CROSS-BORDER COMPLIANCE: NAVIGATING HIPAA AND GDPR IN DIGITAL HEALTH PLATFORMS
Ключевые слова:
Digital health, HIPAA, GDPR, cross-border compliance, data protection, patient privacyАннотация
This dissertation investigates the complex challenges digital health platforms face in achieving cross-border compliance with the Health Insurance Portability and Accountability Act (HIPAA) in the United States and the General Data Protection Regulation (GDPR) in the European Union. Through a mixed-methods approach, combining qualitative case studies, expert interviews, and quantitative compliance metrics analysis, the study identifies significant hurdles stemming from divergent consent requirements, data access protocols, and audit obligations. These differences often result in increased operational costs and legal risks for platforms operating internationally. The findings emphasize the need for harmonized regulatory frameworks to balance patient privacy with innovation in digital health services. By highlighting practical compliance strategies and the necessity for interdisciplinary collaboration, this research offers actionable insights for policymakers and stakeholders. It contributes to the discourse on global data protection, advocating for adaptive compliance models to support secure and efficient digital health solutions across jurisdictions.
Библиографические ссылки
Oluwatoyin Ajoke Fayayola, Oluwabukunmi Latifat Olorunfemi, Philip Olaseni Shoetan (2024) DATA PRIVACY AND SECURITY IN IT: A REVIEW OF TECHNIQUES AND CHALLENGES. Volume(5), 606-615. Computer Science & IT Research Journal. doi: https://doi.org/10.51594/csitrj.v5i3.909
2. S. Williamson, Victor R. Prybutok (2024) Balancing Privacy and Progress: A Review of Privacy Challenges, Systemic Oversight, and Patient Perceptions in AI-Driven Healthcare. Volume(14), 675-675. Applied Sciences. doi: https://doi.org/10.3390/app14020675
3. Oliver Aalami, Michael Hittle, Vishnu Ravi, Ashley C Griffin, Paul Schmiedmayer, Varun Shenoy, Santiago Ortega‐Gutiérrez, et al. (2023) CardinalKit: open-source standards-based, interoperable mobile development platform to help translate the promise of digital health. Volume(6). JAMIA Open. doi: https://doi.org/10.1093/jamiaopen/ooad044
4. Jillian Oderkirk (2021) Survey results: National health data infrastructure and governance. OECD health working papers. doi: https://doi.org/10.1787/55d24b5d-en
5. McSeth Antwi, Asma Adnane, Farhan Ahmad, Rasheed Hussain, Muhammad Habib ur Rehman, Chaker Abdelaziz Kerrache (2021) The case of HyperLedger Fabric as a blockchain solution for healthcare applications. Volume(2), 100012-100012. Blockchain Research and Applications. doi: https://doi.org/10.1016/j.bcra.2021.100012
6. Shiva Maleki Varnosfaderani, Mohamad Forouzanfar (2024) The Role of AI in Hospitals and Clinics: Transforming Healthcare in the 21st Century. Volume(11), 337-337. Bioengineering. doi: https://doi.org/10.3390/bioengineering11040337
7. Shuroug A. Alowais, Sahar S. Alghamdi, Nada Alsuhebany, Tariq Alqahtani, Abdulrahman Alshaya, Sumaya N. Almohareb, Atheer Aldairem, et al. (2023) Revolutionizing healthcare: the role of artificial intelligence in clinical practice. Volume(23). BMC Medical Education. doi: https://doi.org/10.1186/s12909-023-04698-z
8. Madhan Jeyaraman, Sangeetha Balaji, Naveen Jeyaraman, Sankalp Yadav (2023) Unraveling the Ethical Enigma: Artificial Intelligence in Healthcare. Cureus. doi: https://doi.org/10.7759/cureus.43262
