Just as Meta is hit with a record €1.2bn fine for transferring personal data of EU citizens to the US, Europe’s flagship data regulation GDPR marks its fifth anniversary this month.
While some still see GDPR as a nuisance, the sweeping data privacy law has been successful in empowering citizens to take a more active role in managing their personal data, at a time when we are consuming and exchanging more and more information online, according to Vivian Arbenz, Group Data Protection Officer at Kry Livi Group. 

“GDPR has paved the way for similar regulations around the world,” she says. “Back to Facebook and what about GDPR’s impact on the tech sector? The financial risks associated with non-compliance have arguably had limited impact on Big Tech, but most companies handling the data of EU citizens, especially those in the healthcare sector, are taking a more proactive approach to privacy and security.”

AI technology in healthcare

With the emergence of new technologies such as AI and robotics, the healthcare industry is set to undergo one of the largest digital transformations, reaping benefits including improved data insights and automation, improved workflows, interventions and diagnosis – leading to better clinician workload management and hopefully improved health outcomes for millions. 

“For us to reap these benefits, access and interchange of personal health data will be key,” says Arbenz. “So how can we ensure technology is used for good while also maintaining the highest levels of privacy in the brave new AI world?  

“We’ve made some good progress. Since 2018, both the healthcare and technology landscapes have changed dramatically. During the pandemic, just as the concept of virtual doctor appointments and online prescriptions was normalised, the ability to share population COVID-19 data across international borders became a vital tool in fighting the virus and improving population health. The combination of digital tools and a willingness to overcome the usual lack of cross-border interoperability meant that scientists could conduct research in a timely manner, leading to the global vaccination rollout.”

However, despite the clear public benefit this fast and flexible response demonstrated, sharing health data across borders still proves a challenge today, largely due to issues such as a lack of suitable transfer tools and complex Transfer Impact Assessments (TIAs).

“Meanwhile, the technology landscape continues to leap ahead, with the rapid emergence of new innovations such as augmented reality, robotics and digital twins which are opening up new possibilities for industry and consumers alike. Most recently, we have seen the rise of AI tools and their potential to transform our day to day lives. In healthcare, we’re seeing AI breakthroughs in areas like drug discovery, early prevention and diagnostics, as well as reducing the workload for stretched clinicians. For example, Mia, an AI breast screening solution, increases efficiency by automating up to 45% of the scan review process.

“With so much to gain, it’s exciting to think of the millions of patients who can benefit from earlier diagnoses or more personalised treatment. But we must balance this with due care and justifiable concern around the ethics and privacy risks of using healthcare AI. Are third parties training AI on data without permission? Are AI tools biased or discriminating? Is their use transparent to patients?” 

These issues can pose real risks to the patients’ rights and freedoms as well as in the medical field.

“As someone who works for a digital healthcare company, I think we’ve got to look to the future benefits. Patient privacy must be paramount but, when used in the right way, AI can significantly transform healthcare. The sector holds huge quantities of quality data, but even with access to all this data, humans can’t possibly scan such large volumes. Using AI to analyse population health data can lead to vital scientific discoveries, both for healthcare delivery and chronic disease research and in turn informing policy making.”

Vivian Arbenz, Group Data Protection Officer at Kry Livi Group

Well-governed access to European health data

According to Arbenz, there’s a long way to go. 

“To benefit from AI and other technologies, we need a more joined-up approach to enable interoperability between healthcare systems, borders and countries. If we work together, we all benefit from a better health system and the opportunity to lead healthier lives. 

“That’s why the EU’s European Health Data Space (EHDS) regulation, proposed in May 2022, presents an exciting turning point for Europe. It promotes well-governed access to health data for both the delivery of healthcare services and the regulation of secondary use purposes to support improved health outcomes. If we get this right, Europe has the potential to become a pioneer in healthcare, improving the way we manage our scarce health resources, delivering better quality care at a lower cost, and positively impacting hundreds of millions of lives.”

While GDPR plays a hugely important role in data privacy in Europe, EHDS recognises that the unique characteristics of health data require a dedicated approach. 

“With the right privacy guardrails in place, at Kry we believe it is possible to leverage both population health data and technology for good. In fact, as healthcare systems in Europe are under more pressure than ever, the need to enable interoperability and make the best use of health data to improve patient outcomes is more urgent than ever.”