The European Commission has actively promoted the importance of mHealth following their 2014 consultation. One of the initiatives to emerge from the Commission has been the Privacy Code of Conduct for mHealth apps. The Code was drafted by a working group set up in January this year and the final draft was published on 7th June and submitted to the Article 29 Working Party for their consideration and approval. If and when it receives the Working Party’s approval it could then be relied upon by app developers wishing to demonstrate a good standard of data protection compliance. The Code is an example of the type of initiative that is increasingly likely to develop under the forthcoming EU General Data Protection Regulation.
The EU General Data Protection Regulation has been called the most lobbied piece of legislation in the history of the EU. Before Christmas last year, what is likely to be the final text of the GDPR emerged from the EU trilogue negotiations. Victoria Hordern, Senior Associate at Hogan Lovells, explores what the new GDPR will mean for those collecting and handling health data, and examines a number of the provisions and themes that impact the use of health data.
Federal health IT leaders emphasized interoperability and computable privacy during the two-day Annual Meeting of the U.S. Office of the National Coordinator for Health Information Technology, which took place on February 2 and 3. Over 1,200 participants representing viewpoints across the healthcare spectrum attended the meeting in Washington, D.C. The meeting built on momentum from last week’s release of ONC’s draft Nationwide Interoperability Roadmap, as well as several high-profile announcements reinforcing the Obama Administration’s commitment to interoperability and privacy.
On April 26, the Supreme Court heard oral arguments in Sorrell v. IMS Health – the first case heard by the Court that considers the limitations that a state may put on mining health data for commercial purposes. Specifically, this case raises the issue of how the government regulation of data mining practices impacts both the privacy rights of individuals and the speech rights of companies – both data mining companies and their customers.
With the compliance date for the federal health data breach notifications in the HITECH Act looming, more states are amending their data breach notification statutes to cover health information. The possible trend is evident in the newly-enacted laws of three states – Missouri, New Hampshire and Texas – all of which have been enacted since June 2009. […]