The Axios online news website announced that the White House is seemingly in the process of sketching a federal framework for the protection of online personal data for the United States similar to the EU GDPR law that went into effect in 2018. At Andaman7, we are delighted to hear this news, as it reinforces our strategy in this area. From the start, our mobile health application was designed to enable the patient exercise their rights!
According to the Axios website, preliminary discussions show that the White House intends to weigh on the debates surrounding online privacy issues. This would be a kind of direct response regarding this issue of privacy, and in this case the GDPR (General Data Protection Regulation). The objective of the American authorities is to develop a counterpart to the European Data Protection Regulation, in order to prevent it from becoming, de facto, the global norm in this domain. In fact, the recent application of this European regulation, and the heavy fines associated with it, have given cold sweats to some American companies and regulatory bodies.
A solution Made in USA
According to Axios, pressure is intensifying on the American authorities to make decisions in this area. In California, a parliamentary initiative could lead to the establishment of a strict regulation on online privacy protection, as early as November 2018. Some fear that the proliferation of this kind of legislation will lead to a confusing mosaic of rules that will be difficult to follow.
Still, it seems discussions between Gail Slater, President Trump's special assistant for Tech, telecoms and cybernetics, and some representatives of the information technology industry have apparently taken place. At this stage, it is still unclear on what types of solutions these discussions could lead to: passing a law in Congress, intervention of a regulatory body, establishment of good practices on a voluntary basis by the industry... The scope of this new regulation is not yet known either. Gail Slater states that she is in favor of greater control being attributed to consumers regarding their online data, though she has already drawn attention to the cumbersome nature of such regulation for small businesses, as well as the uncertainty it creates for companies that try to comply with this. According to her, the US would in any case not be creating a simple clone of the European GDPR.
Andaman7: GDPR Class-compliant!
At Andaman7, we are evermore delighted by this good news for patients and consumers. "So far, the processing of private data in the United States, particularly medical data, is still very loose. A number of American organizations are using patients' data without the patients’ consent”, said Philippe Lemmens, COO of Andaman7. “The GDPR discussions show that Uncle Sam also seems to be concerned with better protecting patients’ rights”, he continued.
Privacy by default, Security by design.
These exchanges of views also reinforce the values that we’ve implemented from the outset of our mobile application. "Our digital solution, as it was conceived, designed and realized is, one could say, is GDPR Class-compliant!” continued Philippe Lemmens.
With Andaman7, it is the patient themselves who manage the information he/she wishes to share and with whom he/she shares it. "It's not Andaman7 who decides what medical data can be shared, be it anonymized or not. It is the patient user. We only put in place a channel for interaction between him and his medical researcher, within the scope of a clinical study, for example. We use a peer-to-peer data exchange approach. We facilitate the flow of information, but we do not store it or exploit it." Therefore, nothing prevents Andaman7 from equally being compatible with the future American online privacy regulation, quite the contrary! "Few companies go as far as we do on this issue. Our digital solution should be particularly well positioned to be approved even in the USA”, states Philippe Lemmens.
Get ready for stricter data privacy, soon outside the European Union as well. Collaborate with Andaman7, an eHealth application and last generation ePRO already GDPR compliant.