Skip to main content

MRO’s Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB, Vice President of Privacy, Compliance and HIM Policy, discusses Global Data Privacy Rule (GDPR) compliance.

As healthcare organizations navigate an increasingly complex regulatory environment, leaders at variouslevels—particularly HIM, release of information (ROI), compliance, finance, health information technology (HIT), privacy, and security—face unprecedented challenges. Among competing priorities is the potential impact of the European Union (EU) General Data Protection Regulation (GDPR), which officially goes into effect May 25, 2018. All entities conducting business with individuals located in EU member nation territories are required to comply with the new law. Failure to prepare for the regulation could lead to severe legal and financial consequences.

According to findings from The Veritas 2017 GDPR Report, “almost one-third (31%) of respondents said their enterprise already conforms to the legislation’s key requirements. However, when those same respondents were asked about specific GDPR provisions, most provided answers that show they are unlikely to be in compliance. In fact, only 2% actually appear to be in compliance, revealing a distinct misunderstanding over regulation readiness.”


Bowen is an established author and speaker on healthcare privacy and security. She is an active member of the American Health Information Management Association (AHIMA), having served as its President and Board Chair, as a member of the Board of Directors and of the Council on Certification, and currently sits on the AHIMA Foundation Board of Directors. In her role at MRO, Bowen works with clients to ensure HIM policies and procedures are to code. Additionally, Bowen serves as the company’s Privacy and Compliance Officer (CPO).

More Posts