S1, E1: David Reim discusses data privacy best practices, the fragmented regulatory landscape, and medical media's high level of integrity - a podcast by Association of Medical Media

Length: 29:39

Guest: David Reim, Digital Privacy Officer, DMD

Host: Jason E. Carris

David Reim, Chief Privacy Officer at DMD, joins the AMM Conversation to explore data privacy and medical media. A veteran of healthcare marketing and communication, Reim dives into best practices on data acquisition, the legislative landscape, and contrasts medical media compliance vs. the “wild wild west” of consumer marketing.

Reim says when it comes to data acquisition, the best practice is to obtain a direct opt-in from every user. “No laws require an opt-in in the U.S," he says. "In Europe, GDPR requires an opt-in. Plus, GDPR does not allow a “master” opt-in. You can’t get an opt-in for one newsletter and send them a dozen.”

He says the U.S. is in “no man’s land” when it comes to universal data privacy regulation. “Some legislation is at the state level, so it only applies to some people in the U.S. I think we eventually will have federal legislation,” he says. “Right now … [regulation] is highly fragmented and quite a difficult time for companies that want to do the right thing and be compliant.”

Reim notes, in his experience, 99% of medical media is operating with a “high level of integrity. The vast majority of players in the healthcare market are doing the right thing or at least have the intention of doing the right thing. I think any legislation is not aimed at these folks; it is aimed at folks who aren’t doing the right thing.”

Two keys for collecting data from an end user: transparency and end user control of their data. He says companies can take an offensive or defensive stance with regard to data privacy. Defense means privacy compliance in order to avoid litigation. “Offensively, is to say, ‘this is what my users want and I am going to be very up front with their data and allow them to control it as much as possible.”

Privacy policies on a website or email can tell you a lot about the user-business relationship. He says a privacy policy should clearly, in plain English, explain how the end users’ data will be managed.

Resources:

Check out DMD’s Data Privacy Series.

Read AMM’s Principles of Online Privacy statement (PDF).

Next:  Ep. 2 features data privacy discussion with Stephanie Hanaway, Director of Journal Media at the American Academy of Family Physicians, and an AMM Board Member.

Contact us:  AMM Conversation is the official podcast of the Association of Medical Media. Send questions and comments about this podcast series to jcarris525@gmail.com.

Further episodes of AMM Conversation

Further podcasts by Association of Medical Media

Website of Association of Medical Media