2015 came to an end and we at Chino.io are curious to see what 2016 will bring for digital healthcare in the EU. Last year a lot of things happened in this area and we would like to highlight the most important ones.
Privacy related changes
First of all, the EU General Data Protection Regulation has been finally approved. More than 90% of all Europeans said that they would like the same data protection right in the EU. Now their dream is coming true. The GDPR will be adopted in the next few days and every organization will need to comply with it by 2018. It will replace the European Data Protection Directive of 1995 and will finally introduce one single law for all 28 EU Member States, changing the digital health market and its security.
Secondly, “Safe Harbor” agreement was canceled with the decision of the European Court of Justice. Before being canceled, the agreement promised to protect EU citizens’ data (including their health data) if they were transferred to companies located in the USA. This agreement was necessary because EU privacy laws forbid the transfer of such data outside of the EU. An exception could be done only in case if the transfer is done to a location with privacy protection in line with the European. And now this is not possible anymore.
The Ultimate Guide on GDPR and HIPAA compliance
Cybersecurity related changes
Speaking about the security of eHealth data, we would like to mention also the new Network and Information Security (NIS) Directive. This Directive has been recently approved and aims at making EU eHealth services more secure. It rules that healthcare providers have to take necessary security measures and notify national authority about serious cyber incidents. National authorities, in turn, will be able to impose sanctions on companies which fail to adopt needed measures.
A lot of changes took place also in the narrow mHealth field targeting specifically mobile apps. EU Commission in 2015 was continuously working on this issue, publishing related documents such as its Opinion titled “Mobile Health. Reconciling technological innovation with data protection”. This Opinion looks closely at types of data processed in the mHealth context and design of mHealth apps.
The EU security advisory body ENISA is also working on the security of eHealth systems in each EU Member State. Last year ENISA published a report on each country status in this field. Finally, at the national level, the Member States themselves have started analyzing the possibility of regulating mHealth, as it happened in case of Italy.
The results of these digital health landscape changes we will see only 2016. As a health data security company, we are looking forward to seeing how the situation in the EU will evolve. We are staying up to date and ready to secure your health data according to all the new rules!
You can already start securing your business now - click here to check how to store your health data in compliance with the EU law.