Laws and Regulations for Digital Health
"Requirements Engineering for Digital Health", Samuel A. Fricker, Christoph Thuemmler, Anastasius Gavras (eds.), Springer, pp. 47-75, 2014
29 Pages Posted: 26 Nov 2014
Date Written: 2014
Abstract
Traditional healthcare is being transformed though mobile health delivery, personalized medicine, and social media health applications. The area of healthcare is heavily regulated. Hence, the design and implementation of the innovative eHealth solutions must account for conventional health law. Translating legal norms into features of design and implementation may prove difficult. The aim of this Chapter is to facilitate this process and make first steps towards a methodology for interpretation of legal and regulatory rules into engineering requirements. This Chapter has presented an integrated approach to legal requirements engineering in the context of eHealth, bringing together a methodology for mapping existing legal and regulatory landscape and the strategies to interface the identified rules into design of the eHealth technology and processes. Drawing on earlier work of Koops (2013), we provide the eHealth stakeholders with a toolkit to map, analyze and apply the laws and regulations in order to achieve compliance. The Chapter outlines a taxonomy for descriptive research in law and technology as a tool to map the regulatory field in their specific domain. It then proceeds to illustrate how the tool is to be applied and provides a non-exhaustive overview and analysis of the legal rules relevant for eHealth in Europe, with a focus on the safety and performance requirements to eHealth applications and platforms, and on data protection rights of the eHealth users. Further, we elucidate the role that the compliance-by-design strategies have in engineering legal requirements into the eHealth technology design and processes. It is suggested that the eHealth developers, sellers and service providers engage in compliance by design in order to ensure and demonstrate compliance with the regulatory landscape.
Keywords: eHealth, mHealth, digital health, health apps, regulation of technology, privacy by design, privacy impact assessment, requirements engineering
Suggested Citation: Suggested Citation