GDPR - How to Comply as an American Business or Healthcare Entity
In this webinar we will address how to best accomplish compliance with GDPR and also understand how to assess risks and exposure specifically to American organizations and healthcare.
Overview:
This lesson will be addressing the specifics on how American businesses and healthcare organizations need to quickly get on the task of compliance with the European Union's (EU) new General Data Protection Regulation (GDPR).
In addition, this webinar will address how to best accomplish compliance with GDPR and also understand how to assess risks and exposure specifically to American organizations and healthcare.
We will be going through a breakdown of what policies are necessary for compliance, new required consent forms, right of erasure, EU definition of sensitive data, duties of the Data Protection Office, and much more relating to how data is collected and the responsibilities of the American organization.
To continue to do business in the EU, most companies will have to implement additional privacy protections and adopt end-to-end data protection strategies.
Why you should Attend:
Will GDPR Affect Your US Based Business?
The Answer is YES!
Does GDPR apply for US companies already compliant with the EU-US Privacy Shield? YES!
Are you aware of the ramifications for non-compliance?
The implications of GDPR for US companies or healthcare organizations who collect, maintain or process personal data of EU citizens will be significant - and compliance is required.
As many U.S. companies have recently discovered, not only does GDPR apply to American companies, doing business within the EU is likely to be extremely costly for companies that do not comply with GDPR.
Areas Covered in the Session:
- What is GDPR?
- How Does it Apply to American Businesses and Healthcare
- When Does it Apply?
- HIPAA vs GDPR
- Controllers vs Processors
- Preparation
- Data Analyses and Mapping
- Privacy Policies and Notices
- Rights of the Data Subject
- Breach Notification and Management
- Fines
Who Will Benefit:
- Any businesses in the USA who maintain European data
- Healthcare Organizations
- Insurance Plans
- IT Companies
- IT Security Firms
- Attorneys
Speaker Profile
With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 18 years experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR. Almost all of Brian's clients are earned by referral with little or no advertising.
Brian is well known and highly regarded in medical circles throughout the United States for his quality work and down home southern charm Mr Tuttle has a Master's Degree in Health Sciences from Georgia State University and works nationally out of Kennesaw, GA