r/Compliance

HIPAA and GDPR compliance

How do you handle HIPAA and GDPR compliance when sharing visual patient data (like skin lesions or gait videos) with outside researchers?

I am trying to understand the process. Do you just manually blur faces in Premiere/Photoshop? Do you just avoid sharing it entirely? How much of a bottleneck is this?

reddit.com

Has compliance training ever sparked meaningful conversations at your organization?

Compliance often gets viewed as something to check off a list. I'm curious to hear if anyone's seen it genuinely spark discussions among employees or team members. Or maybe even conversations between employees and managers as well.

reddit.com
u/TraliantTeam — 5 days ago

What's a compliance task that looks simple until you're the one doing it?

There are some compliance activities that sound straightforward when someone explains them in a meeting.

Then you actually get involved and discover there are ten stakeholders, three spreadsheets, and a dozen follow-up emails behind the scenes.

What's a task that looked easy to you at first but turned out to be much more complicated in practice?

reddit.com
u/Icy_Connection_1604 — 12 days ago

Weekly Promo and Webinar Thread

Vendors, please share any self-promotional content or webinar details within this thread.

Posts made outside this designated space will be removed.

Please see our rules page: https://www.reddit.com/mod/Compliance/rules

Make sure to use direct links—URL shorteners are not allowed, and the auto moderator will remove your post if they’re used.

If the community isn't interested, your comment will simply get downvoted.

reddit.com
u/ComplianceScorecard — 14 days ago

What Is the Most Frustrating Part of Compliance That Nobody Talks About?

We have seen regulators continue increasing enforcement across multiple frameworks, including GDPR, CCPA, HIPAA, and industry specific requirements. Most conversations focus on penalties, investigations, and new regulations, but much less attention is given to the practical challenges of maintaining compliance day after day.

Many organizations have policies, procedures, and training in place, yet compliance teams still face recurring obstacles that consume time, create uncertainty, and make it difficult to demonstrate compliance effectively.

If your organization were subject to a regulatory audit tomorrow, what aspect of compliance would concern you most?

Would it be documentation, evidence collection, employee adoption, regulatory interpretation, third party risk, responding to data subject requests, maintaining training records, or something else entirely?

For those working in compliance, risk, privacy, or governance roles, what challenge consistently creates the most friction in your day to day work?

I'm curious whether the biggest challenges are universal across industries or whether they differ significantly depending on the regulatory framework and organization.

reddit.com
u/Specialist-Ad152 — 14 days ago