9. Faheem Ahmad Reegu, Hafiza Abas, Yonis Gulzar, Qin Xin, Ali A. Alwan, Abdoh Jabbari, Rahul Ganpatrao Sonkamble, et al. (2023) Blockchain-Based Framework for Interoperable Electronic Health Records for an Improved Healthcare System. Volume(15), 6337-6337. Sustainability. doi: https://doi.org/10.3390/su15086337
10. Babajide Tolulope Familoni, Emmanuel Adeyemi Abaku, Agnes Clare Odimarha (2024) Blockchain for enhancing small business security: A theoretical and practical exploration. Volume(7), 149-162. Open Access Research Journal of Multidisciplinary Studies. doi: https://doi.org/10.53022/oarjms.2024.7.1.0020
11. Ashish Rauniyar, Desta Haileselassie Hagos, Debesh Jha, Jan Erik Håkegård, Ulaş Bağcı, Danda B. Rawat, Vladimir Vlassov (2023) Federated Learning for Medical Applications: A Taxonomy, Current Trends, Challenges, and Future Research Directions. Volume(11), 7374-7398. IEEE Internet of Things Journal. doi: https://doi.org/10.1109/jiot.2023.3329061
12. Luke Slawomirski, Luca Lindner, Katherine De Bienassis, Philip Haywood, Tiago Cravo Oliveira Hashiguchi, Melanie Steentjes, Jillian Oderkirk (2023) Progress on implementing and using electronic health record systems. OECD health working papers. doi: https://doi.org/10.1787/4f4ce846-en
13. Jip W T M de Kok, Miguel Ángel Armengol de la Hoz, Y. de Jong, Véronique Brokke, Paul Elbers, Patrick Thoral, Alejandro Castillejo, et al. (2023) A guide to sharing open healthcare data under the General Data Protection Regulation. Volume(10). Scientific Data. doi: https://doi.org/10.1038/s41597-023-02256-2
14. Yogesh K. Dwivedi, Laurie Hughes, Abdullah M. Baabdullah, Samuel Ribeiro‐Navarrete, Mihalis Giannakis, Mutaz M. Al‐Debei, Denis Dennehy, et al. (2022) Metaverse beyond the hype: Multidisciplinary perspectives on emerging challenges, opportunities, and agenda for research, practice and policy. Volume(66), 102542-102542. International Journal of Information Management. doi: https://doi.org/10.1016/j.ijinfomgt.2022.102542
15. Hancy Issac, Clint Moloney, Melissa Taylor, Jackie Lea (2022) Mapping of Modifiable Factors with Interdisciplinary Chronic Obstructive Pulmonary Disease (COPD) Guidelines Adherence to the Theoretical Domains Framework: A Systematic Review. Volume(Volume 15), 47-79. Journal of Multidisciplinary Healthcare. doi: https://doi.org/10.2147/jmdh.s343277
16. Melissa L. Rethlefsen, Shona Kirtley, Siw Waffenschmidt, Ana Patricia Ayala, David Moher, Matthew J. Page, Jonathan Koffel, et al. (2021) PRISMA-S: an extension to the PRISMA Statement for Reporting Literature Searches in Systematic Reviews. Volume(10). Systematic Reviews. doi: https://doi.org/10.1186/s13643-020-01542-z
17. Nathalie Percie du Sert, Amrita Ahluwalia, Sabina Alam, Marc T. Avey, Monya Baker, William J. Browne, Alejandra Clark, et al. (2020) Reporting animal research: Explanation and elaboration for the ARRIVE guidelines 2.0. Volume(18), e3000411-e3000411. PLoS Biology. doi: https://doi.org/10.1371/journal.pbio.3000411
18. Luciano Floridi, Josh Cowls, Monica Beltrametti, Raja Chatila, Patrice Chazerand, Virginia Dignum, Christoph Luetge, et al. (2018) AI4People—An Ethical Framework for a Good AI Society: Opportunities, Risks, Principles, and Recommendations. Volume(28), 689-707. Minds and Machines. doi: https://doi.org/10.1007/s11023-018-9482-5
19. Ruchir Shah, S. Shah, Priyanka Pathak (2025) Metaverse work culture: the emergence of virtual-first companies and HR’s role. Strategic HR Review. doi: https://www.semanticscholar.org/paper/1c38cb47783da239a342867f1fdb789fe7293d89
