SlideShare a Scribd company logo

EU data protection laws and impacts on healthcare applications and health data

Speck&Tech
Speck&Tech

ABSTRACT: Digital health applications and assistance are disrupting the healthcare sector, however such applications are collecting an increasing quantity of health data to profile patients and provide targeted care and assistance. Health data is considered sensitive by EU data protection laws such as GDPR, which defines special security and data processing rules, and huge fines for non-compliance. For companies building health applications, such data protection laws represent a challenge due to the risks, costs, and complexity in ensuring compliance. This talk will provide an overview of these laws, how health application developers are coping with the compliance and how they typically process health data, together with some scandals and fines issued by EU data protection authorities to digital health companies. BIO: Jovan Stevovic, PhD, is the co-founder and CEO of Chino.io, a platform that makes health applications GDPR and HIPAA compliant “out of the box”. Jovan has over a decade of experience in the health IT industry. He completed his PhD at the University of Trento in 2014. His research explored technologies and protocols to allow health data to be shared in a legally-compliant and secure manner. This work directly led to setting up Chino.io. Currently Chino.io helps companies in most EU states and the US to innovate in digital health.

Technology
1 of 27
Download to read offline
EU Data Protection Laws and Health Data and Apps Jovan Stevovic jovan@chino.io
PhD in Privacy and HealthTech & R&D at GPI Spa Background 2010-2014 2015 to now2010 CEO and Co-founderMSc in HealthTech MSc Computer Science PhD Computer Science MSc Computer Science PhD Computer ScienceJovan
Why is Chino.io unique Founded in 2014 by experts in health IT and compliance Customers in 15 EU states, US, Australia Offices in Trento and Berlin The only ISO 13485 certified DBaaS 3 PhDs , 8 MSc, 1 LL.M, 1 patent and 10+ publications
Customers and partners 50+ companies in the EU and US are secure and compliant with Chino.io PARTNERS 30+ SW DEV AGENCIES, LAWYERS, CONSULTANTS, DIGITAL HEALTH ACCELERATORS, SW PROVIDERS 1ST PLACE IN 2014 ON CYBERSECURITY SME INSTRUMENT PHASE 1 AND 2 BENEFICIARY AWARDS
~1M eHealth services COLLECTING, STORING AND SHARING HEALTH DATA CAGR 20%
85% NOT COMPLIANT Global Privacy Sweep 2014 http://www.bbc.com/news/technology-29143107
11
Data Economy and Surveillance Capitalism DATA = €€ Carole Cadwalladr
Privacy vs Data Protection vs Security Data Security Privacy (human right) GDPR data portability data encryption gov. surveillance
Personal vs. Health Sensitive data 14
When GDPR applies? 15 ‘Any information relating to an identified or identifiable natural person (data subject)’ Art. 4(1) GDPR
Identifier 16 e.g. Name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Health data 18 ‘Personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status’ Art. 4(15) GDPR Check out our eBooks on our website
All sensitive data 19 Check out our eBooks on our website Managing sensitive data implies criminal responsibility
Anonymous data 20 ANONYMOUS DATA Check out our eBooks on our website
Aggregate + aggregate + aggregate = identification? 21 With the development of new IT techniques data which could have not been able to identify a person now suddenly can, if aggregated with other data
Pseudonymous data 22 ANONYMOUS DATA Check out our eBooks on our website PSEUDONYMOUS DATA
Pseudonymous data 23 ANONYMOUS DATA PSEUDONYMOUS DATA AOL Search Data Scandal Netflix Prize Scandal
Regulatory Compliance in Healthcare is complex COSTS TIMERISKS MDR National Laws ISO 27001 ISO 13485HIPAA ePrivacy Reg. CCPA
Why is GDPR compliance so complex CLOUD PROVIDER + YOUR SYS ADMIN YOUR TECH TEAM + SECURITY EXPERTISE Risk Impact Assessment Terms & Conditions DPA and BAA Privacy Policy Immutable audit logs Auth & Access Control Consent tracking Data Encryption TECHNICALPHYSICAL LEGAL Encrypted Backups Firewalls VM Security Facility protection and many moreand many moreand many more YOUR LEGAL TEAM + CONSULTANTS
CLOUD PROVIDER Chino.io closes the compliance gap and ensures the implementation of all technical and administrative requirements based on your business needs Risk Impact Assessment Terms & Conditions DPA and BAA Privacy Policy Immutable audit logs Auth & Access Control Consent tracking Data Encryption TECHNICALPHYSICAL LEGAL Encrypted Backups Firewalls VM Security Facility protection and many moreand many moreand many more Chino.io: a complete solution to compliance
How Chino.io works • data encryption (at record level) • pseudonymization • consent management • user identity and authentication • access control policies • legally valid immutable audit logs • data portability • right to be forgotten • backups • security updates • security documentation • and many more… YOUR APPLICATION BACKENDFRONTEND Your Service ALGORITHMS OTHER DATA USER MANAGEMENT HEALTH DATA ENCRYPTION OTHER GDPR & HIPAA COMPLIANCE Chino.io ANALYTICS
Value of using Chino.io Our secure-by-design and ISO 9001,13485 and 27001 certified platform allows customers to streamline the processes and reduce documentation efforts required for: • Obtaining CE Marking under MDR • Certifying applications and companies under ISO normative • Achieve the requirements for DVG (Germany), NHS (UK) and other country-specific requirements CUT COSTS SAVE TIMEELIMINATE RISKS Shorten time to market by 6-9 months Save 100K+ Euro per year per project STAY COMPLIANT We keep you compliant and streamline compliance across your organisation. for sensitive data management GDPR HIPAA
EU Data Protection Laws and Health Data and Apps Jovan Stevovic jovan@chino.io

