Our first edition of 2022 focuses on Healthcare and Life Sciences. It is a sector that will once again have the spotlight on it this year as we continue to tackle COVID-19 and its subsequent variants. While the pandemic continues to challenge the sector, governments across the region forge ahead with their plans to expand and upgrade healthcare systems and develop robust world-class healthcare infrastructure.
For the region, healthcare is a vital pillar in diversifying its economies, both locally and as medical tourism hubs. To underpin this, healthcare authorities across the region continue to implement frameworks and regulations that provide structure and accountability.
In this edition, you have unique access to great insights and expert commentary on a number of pertinent healthcare regulatory developments. You will find a topical mix of articles; for example, our lawyers discuss vaccines and returning to work during the pandemic. They take you through several other areas, including stem cell research in Bahrain, clinical research laws in Egypt, and Saudi medical device and pharmaceutical laws.Take a read of the edition
The Department of Health Abu Dhabi (‘DOH’) issued a new policy on patient healthcare data privacy in September 2020 (‘Data Privacy Standard’). The Data Privacy Standard addresses identifiable patient health information, also called protected health information (‘PHI’), setting the minimum data protection requirements including:
The standard applies to all categories of healthcare entities regulated by the DOH in the Emirate of Abu Dhabi as well as healthcare professionals, insurance providers, service providers, vendors, brokers and third-party administrators who have access to and are processing or storing PHI related to Abu Dhabi patients.
In line with the federal ICT Health Law (please see our article entitled ‘The Federal Law regulating the Use of Information and Communication Technology in the UAE Healthcare Sector‘ for further information), it remains that no entity is permitted to store, develop, or transfer PHI outside the United Arab Emirates that is related to health services provided within Abu Dhabi, except in cases where an exception to do so is issued by the DOH in coordination with the Ministry of Health and Prevention.
The DOH requires that the entities to which this standard applies perform a privacy risk assessment to understand and implement the controls as appropriate, including for situations where the patient is receiving treatment via telemedicine, remote care and for medical tourism. Further, DOH expects that such entities will execute periodic privacy compliance programs and perform compliance audits to evaluate the effectiveness of the implemented privacy program.
Al Tamimi & Company’s Healthcare sector and Technology, Media, and Telecommunications Department regularly advises on data privacy matters in the UAE as well as assists client to carry out risk assessments. For further information, please contact firstname.lastname@example.org.