The European Union (EU) General Data Protection Regulation (GDPR) has triggered a ‘Butterfly Effect’. Since May 25th, 2018 when GDPR became effective, new privacy regulations have sprung across the globe. These regulations are going to change the way personal information is managed in today’s global connected world. Under the new regulations, Privacy has a very broad definition. Users will demand full visibility and control of their data – how/what/why data is used/shared and for long data is to be kept. The ‘privacy’ driven data protection process will require a new approach to embedding “Privacy by Design” in all apps including medical devices and IoT powered solutions. Privacy is no longer viewed simply as a ‘compliance’ activity but rather an ‘enterprise data management’ activity that requires reengineering of your organization’s data management practices, its data flows, analytics and data sharing model. Takeaways:

  1. What is General Data Protection Regulation (GDPR)? What happened since GDPR enacted on May 25th, 2018. The California Consumer Privacy Act (CCPA) of 2018, Vermont Data Broker Law, Other Global Data Protection Regulation What GDPR and CCPA mean to your product design strategies
  2. Impact of GDPR and other Privacy regulations on Medical Devices, SaMD, IoTs, distributed systems, Blockchain, and Analytics
  3. Embedding ‘Privacy by Design’.  Comparing HIPAA and GDPR. The technical and data management considerations for Privacy design.

Naeem Hashmi, Digital Health Solutions Strategic Advisor, Boston Scientific