Regional Hosting of Personal Health Information

kreid

Involved In Discussions
Hello,

Does anyone know of any countries and/or regulatory authorities that have restrictions on where personal health information can be stored, transitted through or processed?

For example, if I have a web portal that captures personal health information in Europe and that information is stored on the cloud on servers in Asia and processed in Australia and then returned through the same route.
Some of the data will be stored for a number of years both on the cloud servers and locally in Australia.

And the same example but with the data being American PHI, or any other regions that might be sensitive.

Thanks

kreid
 

anmael

Registered
Hi kreid,

as for Europe you should have a look at the General Data Protection Regulation (GDPR) which was adopted on 27 April 2016 and enters into application 25 May 2018. It extends the scope of EU data protection law to all foreign companies processing data of EU residents. The penalties for non-compliance are up to 5% of a company's annual global turnover...

Regards, Angelika.
 

shimonv

Trusted Information Resource
And on the US side you should take a look on HIPAA regulation. It has a lot of restrictions regarding the handling of patient health information (PHI).

Shimon
 
Top Bottom