Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-HEALTHE-HEALTH IN THE CLOUD E-HEALTH NVvIR voorjaarsvergadering 17 June 2010 - Amsterdam Avv. Dr. Paolo Balboni: TILT, EPA & IIP www.europeanprivacyassociation.eu.

Published byVivien Newton Modified over 9 years ago

Similar presentations

Presentation on theme: "E-HEALTHE-HEALTH IN THE CLOUD E-HEALTH NVvIR voorjaarsvergadering 17 June 2010 - Amsterdam Avv. Dr. Paolo Balboni: TILT, EPA & IIP www.europeanprivacyassociation.eu."— Presentation transcript:

1 E-HEALTHE-HEALTH IN THE CLOUD E-HEALTH NVvIR voorjaarsvergadering 17 June 2010 - Amsterdam Avv. Dr. Paolo Balboni: TILT, EPA & IIP www.europeanprivacyassociation.eu www.istitutoitalianoprivacy.it www.paolobalboni.eu paolobalboni@istitutoitalianoprivacy.it

2 2 Introduction (i) “In order to fulfil European recommendations, national requirements and to exploit the full value of e-health services, interoperability between different local and national Electronic Health Records (“EHRs”) has to be guaranteed (…)” 2

3 3 Introduction (ii) “Given the strong focus on interoperability and the potential business efficiency impact of cloud models, a number of Local Healthcare Authorities (“LHAs”) are considering to jointly enter into an agreement with a national ‘telco’ for the creation of their own cloud (…)” 3

4 4 Introduction (iii) “(…) The LHAs plan to migrate to the cloud services, i.e., EHRs, EHFs, online reservation of health examinations and, other less critical services, e.g., back-end services, HR, payroll, e-learning.” 4

5 5 Structure of the Presentation 1. EU Regulatory Background 2. ENISA GovCloud Project 3. e-Health Scenario 4. Nailing Data Protection Issues 5. Few Preliminary Considerations 6. Q&A 5

6 6 EU Regulatory Background “Better informed, More efficient, Patient focused, a European market” E-Health action plan: COM(2004) 356 e-Health - making healthcare better for European citizens: an action plan for a European e-Health AreaCOM(2004) 356 i2010 Subgroup on eHealth Lead Market Initiative - eHealth Article 29 WP (WP 131/2007) Working Document on the processing of personal data relating to health in electronic health records (EHR)WP 131/2007 COM(2008) 414 Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the application of patients' rights in cross-border healthcareCOM(2008) 414 COM(2008) 415 A Community framework on the application of patients' rights in cross-border healthcareCOM(2008) 415 Study on the Legal Framework for Interoperable e-Health in Europe (2009) 6

7 7 ENISA GovCloud Project (i) Aim To analyse and evaluate the impact that cloud computing have on resilience and security of services in a Governmental organisation and to provide recommendations and good practices for Eu MSs planning to migrate to cloud computing Subject Both services to citizens (eGov) and internal IT service (back end) are considered 7

8 8 ENISA GovCloud Project (ii) Legal Aspects Legal aspects are NOT the main focus of the paper, that is security and resilience We are going to publish an annex to the main report with data protection and legal considerations Background The project has to be considered as follow up action of the work done by ENISA during 2009 and, in particular, of the report: ‘Cloud Computing: Benefits, risks and recommendations for information security’ ‘Cloud Computing: Benefits, risks and recommendations for information security 8

9 9 E-Health Scenario The analysis will be based on 4 cases/scenarios: 1.E-Health – Local and Regional Healthcare Authorities 2.Local and Regional Public Administrations 3.Gov Cloud – Computing as a Service 4.Supra-National Cloud E-Health questionnaire to be distributed to 2 Italian LHAs, NICTIZ and Rotterdam’s regional healthcare network 9

10 10 Nailing Data Protection Issues Data Controller - Data Processor (Who is who?) Article 2 (d) and (e) Directive 95/46/EC Article 29 WP: Opinion 1/2010 on the concepts of "controller" and "processor"Opinion 1/2010 on the concepts of "controller" and "processor" EDPS: “Data Protection and Cloud Computing under EU law”, speech delivered by Peter Hustinx at the Third European Cyber Security Awareness Day, Brussels, 13 April 2010Data Protection and Cloud Computing under EU law Article 29 WP: Work Programme 2010-2011Work Programme 2010-2011 10

11 11 Nailing Data Protection Issues Does EU law apply? “(a) if the data controller has a relevant establishment in the EU and (b) if it uses equipment in the EU. Thus: A cloud provider established in the EU - or acting as processor for a controller established in the EU - will in principle be 'caught' by EU law. A cloud provider which uses equipment (such as servers) in an EU Member State - or acting as processor for a controller using such equipment - will also be caught. A cloud provider in other cases - even if it mainly and mostly targets European citizens - would not be caught by EU law.” (Peter Hustinx - EDPS) 11

12 12 Nailing Data Protection Issues Safeguards for Data Subjects Right to create an EHR and/or EHF Entities Processing the Data How to access the EHR and/or a EHF Data Subject’s Rights Limitations on Data Dissemination and Cross-Border Data Flows Information notice and Consent Security Measures (Communications to the Local DPAs) 12

13 13 Few Preliminary Considerations Key Issues Limitations on Data Dissemination and Cross-Border Data Flows Security Measures (CAMM Project)Security MeasuresCAMM Project 13

14 Thanks for your attention! Q&A NVvIR voorjaarsvergadering 17 June 2010 - Amsterdam Avv. Dr. Paolo Balboni: TILT, EPA & IIP www.europeanprivacyassociation.eu www.istitutoitalianoprivacy.it www.paolobalboni.eu paolobalboni@istitutoitalianoprivacy.it

Download ppt "E-HEALTHE-HEALTH IN THE CLOUD E-HEALTH NVvIR voorjaarsvergadering 17 June 2010 - Amsterdam Avv. Dr. Paolo Balboni: TILT, EPA & IIP www.europeanprivacyassociation.eu."

