Healthcare partner Ricky Benjamin and Litigation associate Christy Hawkins described how U.S. companies dealing with strict European security regulations could steer clear of any violations in a recent article they wrote for LexisNexis’ Pratt’s Privacy & Cybersecurity Law Report.
In a recent case, Benjamin and Hawkins noted a French e-health provider came before the French Conseil d’Etat, the country’s highest administrative court, because it was using computer servers of a subsidiary of American tech giant Amazon to store and process medical data. The French company, Doctolib, was involved in the French government’s drive to vaccinate citizens against Covid-19.
Benjamin and Hawkins wrote that Doctolib figured out how to comply with French concerns over the possibility that the U.S. government or other authorities might seek information about patients by working through the Amazon connection.
The authors outlined three crucial areas where the company established safeguards against any improper release of data: Legal, technical, and administrative concerns were all covered by the company protocol, satisfying the court.