Recommended

Automatski - The Internet of Things - Security Standards
Automatski - The Internet of Things - Security StandardsAutomatski - The Internet of Things - Security Standards
Automatski - The Internet of Things - Security Standardsautomatskicorporation
 
The Virtual Security Officer Platform
The Virtual Security Officer PlatformThe Virtual Security Officer Platform
The Virtual Security Officer PlatformShanmugavel Sankaran
 
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate CloudEngineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate CloudMarketingArrowECS_CZ
 
Best Practice For Public Sector Information Security And Compliance
Best Practice For Public Sector Information Security And ComplianceBest Practice For Public Sector Information Security And Compliance
Best Practice For Public Sector Information Security And ComplianceOracle
 
IAM
IAMIAM
IAMProf. Jacques Folon (Ph.D)
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...OKsystem
 
Creating a CERT at WARP Speed
Creating a CERT at WARP SpeedCreating a CERT at WARP Speed
Creating a CERT at WARP SpeedBrian Honan
 
Online terms & conditions
Online terms & conditionsOnline terms & conditions
Online terms & conditionsProf. Jacques Folon (Ph.D)
 

Recommended

Automatski - The Internet of Things - Security Standards
Automatski - The Internet of Things - Security StandardsAutomatski - The Internet of Things - Security Standards
Automatski - The Internet of Things - Security Standardsautomatskicorporation
 
The Virtual Security Officer Platform
The Virtual Security Officer PlatformThe Virtual Security Officer Platform
The Virtual Security Officer PlatformShanmugavel Sankaran
 
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate CloudEngineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate CloudMarketingArrowECS_CZ
 
Best Practice For Public Sector Information Security And Compliance
Best Practice For Public Sector Information Security And ComplianceBest Practice For Public Sector Information Security And Compliance
Best Practice For Public Sector Information Security And ComplianceOracle
 
IAM
IAMIAM
IAMProf. Jacques Folon (Ph.D)
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...OKsystem
 
Creating a CERT at WARP Speed
Creating a CERT at WARP SpeedCreating a CERT at WARP Speed
Creating a CERT at WARP SpeedBrian Honan
 
Online terms & conditions
Online terms & conditionsOnline terms & conditions
Online terms & conditionsProf. Jacques Folon (Ph.D)
 
Meeting your information security obligations april 2012
Meeting your information security obligations april 2012Meeting your information security obligations april 2012
Meeting your information security obligations april 2012Tony Richardson CISSP
 
Top 10 Tips for Data Security
Top 10 Tips for Data SecurityTop 10 Tips for Data Security
Top 10 Tips for Data Securitylgcdcpas
 
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec
 
Protecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsProtecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsZeshan Sattar
 
Symantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
B4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingB4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingDr. Wilfred Lin (Ph.D.)
 
