---------- Forwarded message ---------- From: Ruggiero, Mrs. Ana Lucia (WDC) <ruglucia@xxxxxxxx> Date: 2013/6/25 Subject: [EQ] Patient Privacy in a Mobile World - A Framework to Address Privacy Law Issues in Mobile Health To: EQUIDAD@xxxxxxxxxxxxxxxxx ** ** ** ** *Patient Privacy in a Mobile World – A Framework to Address Privacy Law Issues in Mobile Health*** *TrustLaw report* - *Editors: Baker & McKenzie, Merck, Thomson Reuters Foundation June 2013 ***** This work is the result of collaboration with the mHealth Alliance, hosted by the United Nations Foundation, international law firm Baker & McKenzie and global healthcare provider Merck together with local counsel in each of the case study countries.**** ** ** Available online PDF file [99p.] at: http://bit.ly/10QZzvp **** “…..This paper summarizes the other major aspects of current laws to provide a snapshot of where the laws stand today and a baseline for discussing potential reform and the adoption of new laws. Interestingly, very few of the existing laws cover health information specifically (the *** *United States**** being the prime exception) and fewer still make any reference, even in terms of regulatory guidance, to mHealth. The current application of these privacy laws to mHealth issues, therefore, is by extension of existing, more general principles related to privacy protection. For this reason and to provide more specific examples that can be used to address mHealth privacy issues, this paper also offers an overview of medical ethics and patient confidentiality codes in effect throughout the world. **** This paper then goes on to set forth a functional framework for addressing privacy law issues around the globe, which adapts and is sensitive to particular cultural, technological and institutional contexts. The main pillars of the framework are: **** (1) fact gathering and analysis that aim to identify the key drivers for privacy regulation in a particular jurisdiction and the existing environment for the development of such laws; (2) determining scope of coverage in a thoughtful and deliberate manner that takes into account the results of the fact-gathering stage and the potential impact of scoping decisions on the further uptake of mHealth in a particular jurisdiction; (3) deciding the nature of any notice and consent requirements built into the privacy law reflecting the cultural and t (4) incorporating the principle of data minimization into any law as a best practice; (5) encouraging the right of data integrity and accessibility for data subjects while requiring such requests to be commercially reasonable and feasible for the entities storing data to honor; (6) requiring the adoption of reasonable data security measures while remaining nimble and open to new technological advances in this area; (7) ensuring that data is protected throughout its lifecycle through cross-border and third party transfer restrictions, while being sensitive to the operational burdens such restrictions could place on market participants and the consequences for the uptake of mHealth; (8) determining the enforcement and sanctions mechanisms built into the law to credibly encourage compliance, which also requires an honest assessment of the jurisdiction’s enforcement resources…”**** ** ** *Content: * ** ** INTRODUCTION **** OBJECTIVE**** BACKGROUND**** Technology’s Effects on mHealth Privacy and Security **** Culture’s Effect on mHealth Privacy and Security**** Law’s Effect on mHealth Privacy and Security **** Other Factors Affecting mHealth Privacy and Security **** Uses of mHealth and the “mHealth Ecosystem**** METHODOLOGY GLOBAL LANDSCAPE OF CURRENT mHEALTH PRIVACY AND SECURITY LAWS AND PATIENT CONFIDENTIALITY LAWS**** **United States** - European Union - **Australia** -****Japan**** **** Singapore - Argentina - Mexico - Africa**** MEDICAL ETHICS**** The Sources of Medical Ethics **** The **United States**, **Canada** and **Europe** **** **Latin America****** **Middle East****** **Asia** **** **Africa** CASE STUDIES FROM SELECT JURISDICTIONS IN ASIA, AFRICA AND **LATIN AMERICA** **** **BANGLADESH** – **CHILE** – **INDIA** - ****NIGERIA******** **PERU** - **TANZANIA** - ****UGANDA**** **** WORKING TOWARD AN mHEALTH PRIVACY LAW FRAMEWORK**** FACT GATHERING AND ANALYSIS **** DETERMINING SCOPE OF COVERAGE **** NOTICE AND CONSENT (CHOICE) **** DATA MINIMIZATION **** DATA INTEGRITY AND ACCESSIBILITY**** DATA SECURITY DATA TRANSFERS TO THIRD PARTIES AND ACROSS BORDERS **** ENFORCEMENT AND SANCTIONS **** CONCLUSION**** PARTNERS **** *KMC/2013/KMC Twitter* *http://twitter.com/eqpaho* <http://twitter.com/eqpaho> * ** * * This message from the Pan American Health Organization, PAHO/WHO, is part of an effort to disseminate information Related to: Equity; Health inequality; Socioeconomic inequality in health; Socioeconomic health differentials; Gender; Violence; Poverty; Health Economics; Health Legislation; Ethnicity; Ethics; Information Technology - Virtual libraries; Research & Science issues. [DD/ KMC Area] ****Washington** **DC** **USA******** “Materials provided in this electronic list are provided "as is". Unless expressly stated otherwise, the findings and interpretations included in the Materials are those of the authors and not necessarily of The Pan American Health Organization PAHO/WHO or its country members”. ------------------------------------------------------------------------------------ PAHO/WHO Website <http://new.paho.org/equity/> Equity List - Archives - Join/remove: http://listserv.paho.org/Archives/equidad.html *Twitter **http://twitter.com/eqpaho* <http://twitter.com/eqpaho>* ** ***** IMPORTANT: This transmission is for use by the intended recipient and it may contain privileged, proprietary or confidential information. If you are not the intended recipient or a person responsible for delivering this transmission to the intended recipient, you may not disclose, copy or distribute this transmission or take any action in reliance on it. If you received this transmission in error, please dispose of and delete this transmission. Thank you.