EU’s GDPR privacy law is here: Are you certain your US organization is compliant?

The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. U.S. healthcare providers who treat patients from EU countries must be familiar with the law and decide if they need to comply. Violating the law can result in fines of up to 4% of annual revenue or 20 million Euros. GDPR is more strict than HIPAA, and organizations should ensure they have safeguards in place to protect data and adhere to consent and erasure requirements. Some vendors have released tools to assist with compliance.