What is it?
The concept that individuals own all of their personal information and have sole authority over who should have access to their information and how, when, and where it can be distributed.
Why is it important?
All organizations that deal with private health information in the US must abide by the Health Insurance Portability and Accountability Act (HIPAA)(HIPAA). In addition, the European Union’s General Data Protection Regulation (GDPR) legislation affects all organizations that deal with people in the European Union, regardless of where the organization is based. To abide by the law and to respond to customer needs, business professionals must take privacy seriously.