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity Server
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity ServerWSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity Server
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity ServerYenlo
 
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec
 
11488334_certificate
11488334_certificate11488334_certificate
11488334_certificateRene Ortega
 
M8 privacy & regulatory in internet
M8 privacy & regulatory in internetM8 privacy & regulatory in internet
M8 privacy & regulatory in internetJosep Bardallo
 
M7 internet security
M7 internet securityM7 internet security
M7 internet securityJosep Bardallo
 
GlobMill Security Services Presentation
GlobMill Security Services PresentationGlobMill Security Services Presentation
GlobMill Security Services PresentationVitaly Pochtar
 
Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb? Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb? Varonis
 
IT Consulting Services and Technology Solutions | Ampcus -USA
IT Consulting Services and Technology Solutions | Ampcus -USAIT Consulting Services and Technology Solutions | Ampcus -USA
IT Consulting Services and Technology Solutions | Ampcus -USAUnified11
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupCohesive Networks
 
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security ThreatsDSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security ThreatsAndris Soroka
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Personally Identifiable Information Protection
Personally Identifiable Information ProtectionPersonally Identifiable Information Protection
Personally Identifiable Information ProtectionPECB
 

More Related Content

What's hot

Meeting your information security obligations april 2012
Meeting your information security obligations april 2012Meeting your information security obligations april 2012
Meeting your information security obligations april 2012Tony Richardson CISSP
 
Top 10 Tips for Data Security
Top 10 Tips for Data SecurityTop 10 Tips for Data Security
Top 10 Tips for Data Securitylgcdcpas
 
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec
 
Protecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsProtecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsZeshan Sattar
 
Symantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
B4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingB4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingDr. Wilfred Lin (Ph.D.)
 
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity Server
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity ServerWSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity Server
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity ServerYenlo
 
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec
 
11488334_certificate
11488334_certificate11488334_certificate
11488334_certificateRene Ortega
 
M8 privacy & regulatory in internet
M8 privacy & regulatory in internetM8 privacy & regulatory in internet
M8 privacy & regulatory in internetJosep Bardallo
 
GlobMill Security Services Presentation
GlobMill Security Services PresentationGlobMill Security Services Presentation
GlobMill Security Services PresentationVitaly Pochtar
 
Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb? Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb? Varonis
 
IT Consulting Services and Technology Solutions | Ampcus -USA
IT Consulting Services and Technology Solutions | Ampcus -USAIT Consulting Services and Technology Solutions | Ampcus -USA
IT Consulting Services and Technology Solutions | Ampcus -USAUnified11
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupCohesive Networks
 
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security ThreatsDSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security ThreatsAndris Soroka
 

What's hot (20)

Meeting your information security obligations april 2012
Meeting your information security obligations april 2012Meeting your information security obligations april 2012
Meeting your information security obligations april 2012
 
Top 10 Tips for Data Security
Top 10 Tips for Data SecurityTop 10 Tips for Data Security
Top 10 Tips for Data Security
 
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
 
Protecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsProtecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil Things
 
Symantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR Compliance
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
 
B4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingB4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everything
 
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity Server
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity ServerWSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity Server
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity Server
 
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
 
11488334_certificate
11488334_certificate11488334_certificate
11488334_certificate
 
M8 privacy & regulatory in internet
M8 privacy & regulatory in internetM8 privacy & regulatory in internet
M8 privacy & regulatory in internet
 
M7 internet security
M7 internet securityM7 internet security
M7 internet security
 
GlobMill Security Services Presentation
GlobMill Security Services PresentationGlobMill Security Services Presentation
GlobMill Security Services Presentation
 
Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb? Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb?
 
