Team Karm, was proud to advise and represent our start-up client that built the 'Hayat' app. The Hayat app will use blockchain technology to create a database, allowing both nationals and expatriates to express their wish to donate organs after their death, by registering for the programme. His Highness Shaikh Mohammad Bin Rashid Al Maktoum, Vice-President and Prime Minister of the UAE and Ruler of Dubai, launched the ‘Hayat’ registry at the Ministry of Health and Prevention (MoHP) pavilion of the Arab Health forum on January 30, 2019.
Team Karm also advised another HealthTech solution targeted towards creating repository of medical records. In this month’s Newsletter we bring to you, a brief outline of the scope and ambit of the major federal laws and regulations in force for HealthTech sector; and data protection laws applicable to the healthcare sector, as they currently stand in UAE.
PART 1 of the Newsletter discusses the regulations on Organ Transplant and PART 2 of the Newsletter discusses the extant data protection laws applicable to the healthcare sector at the Federal, Emirate and Freezone level.
[Note:-The licensing regime for HeathTech sector is beyond the scope of this Newsletter. Please feel free to reach out to our team members for more information.]
LAWS AND REGULATIONS IN FORCE FOR HEALTHTECH SECTOR
As a precursor, a Healthtech solution intending to launch in UAE, requires an appropriate license to be able to set-up. At the same time, depending upon the nature of activities, the license holder shall also have to take cognizance of the applicable healthcare laws. Some of them are outlined below:
DATA PROTECTION LAWS APPLICABLE TO HEALTHCARE SECTOR
Emirate of Abu Dhabi
Health Authority of Abu Dhabi ("HAAD") Data Standards and Procedures, of January 2008, as revised by the April 2014 version outlines the policies and procedures which must be followed when handling Confidential Health Information ("CHI") focusing on four areas: the necessary and authorised access to CHI; the unauthorised access to CHI; the storage of CHI; and the transmission of CHI. It further provides regulations relating to health insurance fraud. The HAAD has created a Data Standards Panel whose role is to "review and recommend to HAAD changes and additions to electronic data exchange standards, such as transactions, codes and business rules".
Emirate of Dubai
Dubai Health Authority (DHA) has issued a code of conduct for healthcare professionals licensed to practice under the jurisdiction of DHA. As per Clause 7 of the code, all healthcare professionals are required to keep patient’s records confidential, and use the information obtained in the course of the professional practice only for the purposes for which it was given, or where it is otherwise lawful. The licensed professionals are also required to ensure that there is no disclosure of any patient information without consent, except where it is required or permitted by law or if it is required to protect your patient or others from harm. The professionals are also required to ensure at all times that there is no unauthorized access use or accidental disclosure of patient’s information.
Dubai Healthcare City (DHCC)
DHCC is the only healthcare freezone to have a dedicated data protection regulation. The regulation applies to all licensees who manage the patient health information. The patient health information includes (a) information about the health of a Patient, including his medical history; (b) information about any disabilities that Patient has, or has had; (c) information about any healthcare services that are being provided, or have been provided, to that patient; (d) information provided by that Patient in connection with the donation, by that Patient, of any body part or any bodily substance of that Patient, or derived from the testing or examination of any body part, or any bodily substance of that Patient; or (e) information about that Patient which is collected before, or in the course of, and incidental to, the provision of any Healthcare Service to that Patient.
There are myriad of laws governing the Healthcare sector in UAE. In our experience the authorities have been extremely supportive of innovative HealthTech solutions and we are looking forward to working with more ideas and solutions in this space soon.
To stay updated,
subscribe to our newsletter