20. S. M. M. Rahman (2025) HUMAN RESOURCE MANAGEMENT IN THE TRANSPORT SECTOR: A SYSTEMATIC LITERATURE REVIEW OF STRATEGIC APPROACHES AND SECTORAL IMPACTS. American Journal of Interdisciplinary Studies. doi: https://www.semanticscholar.org/paper/e121c0f56084c726dced145dcda313425d6d8944
21. FIGUREMing Fan, Le Yu, Sen Chen, Hao Zhou, Xiapu Luo, Shuyue Li, Yang Liu, Jun Liu, Ting Liu (2020). An Empirical Evaluation of GDPR Compliance Violations in Android mHealth Apps. *arXiv*. Retrieved from https://arxiv.org/abs/2008.05864*Note.* Adapted from An Empirical Evaluation of GDPR Compliance Violations in Android mHealth Apps, by Ming Fan, Le Yu, Sen Chen, Hao Zhou, Xiapu Luo, Shuyue Li, Yang Liu, Jun Liu, Ting Liu, 2020, arXiv. Retrieved from https://arxiv.org/abs/2008.05864.Suleiman Saka, Sanchari Das (2024). Evaluating Privacy Measures in Healthcare Apps Predominantly Used by Older Adults. **. Retrieved from https://arxiv.org/abs/2410.14607*Note.* Adapted from Evaluating Privacy Measures in Healthcare Apps Predominantly Used by Older Adults, by Suleiman Saka, Sanchari Das, 2024, BuildSEC'24 Building a Secure & Empowered Cyberspace 2024. Retrieved from https://arxiv.org/abs/2410.14607.Mastering Data Privacy: Structuring Programs, GDPR Compliance, CCPA Readiness, DPO Duties & Cross – Border Transfer Mechanisms (2025). Mastering Data Privacy: Structuring Programs, GDPR Compliance, CCPA Readiness, DPO Duties & Cross – Border Transfer Mechanisms. *WealthGuard Advisory*. Retrieved from https://lovesyh.com/mastering-data-privacy-structuring-programs-gdpr-compliance-ccpa-readiness-dpo-duties-cross-border-transfer-mechanisms/*Note.* Adapted from Mastering Data Privacy: Structuring Programs, GDPR Compliance, CCPA Readiness, DPO Duties & Cross – Border Transfer Mechanisms, by Mastering Data Privacy: Structuring Programs, GDPR Compliance, CCPA Readiness, DPO Duties & Cross – Border Transfer Mechanisms, 2025, WealthGuard Advisory. Retrieved from https://lovesyh.com/mastering-data-privacy-structuring-programs-gdpr-compliance-ccpa-readiness-dpo-duties-cross-border-transfer-mechanisms/.
22. FIGUREMing Fan, Le Yu, Sen Chen, Hao Zhou, Xiapu Luo, Shuyue Li, Yang Liu, Jun Liu, Ting Liu (2020). An Empirical Evaluation of GDPR Compliance Violations in Android mHealth Apps. **. Retrieved from https://arxiv.org/abs/2008.05864*Note.* Adapted from An Empirical Evaluation of GDPR Compliance Violations in Android mHealth Apps, by Ming Fan, Le Yu, Sen Chen, Hao Zhou, Xiapu Luo, Shuyue Li, Yang Liu, Jun Liu, Ting Liu, 2020. Retrieved from https://arxiv.org/abs/2008.05864.Suleiman Saka, Sanchari Das (2024). Evaluating Privacy Measures in Healthcare Apps Predominantly Used by Older Adults. **. Retrieved from https://arxiv.org/abs/2410.14607*Note.* Adapted from Evaluating Privacy Measures in Healthcare Apps Predominantly Used by Older Adults, by Suleiman Saka, Sanchari Das, 2024, BuildSEC'24 Building a Secure & Empowered Cyberspace 2024. Retrieved from https://arxiv.org/abs/2410.14607.Nil Jay Perolina (2023). 95% of Healthcare Data Breaches: Ensuring HIPAA Compliance in the Digital Age. *MedPro Disposal*. Retrieved from https://www.medprodisposal.com/95-of-healthcare-data-breaches-ensuring-hipaa-compliance-in-the-digital-age/*Note.* Adapted from 95% of Healthcare Data Breaches: Ensuring HIPAA Compliance in the Digital Age, by Nil Jay Perolina, 2023, MedPro Disposal. Retrieved from https://www.medprodisposal.com/95-of-healthcare-data-breaches-ensuring-hipaa-compliance-in-the-digital-age/.
