Learn About Ethical and Legal Aspects

Be Informed of International Laws

General Data Protection Regulation (GDPR)
What is the GDPR?
The GDPR is a regulation that sets guidelines for collecting and processing personal information from individuals who live in the European Union (EU) and the European Economic Area. The 27 member countries  of the EU share a set of economic and political policies. Three other countries (Iceland, Liechtenstein, and Norway) are part of the European Economic Area, which allows these countries to be part of the single EU market.

The GDPR also regulates the release of personal information outside the EU and European Economic Area. The GDPR simplifies regulations that give individuals control over their personal information regardless of where in the world that information is used.

How does the GDPR apply to registries?
If your registry includes participants from the EU or European Economic Area, it must comply with the GDPR. These regulations apply to the personally identifiable information of people in the registry, regardless of the location of the registry.

Resources

Know U.S. Laws & Regulations
HIPAA Basics – Privacy and Security U.S. Department of Health and Human Services (HHS) (link)
Be Informed of International Laws