IT Consulting Services and Technology Solutions | Ampcus -USA
IT Consulting Services and Technology Solutions | Ampcus -USAIT Consulting Services and Technology Solutions | Ampcus -USA
IT Consulting Services and Technology Solutions | Ampcus -USA
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadays
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
 
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security ThreatsDSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
 

Similar to EU data protection laws and impacts on healthcare applications and health data

Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Personally Identifiable Information Protection
Personally Identifiable Information ProtectionPersonally Identifiable Information Protection
Personally Identifiable Information ProtectionPECB
 
Cybersecurity & Data Challenges
Cybersecurity & Data ChallengesCybersecurity & Data Challenges
Cybersecurity & Data ChallengesJoão Bocas
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Karina Matos
 
Guide: Security and Compliance
Guide: Security and ComplianceGuide: Security and Compliance
Guide: Security and ComplianceQuestionPro
 
Privacy as a Career
Privacy as a CareerPrivacy as a Career
Privacy as a CareerDaviesParker
 
The Internet of Things (IoT) and cybersecurity: A secure-by-design approach
The Internet of Things (IoT) and cybersecurity: A secure-by-design approachThe Internet of Things (IoT) and cybersecurity: A secure-by-design approach
The Internet of Things (IoT) and cybersecurity: A secure-by-design approachDeloitte United States
 
Data Protection and Data Privacy
Data Protection and Data PrivacyData Protection and Data Privacy
Data Protection and Data PrivacyIT Governance Ltd
 
Guide to hipaa compliance for containers
Guide to hipaa compliance for containersGuide to hipaa compliance for containers
Guide to hipaa compliance for containersAbhishek Sood
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationJim Kaplan CIA CFE
 
Pci Europe 2009 Underside Of The Compliance Ecosystem
Pci Europe 2009 Underside Of The Compliance EcosystemPci Europe 2009 Underside Of The Compliance Ecosystem
Pci Europe 2009 Underside Of The Compliance Ecosystemkpatrickwheeler
 
Process maker elock webinar october 2010
Process maker elock webinar october 2010Process maker elock webinar october 2010
Process maker elock webinar october 2010Brian Reale
 
Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy Ensighten
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic ApproachCloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic ApproachSLA-Ready Network
 

Similar to EU data protection laws and impacts on healthcare applications and health data (20)

Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Personally Identifiable Information Protection
Personally Identifiable Information ProtectionPersonally Identifiable Information Protection
Personally Identifiable Information Protection
 
Cybersecurity & Data Challenges
Cybersecurity & Data ChallengesCybersecurity & Data Challenges
Cybersecurity & Data Challenges
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
Guide: Security and Compliance
Guide: Security and ComplianceGuide: Security and Compliance
Guide: Security and Compliance
 
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
 
Privacy as a Career
Privacy as a CareerPrivacy as a Career
Privacy as a Career
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENT
 
Praeferre.pdf
Praeferre.pdfPraeferre.pdf
Praeferre.pdf
 
The Internet of Things (IoT) and cybersecurity: A secure-by-design approach
The Internet of Things (IoT) and cybersecurity: A secure-by-design approachThe Internet of Things (IoT) and cybersecurity: A secure-by-design approach
The Internet of Things (IoT) and cybersecurity: A secure-by-design approach
 
digital strategy and information security
digital strategy and information securitydigital strategy and information security
digital strategy and information security
 
Data Protection and Data Privacy
Data Protection and Data PrivacyData Protection and Data Privacy
Data Protection and Data Privacy
 
Guide to hipaa compliance for containers
Guide to hipaa compliance for containersGuide to hipaa compliance for containers
Guide to hipaa compliance for containers
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation
 
Pci Europe 2009 Underside Of The Compliance Ecosystem
Pci Europe 2009 Underside Of The Compliance EcosystemPci Europe 2009 Underside Of The Compliance Ecosystem
Pci Europe 2009 Underside Of The Compliance Ecosystem
 
Process maker elock webinar october 2010
Process maker elock webinar october 2010Process maker elock webinar october 2010
Process maker elock webinar october 2010
 
Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
 
Is it time for an IT Assessment?
Is it time for an IT Assessment?Is it time for an IT Assessment?
Is it time for an IT Assessment?
 
