The final Law Update of 2022 is here, and it’s packed full of articles. The double edition features two focus areas, first is a spotlight on Energy and Resources and second we feature a collection of articles on Transport and Logistics. The developments occurring in these sectors in the MENA region are unprecedented and our lawyers cover vast themes for you.
The Energy and Resources focus features topics such as diversifying energy resources, solar PV, mining in the Middle East, renewable energy and green hydrogen. From a transport perspective, we draw attention to the Bahrain metro project, discuss the challenges and remedies associated with the repossession of an aircraft, and there is advice on what to consider should a party vary the terms of a shipping contract.
This edition navigates you through updates from across jurisdictions such as, Oman, Jordan, Saudi Arabia, Egypt, Iraq, Qatar, and the UAE. Each article is timely and provides insights into legal issues and cases that are affecting these sectors across the region.Read the full edition
This illustration is inspired by the original photograph of Lunch atop a Skyscraper.
Federal Law No.2 of 2019 on the use of information and communications technology (‘ICT’) in health fields in the UAE (‘ICT Health Law’) introduced national regulations to allow the Ministry of Health and Prevention (‘MOHAP’) to collect and analyse health data at a state level in the UAE.
One of the most impactful provisions of the ICT Health Law was that it mandated that health information and data related to services provided in the UAE could only be processed, generated, or transferred outside of the UAE in cases prescribed by virtue of a decision issued by a local Emirate health authority, in coordinaton with MOHAP.
This restriction on the movement of health data was problematic for health care providers whose services involve the movement of health data across borders. This was particularly impactful given that, for a period of nearly two years, there were no formal decisions by the regulators permitting the transfers outside of the UAE.
MOHAP has since addressed the situation. In April of 2021, Ministerial Resolution concerning Federal Law No.2 of 2019 on the use of Information and Communication Technology in Health Fields and Executive Regulation (‘Resolution’) introduced several clarifications and exceptions to the data localisation restriction in ICT Health Law.
The Resolution defines the phrase “health services provided within the [UAE]” as “any health work or procedure carried out by a health facility operating within the [UAE], whether it is within the scope of diagnosis, prevention, treatment, rehabilitation or health monitoring.”
Generally, the default position remains that health information and data may not be stored or transferred outside of the UAE. However, the Resolution expressly provides for 10 circumstances wherein the transfer of health information and data outside of the UAE may be permissible.
Those 10 exemptions are as follows:
In addition, the Resolution states that certain conditions must be fulfilled in order to render the aforementioned cases listed in exemptions 1, 2, 5 and 7 above fully permissible.
Those conditions are as follows:
In addition to these controls, a copy of the relevant health information and data must be kept and stored inside the UAE, as well as documentation of consent for the transfer or storage outside of the UAE for the exemptions in clauses 5, 7, 8 and 10 above.
The health data and information listed in exemptions 3 and 5 are subject to the following controls:
Exemption 3 maintains an additional control requiring that the sharing of data and information must be made for the purpose of scientific research only, and not be used for purposes other than the research being carried out.
Health data and information transferred under exemption 4 are subject to the following controls:
A patient who comes to the UAE on a visitor visa may transfer their health data and information outside of the UAE at their request or for the purpose of fulfilling the health insurance requirements.
While the Resolution provides welcome guidance on when health data may be transferred outside of the UAE, the exemptions remain limited and subject to particular controls. Accordingly, any business that wishes to rely on any of the exceptions must ensure proper comprehension and compliance with the exception and its conditions.