Designing data-driven products and services in compliance with privacy requirements can be a challenging process. Technological innovation enables novel uses of personal data, and companies designing new data-driven products must navigate new, untested, and sometimes unclear requirements of privacy laws, including the General Data Protection Regulation (GDPR). These challenges are often particularly acute for companies … Continue Reading
On 5 September, in response to the opportunities presented by data-driven innovations, apps, clinician decision support tools, electronic health care records and advances in technology such as artificial intelligence, the UK Government published a draft “Initial code of conduct for data-driven health and care technology” (Code) for consultation. The Code is designed to be supplementary … Continue Reading
Digital health solution providers, and users of digital health services, should take note of three recently launched EU public consultations in the digital health space, and may wish to make submissions to help shape the future of digital health initiatives in the EU. The earliest deadline for submissions is 16 August 2017. EU Commission Transformation … Continue Reading
The UK Information Commissioner’s Office (“ICO”), which enforces data protection legislation in the UK, has ruled that the NHS Royal Free Foundation Trust (“Royal Free”), which manages a London hospital, failed to comply with the UK Data Protection Act 1998 in providing 1.6 million patient records to Google DeepMind (“DeepMind”), requiring the Royal Free to sign an … Continue Reading
On May 11, 2017, the European Cloud in Health Advisory Council (ECHAC) – a group of healthcare organizations, technology companies and patient representatives – launched its second whitepaper focused on use of data to improve health outcomes and delivery of care. ECHAC launched the whitepaper at an eHealth Week 2017 session attended by ECHAC participants and … Continue Reading
The UK Government has opened a consultation, running until September 7, 2016, regarding how UK National Health Service (NHS) patient data should be safeguarded, and how it could be used for purposes other than direct care (e.g. scientific research). The consultation comes after two parallel-track reviews of information governance and data security arrangements in the … Continue Reading
Earlier today, on the InsidePrivacy blog, our colleagues Mark Young and Phil Bradley-Schmieg posted a summary of the UK government’s announcement of a new national service providing expert cybersecurity advice to entities within the National Health Service (NHS) and the UK’s broader healthcare system. The project, called CareCERT (Care Computing Emergency Response Team), is aiming for a … Continue Reading
May 2015 saw a number of developments in the EU mHealth sector worthy of a brief mention. The European Commission announced that it would work on new guidance for mHealth apps, despite the European Data Protection Supervisor and British Standards Institution publishing their own just weeks earlier. In parallel, the French data protection authority announced … Continue Reading
