By Nathan Lea, i~HD DPO & Information Governance Lead
For over three years handling of EU Citizen’s personal data has been governed by the General Data Protection Regulation but my involvement with anticipating its impacts predated this. There were points in 2017 where I sensed something special was about to happen – in my discussions with colleagues and reviews of the agreed draft for GDPR, it was clear that a lot of people from the research and innovation community engaged with the legislative processes of the EU and tried to implement something that would not stifle innovation or research. GDPR as an EU Regulation was drafted to work alongside existing Member State legal instruments around how Medical Records and wider health information must be held, governed and used.
The laws governing health records are numerous and nuanced, and together form a complex system of context specific rationale and requirement that have evolved within the scope of Member State jurisdiction.
The guidance on their interpretation that is offered across these jurisdictions adds further nuance to this, but nothing compared to the power of expectation around its use and protections – where controversies about inappropriate access and distressed citizens have always and continue to cast a shadow over the need for data to flow and the good that comes from it.
Then along came GDPR – an overarching regulation that had been carefully drafted and redrafted to make the need for data to flow central to its goals, but at the same time transfer more power to the individual around their data and its control whilst respecting the complexity of other National legislations. In short it seemed built to interoperate and integrate, across Europe and beyond. Now entering its fourth year of implementation the health innovation community has developed some considerable experience of it. It is time to look at that experience, and share it.
With these Webinars we can reflect on what we have learned so far and share some of the key insights from i~HD’s group of experts.
We are a well represented group – from clinical academics and practitioners to lawyers, ICT experts, Regulatory Experts all the way through to our industrial and patient representative communities, we have all been blessed and/or bruised by our GDPR exposures, and we want to share our learnings with you.
It has been a pleasure and a privilege to lead on the development of our sessions and the overall objectives and I thank our experts and the I~HD team for developing something that is truly special, representative and most importantly, useful. With the advent of the new Data Governance Act and drafting of the AI Regulations, we have to move away from the siloed thinking around data protection compliance and focus more on its impact in context. For the health data driven innovation sector, we need to drive that realisation to ensure that we can deliver public good from our experience and look to expedient delivery of health care and outcomes improvement.
We look forward to welcoming you to our Webinar series so that we can make this happen together.
Nathan Lea
i~HD DPO & Information Governance Lead