Search

Sunday, March 11, 2018

Blockchain and healthcare privacy laws just don't mix

Blockchain and healthcare privacy laws just don't mix | Healthcare IT News:



"while the digital ledger technology has promise, blockchain will struggle to dovetail with the existing realities of privacy law."



'via Blog this'

The Blockchain-GDPR Paradox: a seriously under-appreciated problem

"The way GDPR is formulated, we cannot store data directly on the blockchain since in GDPR terms ‘it is not erasable’. This prohibits us from using this technology to its full potential, so we need to rely on ‘older’ systems for storing data" - Andries Van Humbeeck @wearetheledger

The Blockchain-GDPR Paradox – wearetheledger – Medium

It should be noted that any use of blockchain that allows correlation of record header or meta data is also going to fall foul of privacy rules and requirements besides edit/erase.

For example, medical privacy might not be well-served by a publicly readable blockchain from which Bob can deduce that Alice visited a fertility clinic three times this month (for various scenarios in which Bob and Alice may know each other, or not).

'via Blog this'

Useful GDPR resources (and countdown clock) from ESET UK

In May 2018, a new EU-wide data protection regulation comes into force...This site is designed to help you understand the GDPR, quantify the requirements, and offer solutions. The General Data Protection Regulation (GDPR) will affect every organisation in Europe that handles personal data of any kind. It will also affect any company that does business in the EU.

https://www.eset.com/uk/gdpr/solutions/

Not the official EU GDPR home page, but v. useful info

"This website is a resource to educate the public about the main elements of the General Data Protection Regulation (GDPR). After four years of preparation and debate, the GDPR was finally approved by the EU Parliament on 14 April 2016. Enforcement date: 25 May 2018 - at which time those organizations in non-compliance may face heavy fines. "

Home Page of EU GDPR