23. TABLEIvan Sinapov (2025). Digital Health Compliance in Europe and the USA. *XTATIC HEALTH*. Retrieved from https://www.bgosoftware.com/blog/digital-health-regulation-a-comparative-study-of-the-eu-and-the-usa/*Note.* Adapted from Digital Health Compliance in Europe and the USA, by Ivan Sinapov, 2025, XTATIC HEALTH. Retrieved from https://www.bgosoftware.com/blog/digital-health-regulation-a-comparative-study-of-the-eu-and-the-usa/.Challenges of GDPR compliance for clinical trials spanning multiple international borders – a case study (2025). Challenges of GDPR compliance for clinical trials spanning multiple international borders – a case study. *Pharma Data Protection*. Retrieved from https://www.pharmadataprotection.com/knowledge-centre/challenges-of-gdpr-compliance-for-clinical-trials-spanning-multiple-international-borders/*Note.* Adapted from Challenges of GDPR compliance for clinical trials spanning multiple international borders – a case study, by Challenges of GDPR compliance for clinical trials spanning multiple international borders – a case study, 2025, Pharma Data Protection. Retrieved from https://www.pharmadataprotection.com/knowledge-centre/challenges-of-gdpr-compliance-for-clinical-trials-spanning-multiple-international-borders/.Max Johnson (2023). Are there challenges in cross-border transfer of HIPAA Protected Health Information?. **. Retrieved from https://www.healthcareindustry.news/cross-border-transfer-hipaa-protected-health-information/*Note.* Adapted from Are there challenges in cross-border transfer of HIPAA Protected Health Information?, by Max Johnson, 2023, HIPAA News and Advice. Retrieved from https://www.healthcareindustry.news/cross-border-transfer-hipaa-protected-health-information/.
TABLEMark Barnes, Barbara E. Bierer, David Peloquin (2024). Impact of Privacy Laws on Clinical Research. *The Multi-Regional Clinical Trials Center of Brigham and Women's Hospital and Harvard*. Retrieved from https://mrctcenter.org/project/impact-of-gdpr-and-privacy-laws-on-clinical-research/*Note.* Adapted from Impact of Privacy Laws on Clinical Research, by Mark Barnes, Barbara E. Bierer, David Peloquin, 2024, The Multi-Regional Clinical Trials Center of Brigham and Women's Hospital and Harvard. Retrieved from https://mrctcenter.org/project/impact-of-gdpr-and-privacy-laws-on-clinical-research/.Roberta B Ness (2007). Influence of the HIPAA Privacy Rule on health research. *JAMA*. Retrieved from https://pubmed.ncbi.nlm.nih.gov/18000200/*Note.* Adapted from Influence of the HIPAA Privacy Rule on health research, by Roberta B Ness, 2007, JAMA, JAMA, Vol 298, Issue 18, p. 2164-2170. Retrieved from https://pubmed.ncbi.nlm.nih.gov/18000200/.Neil Crowhurst, Michael Bergin, John Wells (2019). Implications for nursing and healthcare research of the general data protection regulation and retrospective reviews of patients' data. *Nurse Research*. Retrieved from https://pubmed.ncbi.nlm.nih.gov/31468836/*Note.* Adapted from Implications for nursing and healthcare research of the general data protection regulation and retrospective reviews of patients' data, by Neil Crowhurst, Michael Bergin, John Wells, 2019, Nurse Research, Nurse Research, Vol 27, Issue 1, p. 45-49. Retrieved from https://pubmed.ncbi.nlm.nih.gov/31468836/.Nass SJ, Levit LA, Gostin LO (2009). Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research. *National Academies Press (US)*. Retrieved from https://www.ncbi.nlm.nih.gov/books/NBK9573/*Note.* Adapted from Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research, by Nass SJ, Levit LA, Gostin LO, 2009, National Academies Press (US). Retrieved from https://www.ncbi.nlm.nih.gov/books/NBK9573/.Nass SJ, Levit LA, Gostin LO (2009). Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research. *National Academies Press (US)*. Retrieved from https://www.ncbi.nlm.nih.gov/books/NBK9584/*Note.* Adapted from Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research, by Nass SJ, Levit LA, Gostin LO, 2009, National Academies Press (US). Retrieved from https://www.ncbi.nlm.nih.gov/books/NBK9584/.