Similar presentations

S.O.S. eHealth Project Open eHealth initiative for a European large scale pilot of patient summary and electronic prescription Daniel Forslund, Head of.

S.O.S. eHealth Project Open eHealth initiative for a European large scale pilot of patient summary and electronic prescription Daniel Forslund, Head of.
EC PHARE project EU IMPACT - Academic network for communicating integration impacts in Croatia Effective networking: Case study EU IMPACT: Academic network.

EC PHARE project EU IMPACT - Academic network for communicating integration impacts in Croatia Effective networking: Case study EU IMPACT: Academic network.
Enterprise and Industry Directorate-General Agnieszka Kozakiewicz Automotive Industry Unit (F1) Enterprise and Industry Directorate-General European Commission.

Enterprise and Industry Directorate-General Agnieszka Kozakiewicz Automotive Industry Unit (F1) Enterprise and Industry Directorate-General European Commission.
EU Wetland conservation policy. Communication on the Wise Use and Conservation of Wetlands (1995) => first European document dedicated exclusively.

EU Wetland conservation policy. Communication on the Wise Use and Conservation of Wetlands (1995) => first European document dedicated exclusively.
A project implemented by the HTSPE consortium This project is funded by the European Union SECURITY AND CITIZENSHIP EMPLOYMENT AND SOCIAL INNOVATION PROGRAMME.

A project implemented by the HTSPE consortium This project is funded by the European Union SECURITY AND CITIZENSHIP EMPLOYMENT AND SOCIAL INNOVATION PROGRAMME.
Expert Group / Brussels October 13 th 2006 This project has received funding from the european community 119372 - JA - 1 - 2004 - 1 - AT - JOINT CALL -

Expert Group / Brussels October 13 th 2006 This project has received funding from the european community JA AT - JOINT CALL -
The European Union legal framework for clinical data access: The European Union legal framework for clinical data access: potential challenges and opportunities.

The European Union legal framework for clinical data access: The European Union legal framework for clinical data access: potential challenges and opportunities.
1 Reform of the EU regulatory framework for electronic communications What it means for Access to Emergency Services Reform of the EU regulatory framework.

1 Reform of the EU regulatory framework for electronic communications What it means for Access to Emergency Services Reform of the EU regulatory framework.
Smart Regulation Responding to the needs of SMEs Commission Communication COM(2013) final of 07.03.203.

Smart Regulation Responding to the needs of SMEs Commission Communication COM(2013) final of
Heinz-Lothar Theel, General Manager of the County Council Association of Saxony-Anhalt1 E-services in municipalities of Saxony-Anhalt - current situation.

Heinz-Lothar Theel, General Manager of the County Council Association of Saxony-Anhalt1 E-services in municipalities of Saxony-Anhalt - current situation.
1 Europe André Meijer Universiteit Maastricht Programme director European Public Health.

1 Europe André Meijer Universiteit Maastricht Programme director European Public Health.
Workshop on Health Examination Surveys (HES) Legal and ethical issues Susanna Conti, M. Kanieff, G. Rago Istituto Superiore di Sanità (ISS) (National Public.

Workshop on Health Examination Surveys (HES) Legal and ethical issues Susanna Conti, M. Kanieff, G. Rago Istituto Superiore di Sanità (ISS) (National Public.
2006 06 16 LEFIS W2 Posgraduate Workshop 1 LEFIS, WG 2 Postgraduate studies Meeting, Rotterdam.

LEFIS W2 Posgraduate Workshop 1 LEFIS, WG 2 Postgraduate studies Meeting, Rotterdam.
AER Network Meeting Cross-border Challenges and Opportunities Regions’ updates on latest developments in e-health Regione Lombardia 14/09/20151Trieste,

AER Network Meeting Cross-border Challenges and Opportunities Regions’ updates on latest developments in e-health Regione Lombardia 14/09/20151Trieste,
E-Health: Proposal and call for a new working group Oslo, 18 April, 2015 E-Health: Preparing for the Helsinki conference Proposal and call for a new working.

E-Health: Proposal and call for a new working group Oslo, 18 April, 2015 E-Health: Preparing for the Helsinki conference Proposal and call for a new working.
TEMPUS IV- SIXTH CALL FOR PROPOSALS 1 TEMPUS Modernising Higher Education TEMPUS INFORMATION DAY.

TEMPUS IV- SIXTH CALL FOR PROPOSALS 1 TEMPUS Modernising Higher Education TEMPUS INFORMATION DAY.
How can I trust the rest of Europe ? Requirements and a possible organisation with regard to epSOS and eHealth Frank Robben General manager eHealth platform.

How can I trust the rest of Europe ? Requirements and a possible organisation with regard to epSOS and eHealth Frank Robben General manager eHealth platform.
Model diagram to consider infrastructure projects in Serbia Aleksandar Kovacevic.

Model diagram to consider infrastructure projects in Serbia Aleksandar Kovacevic.
Ambient Assisted Living, AAL Joint Programme Overview – and preliminary results and experiences of the first call Silas Olsson AAL Association, Central.

Ambient Assisted Living, AAL Joint Programme Overview – and preliminary results and experiences of the first call Silas Olsson AAL Association, Central.
European Grid Initiative Technical Forum 21 September 2011, Lyon The Digital Agenda for Europe What about the Cloud? Carl-Christian Buhr European Commission.

European Grid Initiative Technical Forum 21 September 2011, Lyon The Digital Agenda for Europe What about the Cloud? Carl-Christian Buhr European Commission.

Similar presentations

Ads by Google