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic ApproachCloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
 

More from Speck&Tech

What should 6G be? - 6G: bridging gaps, connecting futures
What should 6G be? - 6G: bridging gaps, connecting futuresWhat should 6G be? - 6G: bridging gaps, connecting futures
What should 6G be? - 6G: bridging gaps, connecting futuresSpeck&Tech
 
Creare il sangue artificiale: "buon sangue non mente"
Creare il sangue artificiale: "buon sangue non mente"Creare il sangue artificiale: "buon sangue non mente"
Creare il sangue artificiale: "buon sangue non mente"Speck&Tech
 
AWS: gestire la scalabilità su larga scala
AWS: gestire la scalabilità su larga scalaAWS: gestire la scalabilità su larga scala
AWS: gestire la scalabilità su larga scalaSpeck&Tech
 
Praticamente... AWS - Amazon Web Services
Praticamente... AWS - Amazon Web ServicesPraticamente... AWS - Amazon Web Services
Praticamente... AWS - Amazon Web ServicesSpeck&Tech
 
Data Sense-making: navigating the world through the lens of information design
Data Sense-making: navigating the world through the lens of information designData Sense-making: navigating the world through the lens of information design
Data Sense-making: navigating the world through the lens of information designSpeck&Tech
 
Data Activism: data as rhetoric, data as power
Data Activism: data as rhetoric, data as powerData Activism: data as rhetoric, data as power
Data Activism: data as rhetoric, data as powerSpeck&Tech
 
Delve into the world of the human microbiome and metagenomics
Delve into the world of the human microbiome and metagenomicsDelve into the world of the human microbiome and metagenomics
Delve into the world of the human microbiome and metagenomicsSpeck&Tech
 
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...Speck&Tech
 
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...Speck&Tech
 
Why LLMs should be handled with care
Why LLMs should be handled with careWhy LLMs should be handled with care
Why LLMs should be handled with careSpeck&Tech
 
Building intelligent applications with Large Language Models
Building intelligent applications with Large Language ModelsBuilding intelligent applications with Large Language Models
Building intelligent applications with Large Language ModelsSpeck&Tech
 
Privacy in the era of quantum computers
Privacy in the era of quantum computersPrivacy in the era of quantum computers
Privacy in the era of quantum computersSpeck&Tech
 
Machine learning with quantum computers
Machine learning with quantum computersMachine learning with quantum computers
Machine learning with quantum computersSpeck&Tech
 
Give your Web App superpowers by using GPUs
Give your Web App superpowers by using GPUsGive your Web App superpowers by using GPUs
Give your Web App superpowers by using GPUsSpeck&Tech
 
From leaf to orbit: exploring forests with technology
From leaf to orbit: exploring forests with technologyFrom leaf to orbit: exploring forests with technology
From leaf to orbit: exploring forests with technologySpeck&Tech
 
Innovating Wood
Innovating WoodInnovating Wood
Innovating WoodSpeck&Tech
 
Behind the scenes of our everyday Internet: the role of an IXP like MIX
Behind the scenes of our everyday Internet: the role of an IXP like MIXBehind the scenes of our everyday Internet: the role of an IXP like MIX
Behind the scenes of our everyday Internet: the role of an IXP like MIXSpeck&Tech
 
Architecting a 35 PB distributed parallel file system for science
Architecting a 35 PB distributed parallel file system for scienceArchitecting a 35 PB distributed parallel file system for science
Architecting a 35 PB distributed parallel file system for scienceSpeck&Tech
 
Truck planning: how to certify the right route
Truck planning: how to certify the right routeTruck planning: how to certify the right route
Truck planning: how to certify the right routeSpeck&Tech
 
Break it up! 5G, cruise control, autonomous vehicle cooperation, and bending ...
Break it up! 5G, cruise control, autonomous vehicle cooperation, and bending ...Break it up! 5G, cruise control, autonomous vehicle cooperation, and bending ...
Break it up! 5G, cruise control, autonomous vehicle cooperation, and bending ...Speck&Tech
 

More from Speck&Tech (20)

What should 6G be? - 6G: bridging gaps, connecting futures
What should 6G be? - 6G: bridging gaps, connecting futuresWhat should 6G be? - 6G: bridging gaps, connecting futures
What should 6G be? - 6G: bridging gaps, connecting futures
 
