Legislation that would amend California’s Confidentiality of Medical Information Act (“CMIA”) is working its way through California’s Senate and passed in the Senate Health Committee earlier this week.  The proposed bill passed in the state’s Assembly back in April.  Introduced by Democratic California Assemblymember Edwin Chau, who sits on the Privacy and Consumer Protection Committee, the proposed legislation (AB 1436) expands the definition of “provider of health care.”  Under the CMIA, providers of health care are subject to various obligations, including provisions that restrict the disclosure of medical information without a prior valid authorization, subject to certain exceptions.
Continue Reading Proposed Bill Would Expand the Scope of the CMIA

On May 3, 2021, the European Commission (the “Commission”) opened a further public consultation (“Consultation”) on the European Health Data Space (“EHDS”).

This follows a consultation earlier in the year, on the Commission’s “Inception Impact Assessment” in relation to the EHDS.  (For further information on the earlier consultation and an overview of the EHDS, please see our blog post available here).


Continue Reading European Commission Conducts Further Consultation on the European Health Data Space Initiative

On February 9, 2021, the UK Government’s Department for Health and Social Care (“DHSC”) announced a review into the efficient and safe use of health data for research and analysis for the benefit of patients in the health sector (“Review”). The DHSC encourages stakeholder feedback in the context of the Review, and will be of particular interest to organisations that have, or seek to have, access to NHS patient data for research purposes.

Continue Reading UK Government Announces Review Into Use Of Health Data For Research And Analysis

On December 23, 2020, the European Commission (the “Commission”) published its inception impact assessment (“Inception Impact Assessment”) of policy options for establishing a European Health Data Space (“EHDS”).  The Inception Impact Assessment is open for consultation until February 3, 2021, encouraging “citizens and stakeholders” to “provide views on the Commission’s understanding of the current situation, problem and possible solutions”.

Continue Reading European Commission Conducts Open Consultation on the European Health Data Space Initiative

On 18 January 2021, the UK Parliamentary Office of Science and Technology (“POST”)* published its AI and Healthcare Research Briefing about the use of artificial intelligence (“AI”) in the UK healthcare system (the “Briefing”).  The Briefing considers the potential impacts of AI on the cost and quality of healthcare, and the challenges posed by the wider adoption of AI, including safety, privacy and health inequalities.

The Briefing summarises the different possible applications of AI in healthcare settings, which raises unique considerations for healthcare providers.  It notes that AI, developed through machine learning algorithms, is not yet widely used within the NHS, but some AI products are at various stages of trial and evaluation.  The areas of healthcare identified by the Briefing as having the potential for AI to be incorporated include (among others): interpretation of medical imaging, planning patients’ treatment, and patient-facing applications such as voice assistants, smartphone apps and wearable devices.


Continue Reading AI Update: UK Parliament Research Briefing on AI in the UK Healthcare System

On January 6, 2021 the UK’s Department of Health and Social Care (“DHSC”)  published “A Guide to Good Practice for Digital and Data-Driven Health Technologies” (the “Guidance”).  The Guidance updates the DHSC’s “Code of Conduct for Data-Driven Health and Care Technologies” (the “Code”) (for further information on the Code see our earlier blog, here).

As with the Code, the Guidance is a valuable resource to help parties understand what the National Health Service (“NHS”) looks for when acquiring digital and data-driven technologies for use in health and care.


Continue Reading UK’s Department of Health and Social Care Publishes Updated Guidance on Good Practice for Digital and Data-Driven Health Technologies

California Attorney General Xavier Becerra (“AG”) announced in September a settlement against Glow, Inc., resolving allegations that the fertility app had “expose[d] millions of women’s personal and medical information.”  In the complaint, the AG alleged violations of certain state consumer protection and privacy laws, stemming from privacy and security “failures” in Glow’s mobile application

In this edition of our regular roundup on legislative initiatives related to artificial intelligence (AI), cybersecurity, the Internet of Things (IoT), and connected and autonomous vehicles (CAVs), we focus on key developments in the European Union (EU).

Continue Reading AI, IoT, and CAV Legislative Update: EU Spotlight (Third Quarter 2020)

On September 2, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) announced a new “Health Apps” feature on the HHS.gov website.  The new website, which replaces the OCR’s Health App Developer Portal, highlights existing guidance for mobile health (“mHealth”) apps regarding the Health Insurance Portability and Accountability Act

On July 28, 2020, FDA announced the publication of a final guidance on Multiple Function Device Products: Policy and Considerations that outlines FDA’s evolving approach to the regulation of multiple function device products, including software.

The concept of “multiple function” products was introduced by the 21st Century Cures Act (“Cures Act”) of 2016, which