Karen Dreyer is a legal, risk & compliance specialist who works as a freelance consultant for various clients. She is also a qualified attorney and notary. She has spent 8½ years in legal practice and 17 years within the healthcare and healthcare information technology industries in South Africa. Her experience includes 7 yearswithin the healthcare funding industry in the USA. During 2006/2007 Karen was a Member of the ICD-10 Patient Confidentiality Subcommittee, which was tasked by the ICD-10 National Task Team to review the existing legal and ethical framework to ensure patient confidentiality across the information pathway. She has extensive experience in SA, US and EU privacy legislation.
This includes the South African Protection of Personal Information Act No. 4 of 2013 (“POPIA”) since inception, the American Health Insurance Portability and Accountability Act of 1996 and related regulations (“HIPAA”), the American Health Information Technology for Economic and Clinical Health Act (“HITECH”), as well as the European Union Directive on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (which has now been replaced by the General Data Protection Regulation (“GDPR”)). Karen’s experience has been across all role-players in the healthcare industry and she has a deep understanding of the regulatory issues and challenges facing this industry.