Appreciating Healthcare Data Privacy Laws in Canada, the United Kingdom, and the United States

From a historical perspective, Canada, the United Kingdom, and the United States have an interesting relationship dynamic. The evolution of each country’s health system and, in turn, the transition to electronic health records (EHRs) provides another area to assess these countries relationships and policies. Government agreements between nations are the norm in taxation allocation and are becoming more prevalent in the area of an individual’s electronic protected health information. Therefore, the purpose of this article is to assess each country’s main healthcare data privacy laws, provide a framework for understanding the agreements between these nations, and provide insights for internal auditors on what to look for when assessing companies and government entities who address international laws in relation to protected health information (PHI).