It’s hard to think of information that feels more personal than data about our own health. Yet we’re generating and monitoring more health data now than ever before. From specific technology designed to help manage certain medical conditions to home monitoring tools, there are more and more digital options to help manage patient health.
The benefits are increasingly clear. Remote patient monitoring and teleconsultations have already helped to maintain a high standard of patient care during the COVID-19 pandemic. Hospitals and general practitioners regularly share electronic health records to help healthcare professionals get comprehensive insight into a patient’s overall health condition and thus ensure more efficient treatment between disciplines.
Patients are increasingly taking advantage of the opportunity to keep a closer eye on their own health. Statistics show that the number of wearable devices and digital health tools has increased in Europe over the last years.
So, how do we know this data is safe?
I believe innovation and data protection can mutually reinforce each other – and digital innovation need not come at the expense of data protection and privacy. As a lawyer specialising in IT law and working in medtech, data protection laws are a key focus. Working with my team at a global medical device manufacturer, I have a bird’s eye view of the various regulations that apply in virtually every part of the world.
We also work on ways we can better use data to create value for healthcare professionals and empower patients in managing their health in an increasingly connected world.
Data security is one of the top priorities in the development of healthcare innovations within my company and requirements are constantly evolving with advancing technology and digitalization, particularly when we consider cloud services and connected health applications. This results in a continuous need for review and adjustment, and independent audits to ensure we’re keeping up with ever-changing standards and requirements.
The medical technology industry recognizes the General Data Protection Regulation (GDPR) as an essential step for the better protection of citizens’ personal data. GDPR compliance must be a tool for achieving a greater quality of healthcare and striking a balance between protecting privacy and advancing innovation in health and medical technologies.
Data Protection by design
Data protection law offers a wide range of standards for how data should be processed in a digital world. This is exactly where we see an essential role for data protection teams that can support new projects or health applications early on in product development. That way, we can make sure data protection parameters are clear to everyone involved right from the get-go.
Data protection should not be an add-on or afterthought but rather built right into the initial concept for a new product or application. This is what’s meant by the GDPR’s ‘Data Protection by Design’ Principle.
As more places around the world are taking inspiration from GDPR for their own data protection laws, we are seeing the Regulation emerge as a global standard of the future. If we get this right, there is enormous potential to unlock the benefits of health data in a way that improves patient outcomes and health system efficiency, while protecting privacy and data security.