The New EU-US Data Protection Framework’s Implications for Healthcare

Charlotte Tschider*, Marcelo Corrales Compagnucci, Timo Minssen

*Corresponding author for this work

Research output: Contribution to journalJournal articleResearchpeer-review

Abstract

In July 2023, the United States and European Union debuted the third iteration of cross-border agreements, the Data Protection Framework (DPF), designed to facilitate personal information transfer between the EU and the US. In healthcare, where cross-border healthcare and research initiatives are highly desirable and increasingly essential, this new framework could create new possibilities for streamlining the transfer of patient and research participant data. Although many DPF requirements may be familiar to US organizations required to comply with HIPAA, a failure to address health privacy requirements in individual EU countries or a lack of understanding where full General Data Protection Regulation (GDPR) compliance is actually needed may complicate compliance goals. In addition to outlining key DPF requirements, we offer alternatives that can improve the likelihood of reliable data transfer between the U.S. and EU and call on officials to consider the DPF’s impact for health and research organizations.
Original languageEnglish
JournalJournal of Law and the Biosciences
Volume11
Issue number2
ISSN2053-9711
DOIs
Publication statusPublished - 27 Sep 2024

Bibliographical note

Charlotte Tschider, Marcelo Corrales Compagnucci, Timo Minssen, The new EU–US data protection framework’s implications for healthcare, Journal of Law and the Biosciences, Volume 11, Issue 2, July-December 2024, lsae022, https://doi.org/10.1093/jlb/lsae022

Keywords

  • Faculty of Law
  • data protection
  • data sharing
  • collaboration
  • medical research
  • privacy

Cite this