Changes in the EU digital health and data protection in 2015

2015 came to an end and we at Chino.io are curious to see what 2016 will bring for digital healthcare in the EU. Last year a lot of things happened in this area and we would like to highlight the most important ones.
Changes in the EU digital health and data protection in 2015

2015 came to an end and we at Chino.io are curious to see what 2016 will bring for digital healthcare in the EU. Last year many things happened in this area and we would like to highlight the most important ones.

First of all, the EU General Data Protection Regulation has been finally approved. More than 90% of all Europeans said that they would like the same data protection right in the EU. Now their dream is coming true. The GDPR will be adopted in the next few days and every organization will need to comply with it by 2018. It will replace the European Data Protection Directive of 1995 and will finally introduce one single law for all 28 EU Member States, changing the digital health market and its security.

Secondly, “Safe Harbor” agreement was canceled with the decision of the European Court of Justice. Before being canceled, the agreement promised to protect EU citizens’ data (including their health data) if they were transferred to companies located in the USA. This agreement was necessary because EU privacy laws forbid the transfer of such data outside of the EU. An exception could be done only in case if the transfer is done to a location with privacy protection in line with the European. And now this is not possible anymore.

The Ultimate Guide on GDPR and HIPAA compliance

Download our Free Ebook now

Speaking about the security of eHealth data, we would like to mention also the new Network and Information Security (NIS) Directive. This Directive has been recently approved and aims to make EU eHealth services more secure. It rules that healthcare providers have to take necessary security measures and notify national authorities about serious cyber incidents. National authorities, in turn, will be able to impose sanctions on companies that fail to adopt the necessary measures.

A lot of changes also took place in the narrow mHealth field, targeting mobile apps specifically. EU Commission in 2015 was continuously working on this issue, publishing related documents such as its Opinion titled “Mobile Health. Reconciling technological innovation with data protection”. This Opinion looks closely at the types of data processed in the mHealth context and the design of mHealth apps.

The EU security advisory body ENISA is also working on the security of eHealth systems in each EU Member State. Last year, ENISA published a report on each country's status in this field. Finally, at the national level, the Member States themselves have started analyzing the possibility of regulating mHealth, as it did in Italy.

The results of these digital health landscape changes we will see only 2016. As a health data security company, we look forward to seeing how the situation in the EU will evolve. We are staying up to date and ready to secure your health data according to all the new rules!

Talk to an expert