Institute:Office of National Coordinator (ONC) Workforce Training Curriculum
Component:The Culture of Health Care
Unit:Privacy, Confidentiality, and Security
Lecture:Definitions of privacy, confidentiality, and security
Slide content:What Do Other Governments Do? 2012 European Commission Directive Proposed comprehensive reform on data protection rules in the European Union February, 2016: Finalized the reform of the EU data protection rules EUUS Umbrella Agreement ensuring data protection for data transfers across the Atlantic (European Commission, 2016)
Slide notes:The United States is not the only government that has been addressing privacy and security activities. In January 2012, the European Commission proposed a comprehensive reform of data protection rules in the European Union (EU) with the objective of giving back to citizens control over of their personal data and to simplify the regulatory environment for business. The data protection reform is a key enabler of the Digital Single Market. Under EU law, personal data can be gathered legally only under strict conditions, for a legitimate purpose. Furthermore, persons or organizations that collect and manage personal information must protect it from misuse and must respect certain rights of the data owners, which are guaranteed by EU law. The belief driving this initiative is that everyone has the right to the protection of personal data. In February 2016, the European Commission finalized the [quote] reform of EU data protection rules, which apply to all companies providing services on the EU market. The Commission negotiated the EUU.S. Umbrella Agreement ensuring high data protection standards for data transfers across the Atlantic for law enforcement purposes. The Commission achieved a renewed sound framework for commercial data exchange: the EUU.S. Privacy Shield. [end quote] The United States will publish written commitments in the U.S. Federal Register and assurance on the safeguards and limitations concerning public authorities access to data. Previously, the European Commission devoted efforts to the protection of individual privacy. The 2007 directive 95/46/EC provided a set of fairly stringent rules that essentially allows data processing only with consent or in some highly specific circumstances, such as a legal obligation, or what is defined as a public necessity, usually revolving around public health. These are just examples of what other governments are doing around privacy and security. 17