If you’re not familiar with the acronym GDPR, it stands for “General Data Protection and Privacy Regulation”, and it stems from a law passed in the European Union (EU) and European Economic Area to protect the privacy of their citizens. The EU adopted GDPR in mid-2016 and it took effect on May 2018.
Just like HIPAA patient privacy rights have protection, the EU created GDPR to control how websites can use the personal information of visitors. The regulation applies whether the website is domestic (in the EU) or abroad, such as in the United States.
But don’t freak out if your facility doesn’t have one of these disclosures just yet. It’s not too late to get one added to your site that will cover your center’s heinie.
Serene Beginnings’ site offers an excellent example of a GDPR compliant policy…
“Notice to Users Outside of the United States
[credit source: https://serenebeginnings.com/terms-privacy/]
As you can see above, Serene Beginnings treatment center does a good job of warning international visitors about what their facility does with the information they collect. Their statement covers ANYONE from outside the USA. This type of disclosure satisfies GDPR and will theoretically cover any additional regions that adopt similar legislature down the road.
Meet the Requirements With Help From Our Marketing Agency