In May, 2018, The European Union passed the “most important change in data privacy regulation in 20 years” (Trunomi, 2018). You are to assume that your organization is planning on expanding their healthcare business to a European country. You and your Board are headed to a strategic planning meeting related to the start of this new venture. You have been assigned the task of reporting on the effect that the GDPR will have on the organization’s operations. You have several tasks before you. 1. Read through the information provided regarding the General Data Protection Regulation (i will provide some articles) 2. Read regarding HIPAA requirements related to Privacy, Confidentiality and Security 3. In Part 1 of your paper, you are to compare and contrast the major components of these two major pieces of legislation. At a minimum the following areas should be addressed: • Components of Informed Consent • Data protection officer/Compliance Officer Duties • Email marketing • Encryption • Fines/Penalties • Personal Data/PHI • Privacy impact assessment • Right of Access • Right to be Forgotten • Right to be informed • Third Countries 4. You can do this in a table format, or in a narrative format. If you do it in a narrative format, use the bulleted points as paragraph headers. 5. In Part 2 of your paper, you are going to make recommendations to your Board of Trustees as they begin their strategic planning process. What changes will need to make in order to adhere to these regulations. Consider the personnel that would need to be involved as well as any procedural changes and challenges that will have to be met. Let the Board know if there are any downsides to implementing the proposed changes. 6. Part 3 of this assignment is to reflect on the information you investigated. Do you think the GDPR is a better piece of legislation? Why or why not? This should be 1 – 2 paragraphs. 7. In general, you should have at least 3 resources. Use APA formatting. Source: Trunomi. European Union General Data Protection Regulation education webpage. www.eugdpr.org .