DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Pediatrics
SEARCH
Current Location:
>
> This Story


Log in or Register to rate this News Story
Forward Printable StoryPrint Comment
advertisement

 

advertisement

 

Business Affairs Homepage

Installing and removing imaging equipment is no small task Expert insights on how project management is evolving

Canon, Toshiba each hit with $2.5 million fine over acquisition deal Deal violated premerger notification and waiting period requirements

Ohio radiology services president indicted in Medicare scam Charged for services never provided and received nearly $2 million

GE likely to hold onto NY digital X-ray detector manufacturing plant — for now New York State facility employs 125 workers

Half of radiologists have net worth of $2 million or more New survey analyzed responses from over 20,000 physicians in over 30 specialties

Getting ahead of the digital health avalanche How can a health system know which innovative tools are worth its time?

Varian to acquire Cancer Treatment Services International for $283 million Enables production of multidisciplinary solutions

FBI opens probe into alleged kickbacks by healthcare OEMs in Brazil Accused of making bribes to sell medical equipment

icometrix raises $18 million in funding Will help with deployment of icobrain software in Europe

Q&A with Michael Darling, VP Supply Chain, St. Luke’s Health System Discussing the clinical integration of supply chain

Are you GDPR compliant? It's not just a question for EU-based companies

By Robert J. Kerwin

On May 25, 2019 we will be celebrating the one-year anniversary of the European Union’s largest change in data protection known as the General Data Protection Regulation (GDPR). GDPR has reportedly caused major disruption in the ways companies manage customer data both in and out of the EU.

If your company is processing credit card information or other personal data from EU Citizens, you ought to be examining compliance and whether you must maintain a personal representative resident in the EU to receive, among other things, service of process or inquiries as to compliance. Only if the processing of data is really "occasional" and is unlikely to risk the rights of EU citizens, may you consider claiming an exemption from this requirement.
Story Continues Below Advertisement

Servicing GE Nuclear Medicine equipment with OEM trained engineers

We offer full service contracts, PM contracts, rapid response, time and material,camera relocation. Nuclear medicine equipment service provider since 1975. Click or call now for more information 800 96 NUMED


For those companies not resident in the EU, many are surprised that the GDPR regulation applies to their business where it is shown that the business processes personal data of EU data subjects. Translation: if a company is collecting, holding, monitoring or processing personal data of any person physically with the EEA (EU, Iceland, Norway, Liechenstein) the GDPR most likely applies.

Companies need to determine whether they are "controllers" or "processors" of personal data acting on behalf of the controller. GDPR treats the data controller as the principal party responsible for collecting consents from the data subjects, managing the revoking of consents, enabling rights of access and assuring adequate data security. The European Data Protection Board expects processors to take reasonable steps to secure data using tools such as encryption, pseudonymization, stability and uptime, backup and disaster recovery and regular security testing. If a data breach occurs, processors must notify data controllers without undue delay upon learning of data breaches. Companies may allow transfer of personal data to a third country only if legal safeguards are obtained.

Getting one’s arms around GDPR compliance is no easy task. With apologies to David Letterman (who, technically, has not been hosting the Late Show for four years), provided below are the top eight things to consider for GDPR compliance:

NO. 8. If you are not in GDPR compliance, penalties up to 20 million Euros (or more for companies over 500 million in total revenue may technically apply under applicable EU law). Since most U.S. states separately require written information security protocols to be in place, the FDA and other applicable federal agencies expect data protection to be a central portion of your compliance program, the GDPR penalty may be a catalyst for non-EU companies but there are already other far-reaching data security requirements.
  Pages: 1 - 2 - 3 >>

Business Affairs Homepage


You Must Be Logged In To Post A Comment

Advertise
Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Directory
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Requests
Gold Service Dealer Program
Receive RFP/PS
Requests
Healthcare Providers
See all
HCP Tools
Jobs/Training
Find/Fill
A Job
Parts Hunter +EasyPay
Get Parts
Quotes
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Quotes
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to DOTmed.com, Inc. Copyright ©2001-2019 DOTmed.com, Inc.
ALL RIGHTS RESERVED