Objectives: Aiming to strengthen EU citizens’ fundamental privacy rights in the digital age the new European General Data Protection Regulation shall apply from May 25th 2018. It will require companies processing personal data to implement a set of organizational and technical controls for ensuring proper handling of these data. Obviously this applies for companies providing eHealth services. As HL7 off ers a lot of material to support security and privacy for handling personal healthcare data, this paper aims at showing which HL7 standards and components can be used to support the implementation of GDPR related controls.
Methods: The paper shows some key facts of the European GDPR as well as analyzes HL7 standards and components in the security and privacy domain to provide a basic mapping.
Results: As a result the paper provides a table mapping HL7 artifacts to GDPR requirements.
Conclusion: The paper shows, that consequently using HL7 security and privacy standards and components effi ciently helps to implement GDPR requirements.