things, to review updated privacy policy. This flood of emails is, in particular, the consequence of the GDPR’s imposing administrative fines for infringements.

According to its territorial scope, the GDPR can also impact US companies that process personal data of data subjects who are in the EU. For example, this is the case for newspapers and affiliated websites, where the processing activities are related to the offering of services or goods, irrespective of whether payment is required. Some papers decided to simply block users in the EU, rather than abide by the GDPR’s provisions. 

Continue reading