As healthcare providers adopt remote work technologies such as telemedicine, data privacy has become even more vital, says Marwan Abdulaziz Janahi, Managing Director of Dubai Science Park and Chairing Member of the Pharmaceuticals and Medical Equipment Taskforce of the Dubai Industrial Strategy 2030.
The Internet of Medical Things (IoMT) and big data has empowered the adoption of digital technologies as medical service providers swiftly leverage these services with the fight to combat COVID-19 far from over. Companies in Dubai Science Park – many of whom are supplying local and regional markets with products and services to tackle the virus – are part of this change. Moreover, there have many accomplishments in the field of healthcare technology, particularly in terms of legislation, which has supported the privacy of medical data.
Medical staff are the frontline fighters of the disease, but are there measures that can be taken remotely to reduce contact with patients?
We are witnessing a major shift in the healthcare sector as the adoption of IoMT brings forward medical devices and equipment connected to the internet. This has moved us into an era of continuous healthcare enabling real-time monitoring of medical data.
Wearable medical technology allows us to collect biomedical data to detect and predict the development of various conditions, with the patient's data sent automatically to a doctor. It opens up new horizons to monitor the health of individuals and wider groups, helping healthcare providers understand micro and macro trends, hidden patterns and other useful information.
Practitioners and researchers in pathology and medicine specialising in healthcare services need reliable data drawn from a trustworthy source to build research on sound scientific foundations. This requires secure electronic systems to exchange and store data, otherwise patient information may be hacked, modified or deleted.
What’s the importance of data in the healthcare sector?
The importance of data protection laws stems from the importance of data itself, since it has become the most significant commodity in the world. Our dependence on data is increasing every day. For example, the volume of healthcare data grows 48% annually, from 153 exabytes (one exabyte equals one billion gigabytes) in 2013, to around 23,314 exabytes in 2020, according to a report issued by Stanford University School of Medicine.
What about preserving data privacy?
There are obstacles related to privacy and data ownership. Today, everyone is concerned about protecting their privacy with a huge amount of personal information and data stored electronically. The quality of healthcare data makes it a target for hackers, as medical records contain information cyber criminals can exploit, such as credit card details, emails, and medical history. Hackers use this information to commit fraud, phishing attacks and identity theft.
What are healthcare providers doing in this regard?
There are many questions about what healthcare providers are doing to protect medical information, and what framework they follow. Going back to 1996 when the Health Insurance Portability and Accountability Act (HIPAA) was issued in the US, this act set the standard for protecting sensitive patient data by establishing standards for electronic exchange, privacy and security of medical information. Its importance stemmed from simplifying the handling of documents and sensitive information of patients and protecting the confidentiality of information during transactions between medical service providers, health insurance companies and other related parties.
Institutions and companies that use the personal data of EU citizens adhere to the General Data Protection Regulation (GDPR), which has been applied since 25 May 2018. According to this regulation, EU users have the right to see their personal information and data collected by the service they use, and to demand to have this information deleted.
What measures are taken to protect medical data in the UAE?
It’s prohibited in the UAE to store patient data in the government and semi-governmental sector in a cloud-based system outside the country, which protects against piracy and identify theft. The UAE has always ensured the protection of data and security.
The UAE issued laws that define e-crimes and their penalties, including Article 378 of the Penal Code of 1987, Federal Law No. (1) of 2006 regarding electronic transactions and e-commerce, Ministerial Decision No. (1) of 2008 regarding the issuance of the list of certification service providers, Federal Law No. (5) of 2012 on combating e-crimes, Federal Law No. (12) of 2016 amending the Decree of Federal Law No. (5) of 2012 regarding combating information technology crimes, and Law No. (26) of 2015 regarding the publication and exchange of data in the Emirate of Dubai.
Issued on February 6, 2019, the federal law No. (2) regarding the use of information and communications technology in healthcare is a strong impetus to improve the business environment that will encourage companies to enter the market. The law states explicitly to maintain the confidentiality of health data and information by not allowing its circulation in the circumstances other than those prescribed, and calls for the establishment of a central system to preserve, exchange and collect medical records, and to define the foundations, standards and controls of electronic systems.
The law specifies that it is not permissible to store, process, generate or transmit medical data outside the state, except for cases when a decision by the health authority is issued in coordination with the government.
Last January, the UAE witnessed a critical step when the Abu Dhabi Department of Health launched the innovative, first-of-its-kind health information system ‘Malaffi’ to exchange medical information in the emirate. Providing a central platform designed to facilitate the linkage of various elements within the sector in line with local and federal privacy laws, it aims to ensure the confidentiality and security of patient information.
Are there companies in DSP relevant to this?
We are working to develop this field. Our business partner inui Health is a Silicon Valley-based startup specialising in digital technologies that provides access to medical information anytime, anywhere. It selected Dubai as the first stop on its international expansion to meet growing demand for advanced healthcare technologies in the region, and to take advantage of the UAE’s position as a centre for creativity, innovation and global expansion.
Are there activities that you carry out in this context?
We organise workshops and discussion panels such as Advance Health that bring together key healthcare institutions in the UAE to discuss prominent topics such as health data. We recently moved our series of expert-led speaker sessions online to provide the same opportunities for knowledge sharing in a digital environment.
How does that contribute to building an innovation-based economy?
All these efforts are in the interest of the UAE Strategy for the Fourth Industrial Revolution – launched by the government in September 2017, which seeks to build a competitive national economy based on knowledge, innovation and future technological applications that integrate physical, digital and vital technologies.
We are confident that new laws will have a positive impact on the business environment that will help the UAE attract international healthcare companies, as well as increase the use of healthcare data, which is now a commodity that has additional legal protection in the UAE.