Abstract
In July 2023, the United States and European Union debuted the third iteration of cross-border agreements, the Data Protection Framework (DPF), designed to facilitate personal information transfer between the EU and the US. In healthcare, where cross-border healthcare and research initiatives are highly desirable and increasingly essential, this new framework could create new possibilities for streamlining the transfer of patient and research participant data. Although many DPF requirements may be familiar to US organizations required to comply with HIPAA, a failure to address health privacy requirements in individual EU countries or a lack of understanding where full General Data Protection Regulation (GDPR) compliance is actually needed may complicate compliance goals. In addition to outlining key DPF requirements, we offer alternatives that can improve the likelihood of reliable data transfer between the U.S. and EU and call on officials to consider the DPF’s impact for health and research organizations.
Original language | English |
---|---|
Journal | Journal of Law and the Biosciences |
Volume | 11 |
Issue number | 2 |
ISSN | 2053-9711 |
DOIs | |
Publication status | Published - 27 Sep 2024 |
Bibliographical note
Charlotte Tschider, Marcelo Corrales Compagnucci, Timo Minssen, The new EU–US data protection framework’s implications for healthcare, Journal of Law and the Biosciences, Volume 11, Issue 2, July-December 2024, lsae022, https://doi.org/10.1093/jlb/lsae022Keywords
- Faculty of Law
- data protection
- data sharing
- collaboration
- medical research
- privacy