Data Protection Compliance in the Age of Digital Health

Advances in technology are transforming the way that health data is collected and used. This includes improvements in existing technology as well as innovations in mobile technology such as smartphone apps and wearables. Health data is strictly regulated under the EU Data Protection Directive 95/46/EC. Under current data protection rules, health data is broadly interpreted and will, in most circumstances not connected to the provision of healthcare, require organisations to obtain explicit consent from individuals for its collection and use. Further data protection compliance issues arise such as identifying who is a controller, ensuring transparency, using health data for research purposes and keeping health data secure. As the EU data protection landscape is due to change in the next few years and will affect the collection and use of health data, the forthcoming Data Protection Regulation also deserves attention.