Creare il sangue artificiale: "buon sangue non mente"
Creare il sangue artificiale: "buon sangue non mente"Creare il sangue artificiale: "buon sangue non mente"
Creare il sangue artificiale: "buon sangue non mente"
 
AWS: gestire la scalabilità su larga scala
AWS: gestire la scalabilità su larga scalaAWS: gestire la scalabilità su larga scala
AWS: gestire la scalabilità su larga scala
 
Praticamente... AWS - Amazon Web Services
Praticamente... AWS - Amazon Web ServicesPraticamente... AWS - Amazon Web Services
Praticamente... AWS - Amazon Web Services
 
Data Sense-making: navigating the world through the lens of information design
Data Sense-making: navigating the world through the lens of information designData Sense-making: navigating the world through the lens of information design
Data Sense-making: navigating the world through the lens of information design
 
Data Activism: data as rhetoric, data as power
Data Activism: data as rhetoric, data as powerData Activism: data as rhetoric, data as power
Data Activism: data as rhetoric, data as power
 
Delve into the world of the human microbiome and metagenomics
Delve into the world of the human microbiome and metagenomicsDelve into the world of the human microbiome and metagenomics
Delve into the world of the human microbiome and metagenomics
 
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
 
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
 
Why LLMs should be handled with care
Why LLMs should be handled with careWhy LLMs should be handled with care
Why LLMs should be handled with care
 
Building intelligent applications with Large Language Models
Building intelligent applications with Large Language ModelsBuilding intelligent applications with Large Language Models
Building intelligent applications with Large Language Models
 
Privacy in the era of quantum computers
Privacy in the era of quantum computersPrivacy in the era of quantum computers
Privacy in the era of quantum computers
 
Machine learning with quantum computers
Machine learning with quantum computersMachine learning with quantum computers
Machine learning with quantum computers
 
Give your Web App superpowers by using GPUs
Give your Web App superpowers by using GPUsGive your Web App superpowers by using GPUs
Give your Web App superpowers by using GPUs
 
From leaf to orbit: exploring forests with technology
From leaf to orbit: exploring forests with technologyFrom leaf to orbit: exploring forests with technology
From leaf to orbit: exploring forests with technology
 
Innovating Wood
Innovating WoodInnovating Wood
Innovating Wood
 
Behind the scenes of our everyday Internet: the role of an IXP like MIX
Behind the scenes of our everyday Internet: the role of an IXP like MIXBehind the scenes of our everyday Internet: the role of an IXP like MIX
Behind the scenes of our everyday Internet: the role of an IXP like MIX
 
Architecting a 35 PB distributed parallel file system for science
Architecting a 35 PB distributed parallel file system for scienceArchitecting a 35 PB distributed parallel file system for science
Architecting a 35 PB distributed parallel file system for science
 
Truck planning: how to certify the right route
Truck planning: how to certify the right routeTruck planning: how to certify the right route
Truck planning: how to certify the right route
 
Break it up! 5G, cruise control, autonomous vehicle cooperation, and bending ...
Break it up! 5G, cruise control, autonomous vehicle cooperation, and bending ...Break it up! 5G, cruise control, autonomous vehicle cooperation, and bending ...
Break it up! 5G, cruise control, autonomous vehicle cooperation, and bending ...
 

Recently uploaded

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Recently uploaded (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

