The Chino.io Blog

Artificial Intelligence

The AI Act is approved. All you need to know to get it done from day 0

The AI Act is not in force yet. On 14 June 2023, the Members of the EU Parliament adopted Parliament's negotiating position on the AI Act.

GDPR Compliance

Can I use Google Cloud now? The new EU-US Adequacy Decision on data transfers

Since July 10th you can start again using US service providers like AWS, Google Cloud, and Azure, without any trouble (and additional safeguards). This is thanks to the new Adequacy Decision approved by the EU Commission for the United States.

DTx Featured

Can you get your DTx covered by US Public Insurance?

With the Access Prescription Digital Therapeutics Act, we may witness a change that promises to transform healthcare delivery with benefits for both digital health companies and millions of American citizens.

DTx

DTx: the PECAN French reimbursement scheme is approved.

France has introduced a fast-track market access pathway for DTx and digital health products, adding to similar schemes in neighboring EU countries Germany (DVG for DiGA) and Belgium.

Health Data Security

3 ways to use sensitive data for product improvement in B2B digital health

In this blog article, we will go through this topic from the POV of a digital health startup and try to give you a better understanding of when you should ask for consent and why.

GDPR Basics

Is it a good idea to have an internal DPO?

If you are running a project dealing with personal or sensitive, you may already have heard at least once those three letters: DPO.

GDPR Compliance

What does the ban on ChatGPT mean for AI startups in Europe?

Italy’s data protection authority has ordered OpenAI to stop processing people’s data locally with immediate effect. The Italy DPA claims that ChatGPT is breaching the GDPR due to unlawful data processing.

Anonymization

Is data anonymous when we remove the personal identifiers?

Sharing data for the purposes of data analysis can have huge benefits. The question is how to do so in a way that protects privacy.

GDPR Compliance

Do we avoid GDPR when we leave the data on the device?

Many digital health companies, afraid of the costs and timeline of a proper GDPR implementation, opt for a strategy to store personal and sensitive data inside the devices, hoping to circumvent the regulation.

Compliance

Can you use AWS/Azure/Google Cloud in digital health in the EU in 2023?

After the invalidation of the previous adequacy decision on the EU-US Privacy Shield, the US is still considered TODAY a Third country without an Adequacy Decision according to GDPR.

Compliance

“My users put personal data into my app, even though I tell them not to”

What happens when a user puts personal data in a free text field even though we tell them not to? How do we deal with this case?

Artificial Intelligence

ChatGPT: can (should) it handle sensitive data?

Although the tool can boost AI innovation, it is crucial to keep in mind that there are still some “grey areas” on the data protection and privacy side. We will focus our assessment on the GDPR.

Artificial Intelligence

Artificial Intelligence Act: How can Digital Health startups get ready

The EU is preparing the world’s first proposal for regulating AI. This new regulation will likely become a global gold standard and a blueprint for other nations outside the EU.

Artificial Intelligence

How to prepare yourself for the Artificial Intelligence wave in Digital Health - Pt.1

Privacy can limit the amount of available data in healthcare. Sometimes, It seems like it is not possible to benefit from the AI advantages while keeping intact and safe patients’ data.

GDPR Basics

It’s never too late to tackle GDPR. 6 steps for innovative companies to remediate compliance.

It’s never too late to tackle GDPR and transform it into a unique opportunity to gain trust, build solid relationships with your customers and partners and grow better.

EU-project

Long COVID: identify the mechanisms behind the syndrome.

The EU project will conduct research dedicated to identifying and understanding these mechanisms and will simultaneously develop suitable treatment methods for patients based on the findings.

Compliance

GDPR: What fast-growing B2B startups got right to close A-deals

How can you stand apart? Startups need to get GDPR done right in order to achieve their business goals and start selling.

GDPR Compliance

5 ways to sell better with data privacy and security compliance

Providing proof of your expertise and compliance readiness will strengthen your reputation and position your brand as a trustworthy partner. If you don’t have your compliance set up right… Well, you may have some trouble closing deals and meeting investors’ expectations!

Data Breaches

Security problems found in two DiGAs. What you can do to avoid them.

The hacker collective discovered massive security gaps in two approved DIGAs. Learn how to avoid security issues in your digital health app.

DTx Featured

Digital Therapeutics (DTx): how to get reimbursed in the EU, UK and the US. An overview of the existing regulatory frameworks.

DTx reimbursement policies are fragmented and defined at a national level. Learn how to solve data protection and security compliance challenges to get reimbursed in the EU, UK, and the US.

Case Study Featured

From zero to market: how to build and launch a compliant digital health app in 1 year

Compliance-by-design is a key factor when developing a digital health solution. We interviewed Ravid Israel, founder and CEO of Embie. A case study to understand the importance of GDPR and privacy compliance for digital health projects.

Data Protection

Beyond Google Analytics: What the Austrian DPA decision means to you

The Austrian DPA declared that websites using Google Analytics are breaching GDPR due to personal data transfers to the US company. The impacts go well beyond Google Analytics though. Find out what you can do to address this.

Data Protection

Securing your business: the Chino.io DPOaaS service

A data protection officer is your on-call expert for GDPR. If you handle lots of sensitive data, you need one. Outsource your DPO needs to us

GDPR Basics

GDPR basics: DPOs explained for digital health companies

Many digital health companies struggle to understand GDPR. In this series, we explain some important concepts and give examples. We start with the role of data protection officer.

DVG

DVG and US cloud providers: the latest updates

The ECJ Schrems II judgement had a big impact on DiGA developers. Since then, they have been seeking clarity on exactly what is and isn’t allowed. Here, we shed some light on the latest updates from both BfArM and the EDPB.