Presented at The Seventh National Conference on Medical Informatics and The Annual Meeting of the Thai Medical Informatics Association) (TMI-NCMedInfo 2018), Bangkok, Thailand on November 23, 2018
Presented at The Seventh National Conference on Medical Informatics and The Annual Meeting of the Thai Medical Informatics Association) (TMI-NCMedInfo 2018), Bangkok, Thailand on November 23, 2018
56. 56
Source: WHO, Legal frameworks for eHealth: based on the findings of
the second global survey on eHealth (2012).
57. Google DeepMind patient data deal with UK health service
A data sharing deal between Google's DeepMind and the
U.K.'s National Health Service "failed to comply with data
protection law", the U.K.'s Information Commissioner's Office
(ICO) said.
DeepMind — which Google acquired in 2014 — struck a deal
in 2015 with the Royal Free NHS Foundation Trust which runs a
number of hospitals in Britain. The Google company got
access to a wide range of health information from 1.6 million
patients, according to the full agreement which was revealed
by New Scientist in April 2016.
The deal between the two parties was aimed at developing a
new app called Streams that helped monitor patients with
acute kidney disease.
https://www.cnbc.com/2017/07/03/google-deepmind-nhs-
deal-health-data-illegal-ico-says.html
65. General Data Protection Regulation (2016), Article 9
Processing of special categories of personal data
1. Processing of personal data revealing racial or ethnic
origin, political opinions, religious or philosophical beliefs, or
trade union membership, and the processing of genetic data,
biometric data for the purpose of uniquely identifying a natural
person, data concerning health or data concerning a natural
person's sex life or sexual orientation shall be prohibited.
2.Paragraph 1 shall not apply if one of the following applies:
(h) processing is necessary for the purposes of preventive or
occupational medicine, for the assessment of the working
capacity of the employee, medical diagnosis, the provision of
health or social care or treatment or the management of health
or social care systems and services on the basis of Union or
Member State law or pursuant to contract with a health
professional and subject to the conditions and safeguards
referred to in paragraph 3;
65
66. General Data Protection Regulation (2016), Article 9
Processing of special categories of personal data
2.Paragraph 1 shall not apply if one of the following applies:
…
(i) processing is necessary for reasons of public interest in the
area of public health, such as protecting against serious cross-
border threats to health or ensuring high standards of quality and
safety of health care and of medicinal products or medical devices,
on the basis of Union or Member State law which provides for
suitable and specific measures to safeguard the rights and
freedoms of the data subject, in particular professional secrecy;
4.Member States may maintain or introduce further conditions,
including limitations, with regard to the processing of genetic data,
biometric data or data concerning health.
66