EU data protection laws and impacts on healthcare applications and health data

  • 1. EU Data Protection Laws and Health Data and Apps Jovan Stevovic jovan@chino.io
  • 2. PhD in Privacy and HealthTech & R&D at GPI Spa Background 2010-2014 2015 to now2010 CEO and Co-founderMSc in HealthTech MSc Computer Science PhD Computer Science MSc Computer Science PhD Computer ScienceJovan
  • 3. Why is Chino.io unique Founded in 2014 by experts in health IT and compliance Customers in 15 EU states, US, Australia Offices in Trento and Berlin The only ISO 13485 certified DBaaS 3 PhDs , 8 MSc, 1 LL.M, 1 patent and 10+ publications
  • 4. Customers and partners 50+ companies in the EU and US are secure and compliant with Chino.io PARTNERS 30+ SW DEV AGENCIES, LAWYERS, CONSULTANTS, DIGITAL HEALTH ACCELERATORS, SW PROVIDERS 1ST PLACE IN 2014 ON CYBERSECURITY SME INSTRUMENT PHASE 1 AND 2 BENEFICIARY AWARDS
  • 5. ~1M eHealth services COLLECTING, STORING AND SHARING HEALTH DATA CAGR 20%
  • 6. 85% NOT COMPLIANT Global Privacy Sweep 2014 http://www.bbc.com/news/technology-29143107
  • 7.
  • 8.
  • 9.
  • 10. 11
  • 11. Data Economy and Surveillance Capitalism DATA = €€ Carole Cadwalladr
  • 12. Privacy vs Data Protection vs Security Data Security Privacy (human right) GDPR data portability data encryption gov. surveillance
  • 13. Personal vs. Health Sensitive data 14
  • 14. When GDPR applies? 15 ‘Any information relating to an identified or identifiable natural person (data subject)’ Art. 4(1) GDPR
  • 15. Identifier 16 e.g. Name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • 16. Health data 18 ‘Personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status’ Art. 4(15) GDPR Check out our eBooks on our website
  • 17. All sensitive data 19 Check out our eBooks on our website Managing sensitive data implies criminal responsibility
  • 18. Anonymous data 20 ANONYMOUS DATA Check out our eBooks on our website
  • 19. Aggregate + aggregate + aggregate = identification? 21 With the development of new IT techniques data which could have not been able to identify a person now suddenly can, if aggregated with other data
  • 20. Pseudonymous data 22 ANONYMOUS DATA Check out our eBooks on our website PSEUDONYMOUS DATA
  • 22. Regulatory Compliance in Healthcare is complex COSTS TIMERISKS MDR National Laws ISO 27001 ISO 13485HIPAA ePrivacy Reg. CCPA
  • 23. Why is GDPR compliance so complex CLOUD PROVIDER + YOUR SYS ADMIN YOUR TECH TEAM + SECURITY EXPERTISE Risk Impact Assessment Terms & Conditions DPA and BAA Privacy Policy Immutable audit logs Auth & Access Control Consent tracking Data Encryption TECHNICALPHYSICAL LEGAL Encrypted Backups Firewalls VM Security Facility protection and many moreand many moreand many more YOUR LEGAL TEAM + CONSULTANTS
  • 24. CLOUD PROVIDER Chino.io closes the compliance gap and ensures the implementation of all technical and administrative requirements based on your business needs Risk Impact Assessment Terms & Conditions DPA and BAA Privacy Policy Immutable audit logs Auth & Access Control Consent tracking Data Encryption TECHNICALPHYSICAL LEGAL Encrypted Backups Firewalls VM Security Facility protection and many moreand many moreand many more Chino.io: a complete solution to compliance
  • 25. How Chino.io works • data encryption (at record level) • pseudonymization • consent management • user identity and authentication • access control policies • legally valid immutable audit logs • data portability • right to be forgotten • backups • security updates • security documentation • and many more… YOUR APPLICATION BACKENDFRONTEND Your Service ALGORITHMS OTHER DATA USER MANAGEMENT HEALTH DATA ENCRYPTION OTHER GDPR & HIPAA COMPLIANCE Chino.io ANALYTICS
  • 26. Value of using Chino.io Our secure-by-design and ISO 9001,13485 and 27001 certified platform allows customers to streamline the processes and reduce documentation efforts required for: • Obtaining CE Marking under MDR • Certifying applications and companies under ISO normative • Achieve the requirements for DVG (Germany), NHS (UK) and other country-specific requirements CUT COSTS SAVE TIMEELIMINATE RISKS Shorten time to market by 6-9 months Save 100K+ Euro per year per project STAY COMPLIANT We keep you compliant and streamline compliance across your organisation. for sensitive data management GDPR HIPAA
  • 27. EU Data Protection Laws and Health Data and Apps Jovan Stevovic jovan@chino.io