Our knowledge, experience, and expertise are now available on the go.
My Tamimi App, a convenient new tool for anyone with an interest in the legal sector, from law students to General Counsel.Find out more
The United Arab Emirates has issued Federal Law No. 2 of 2019, Concerning the Use of the Information and Communication Technology in the Area of Health (“ICT Health Law”). The ICT Health Law applies to all methods and uses of information and communication technology (“ICT”) in the UAE healthcare sector, including in free zones, and comes into force in May 2019.
Under the law, the Ministry of Health & Prevention (“Ministry”) sets out to establish a central electronic health data and information exchange (“HIE”), to facilitate confidential access, collection and exchange of health data and information within the UAE. The local emirate health authorities are empowered to establish the rules, standards and controls for their own electronic data and health information systems, such as the methods of operation, exchange of data and information and their protection, as well as access to and copying of data and information. However, the health authorities in the UAE must join the central HIE, in accordance with the regulations and procedures that are to be specified in the subsequent executive regulations. The executive regulations are to be issued within six months of the publication of this law.
The Ministry, in coordination with the local emirate health authorities, is to develop and implement a national strategic plan concerning the use of ICT in healthcare, as well as setting mandatory procedures for using ICT. One of the goals is to ensure compatibility and interoperability between information systems to procure valid, credible, and accessible health data and information. The executive regulation will further set out the conditions and controls of storing health data and information within the UAE.
The ICT Health Law expressly prohibits handling, transferring or storing of medical records and health information outside the UAE, except where a resolution is passed by the relevant authorities. This may pose a problem for UAE healthcare facilities that have relationships with foreign vendors.
Further, health information and data must be maintained through ICT for a period of 25 years from the last healthcare interaction of the concerned patient; the executive regulations are set to elaborate upon this obligation.
Healthcare providers, health insurers and insurance related services, medical device and pharmaceutical companies, and healthcare technology companies, amongst others, should audit their current practice for compliance with the ICT Health Law.
Should you require any advice concerning the use of Information and Communication Technology in the healthcare sector, we would be happy to assist. In a forthcoming Law Update article, we will expand upon this development.
Disclaimer: This chat service should not be relied upon as a substitute for professional advice which takes account of your specific circumstances and any changes in the law and practice. No warranty is made as to the accuracy or completeness of the information provided via this service and no liability is accepted by Al Tamimi & Company Limited, its affiliates, partners or employees for any loss arising as a result of reliance upon the information provided.
Kindly accept the disclaimer to proceed to a live chat.
Thank you for your inquiry. We will connect you to one of our agents now.
Thank you for your interest in working with Al Tamimi & Company. Please click here to view our latest job openings.