• 2 Posts
  • 15 Comments
Joined 2 years ago
cake
Cake day: June 6th, 2023

help-circle




  • I don’t where you live. But almost all of bigtech US cloud is problematic (Read: Illegal to use) for storing or processing of Personal information according to the GDPR if you’re based in the EU. Don’t know about HIPPA and other non-EU legislation. But almost all cloudservices use US bigtech as a subprocessor under the hood. Which means that the use of AI and cloud is most likely not GDPR-complaint. Which you could mention to the right people and hope they listen.

    Edit: It’s illegal to use for the processing of the patients PII, because of transfer to insecure third countries and because bigtech uses the data for their own purposes without any legal basis.

    Edit 2: The same is the case with your, and your colleagues PII.

    In my opinion privacy and GDPR is the same in this case. I think most public authorities is required to have a DPO, fx hospitals or the relevant health authority. The DPO can help answer your and your bosses questions on the mentioned questions.

    Hope you figure it out.



  • privsecfoss@feddit.dktoSelfhosted@lemmy.worldAfter I’m Gone Backup Solution
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Often thought of the same thing. So leaving this comment here in case someone got a good solution that don’t involve big tech.

    When I get the time my plan is to read up on big techs solutions, fx Google and Apple, who as I understand can give your family access under certain conditions if your’ve passed.

    EDIT: And replicate their solution using FOSS / self hosting.