UAE health data localisation in 2022 Al Tamimi’s Andrea Tithecott, Partner and Head of Healthcare & Life Sciences Practice, and Andrew Fawcett, Partner, Digital & Data consider the application of the new ICT Health Law and Resolution 51
S
ince the introduction of a Federal law specifically regulating patient health data in 2019, the United Arab Emirates (UAE) has promulgated the concept of data localisation, with restrictions upon health data sent outside the country. This is an important consideration for any international health provider undertaking digital health projects in the UAE.
ICT Health Law Federal Law No.2 of 2019 on the use of information and communications technology (ICT) in health fields in the UAE (ICT Health Law) introduced national regulations to allow the Ministry of Health and Prevention (MOHAP) to collect and analyse health data at a state level in the UAE.
One of the most impactful provisions of the ICT Health Law was that it mandated that health information and data related to services provided in the UAE could only be processed, generated, or transferred outside of the UAE in cases prescribed by virtue of a decision issued by a local Emirate health authority, in coordination with MOHAP. This restriction on the movement of health data was problematic for healthcare providers whose services involve the movement of health data across borders, such as, where local healthcare providers had entered into partnership with other international partners, either for second opinion services, or as regards data analytics, insurance claims processing, or other data processing activities.
60
HWM_005 Al-Tamimi.indd 60
03/06/2022 10:13
