connected healthcare - connected to legality?
TRANSCRIPT
The Premier Wireless CommunityLegal SIG‘Connected healthcare – connected to legality?’
28th January 2016
Network • Learn • Grow
© 2016 Cambridge Wireless Network • Learn • Grow3 May 2023
‘Braci's multipurpose platform’Juma El-Awaisi,
Chief marketing officer, Braci
www.braci.co
2 About Braci
Help deaf and people with hearing lossSoftwareDetect sounds and alert the users
360MPeople
3 Problem
And many more..
According to World Health Organization
4 Facts
50M
10M
1.8M 530MIn 2031 44
%
Worldwide
360MNow
5 The Solution
Philips Hue Notifications
Vibration Activated
Flashlight Activated
Pebble Watch Notifications
6 Braci Features
Noise Cancellatio
nTechnology
Power consumptio
n < 7%
Works Offline
Long distance detection
35M
Up to +1000 Sounds
pre-Installed( Smoke
and Monoxide Alarms )
Approximately one-third of people over 65 years of age are affected by disabling hearing
loss
8 People with Hearing Aids
Going to bed
Taking a shower
They have to remove it
£ 1,600
NO
NO
YES
Bellman Puzzle Detect
£ 40
Braci
£ 640
9 Competitors
Price
Number of sounds
Wearable notifications
Installation Required
Max 5 Sounds
Max 5 Sounds +20 Sounds
International Emergency
NO
NO
YES
Yes
Yes
NO
10 Business Model
Revenue Stream
Strategy
Braci App
Other forms of
Notifications
Organizations Manufacturers
Licensing of the Algorithm
Individuals
11 Business Model
Deaf & Hard of Hearing People who
snore
Parents
Universities
Deaf CentersHotels
City Councils Car
Manufactures
Smartphone Manufacture
s
OtherManufacture
s
Cyclists
ManufacturersOrganizations Individuals
Finalize the patent
Expand Commercially
R&D
12 £ 450,000
£
Key Achievements13
IP Protection
Awards Working with
14 Legal
Claims Regulations IP Partnershi
p
Anwar Almojarkes
hCTO
AmrWanleyCreative Director
Juma El-awaisiSales and marketing Director
15 The Team
© 2016 Cambridge Wireless Network • Learn • Grow3 May 2023
‘Data protection issues in the context of wearables’
Ross McKeanHead of data protection practice
Olswang LLP
|
Connected Healthcare:data protection issues in the context of wearables
Ross McKean, Partner, Olswang LLP28 January 2016
Data protection issues in the context of wearables 21
|
Happy Data Protection Day!
3 May 2023Data protection issues in the context of wearables 22
| 3 May 2023Data protection issues in the context of wearables 23
• Why all the fuss about GDPR?• How does GDPR address health data?• Implications for wearables and connected health• Takeaways
Agenda
|
The small print
3 May 2023Data protection issues in the context of wearables 24
• The text of GDPR may change before its formal publication in the EU Official Journal this summer (though only minor formatting changes are expected). This presentation is based on the latest public version of the text available here.
• GDPR is the output of 4 years of intense lobbying and negotiation in Brussels and is full of vague text and derogations allowing Member States to “gold plate”. There is currently no guidance or jurisprudence considering the practical application of GDPR. Organisations processing health data should therefore keep a watching brief as best practice develops and guidance is issued – and monitor Member State laws which are passed or retained concerning health data.
|
What is GDPR?
3 May 2023Data protection issues in the context of wearables 25
• Europe’s new General Data Protection Regulation
• (Nearly) final text agreed in December following a marathon 4 year negotiation
• Expected to be published in the Official Journal in May / June this year and come into force in mid 2018 simultaneously in all 28 Member States
• Will replace the current Directive 95/46/EC and domestic laws implementing the Directive
• Completely changes the game for data governance
• 4% fines of annual worldwide revenue for failing to comply with new requirements
• Applies to more data (wider definition of personal data) and to more organisations (processors now caught + wider applicable law test)
• Enhanced rights for individuals• Tighter rules for valid consent• European-wide data breach notification
requirement• Extra paperwork• Extra compliance costs – including need
to appoint a DPO
|
How does GDPR address health data?
3 May 2023Data protection issues in the context of wearables 26
• New definitions of “genetic data”, “biometric data” and “data concerning health”.
• All treated as special categories of data subject to additional protections (Article 9).
• Member States retain the right to “gold plate” GDPR requirements for these data categories (Article 9(5).
• Controllers require lawful ground to process – broadly the same as under the Directive
Lawful grounds for processing (Article 9)
• with explicit consent; or• necessary for [providing medical care]; or• necessary for reasons of public interest in
the area of public health [e.g. protecting against epidemics]; or
• Necessary for … scientific and historical research purposes or statistical purposes based on law which shall be proportionate to the aim pursued, respect data protection rights and safeguard fundamental rights [the “scientific research” ground]
|
Implications for wearables and connected health
3 May 2023Data protection issues in the context of wearables 27
• Consenting challenges – consent is still the gold standard for lawful processing but there are challenges with wearables with smaller / no GUI and a higher standard for consent under GDPR. Contrast consent mechanic for clinical trial v. consenting on app download
• Purpose limitation challenges – much stricter proposals dropped. Further processing for scientific purposes is permitted so long as the framework for safeguards around scientific research is complied with. Significant “win” for scientific research community
New safeguards:
• Requirement for “data protection by design and by default” e.g. data minimisation and anonymisation.
• Mandatory data protection impact assessments for higher risk processing (limited exemptions)
More paperwork required:
• New rules for processing contract terms, policies and comprehensive record keeping.
New rights for individuals – though some exceptions where processing for scientific research
|
Takeaways
3 May 2023Data protection issues in the context of wearables 28
• GDPR has largely been welcomed by the scientific community, though partly on the basis that it could have been much worse
• Connected health use cases using wearables and mobile applications are still feasible under GDPR but with the scale of fines proposed, full compliance is a must
• This is a particular challenge for many of the smaller innovators in eHealth and mHealth who do not have the same resources as large pharma and healthcare providers
• Review current processing practices and supply chain
• Justify and plan for transparency and consent
• Keep data to an absolute minimum; never collect personal data where annonymised or pseudonimsed data will suffice
• Focus on your supply chain – you need to ensure end to end compliance
• Assume data breach is going to happen – regularly – and build incident response governance teams and governance now. Test them
Thank you for listening
Olswang:Changing Business.www.olswang.com
Ross McKean / Partner / Head of Data Protection+44 (0)20 7067 3378
ross,[email protected]
Brussels+32 2 647 4772
London+44 20 7067 3000
Madrid+34 91 187 1920
Munich+49 89 206 028 400
Singapore+65 6720 8278
Paris+33 17 091 8720
Thames Valley+44 20 7071 7300
******