Document Type

Article

Publication Date

2017

Publication Title

Seton Hall Law Review

Abstract

In this Article, Professor Tovino compares and contrasts three illustrative concepts and rights in the Privacy Rule and/or the GDPR, including the concepts of authorization and consent, the rights of amendment and rectification, and the right to erasure. Identified similarities reflect the core values of HHS and the EU with respect to maintaining the confidentiality and privacy of personal data and protected health information, respectively. Identified differences reflect the Privacy Rule's original, narrow focus on health industry participants and individually identifiable health information compared to the GDPR's broad focus on data controllers and personal data. Other differences reflect, perhaps, the U.S. health care industry's significant experience with heavy regulation, the health care industry's willingness to accept additional regulation in furtherance of the course of business, and specific concerns about the ways in which employers, insurers, and other institutions have used individuals' health information to their detriment.

Volume

47

First Page

973

Share

COinS