The importance of data privacy is highlighted by celebrating 28th of January as the Data Privacy Day. This day is used to showcase the importance of individual data and how it should be protected at all costs.
What is Data Privacy Day?
In 2007, the Council of Europe decided to designate 28th January of each year to highlight the importance of data privacy. This date was selected to coincide with the Council of Europe’s Data Protection Convention known as ‘Convention 108’. Therefore, in Europe 28th January is known as the Data Protection Day.
Outside of Europe, this day is celebrated as the Data Privacy Day.
Why is Data Privacy important in the age of Covid-19?
COVID-19 has posed many challenges for populations and governments alike. While the use of the internet has been highly beneficial to overcome those challenges, it came with its issues. One such issue being Data Privacy. With independent parties developing apps and technologies to assist populations with their day-to-day needs during the pandemic, governments are burdened with regulating not just the quality of the services provided by these apps but also what data is gathered and how it is processed and used.
What is HIPAA?
The Health Insurance Portability and Accountability Act is a law that requires national standards to be implemented to protect sensitive patient health data from being misused unbeknownst to the patient. HIPAA is an industry-specific law that works in tandem with the General Data Protection Regulation (GDPR) of any nation or region.
HIPAA has two rules:
- The HIPPA Security Rule sets the rules and principles for administrative, physical, and specialized handling of patient medical information.
- The HIPPA Privacy Rule determines the limits as to which data (in which manner) can be shared with third parties without prior patient consent.
Simply put the security rule dictates the technical side of safeguarding patient health data, whereas the privacy rule sets the operational constraints of how healthcare providers and their business associates can use patient data.
Data Protection Best Practices for Healthcare Organizations
- Training healthcare staff.
- Securing mobile devices.
- Employing off-site data backup
- Steering regular risk assessments
- Limiting access to data and applications
- Executing data usage controls
- Estimating the compliance of business associates
- Moderating connected device risks
- Logging and observing use
Your Rights in A Nutshell (under the GDPR)
The General Data Protection Regulation is a regulation in European Union law that protects the data protection rights of individuals and entities.
In layman’s terms, the GDPR enforces the fact that there needs to be a lawful reason for organizations to process personal data of an individual. These reasons are:
- Permission; there need to be adequate permissions for data to be processed.
- To implement a contract.
- If an organization needs to meet a legal obligation.
- Where handling individual information is important to secure the crucial interests of an individual.
- Where handling the individual information is fundamental for the exhibition of an undertaking done in the public interest.
- In the authentic interests of an organization/association (aside from where those interests negate or hurt the interests or rights and opportunities of the person).
How to Keep Your Data Safe as an Individual?
- Check the privacy settings of every app/web service you subscribe to.
-For example, open the menu at the top right of Facebook.
-Select Settings & Privacy and click Settings.
-Click Your Facebook Information in the left column, then click Off-Facebook Activity.
-Click More Options and select Manage Future Activity.
-Click Future Off-Facebook Activity, then click Turn Off to switch off your future off-Facebook activity.
- Before installing an app on your phone, do some research on the internet regarding its credibility and data requirements.
- Clear your browser cookies.
- Use a privacy window (Firefox) or incognito mode (Chrome) when browsing the internet.
- Avoid using unknown survey sites (form sites) to conduct surveys online.
- Avoid using unknown browser plugins.
- Educate yourself by watching a documentary such as The Social Dilemma (2020).
A nation such as ours does not have a General Data Protection Act currently, however, there are specific government regulations imposed on sectors of the industry that do gather and process mounds of data. But as of June 2019, a general data protection act was drafted and is currently undergoing examination from every level of government with the full participation of the private sector and the general populace of Sri Lanka.
VIDA+ that is being currently deployed in Saudi Arabia strictly adheres to HIPAA and other region-based data protection regulations. Therefore, it is safe to say that Cloud Solutions as a whole maintains the utmost standards inpatient data privacy when it comes to the deployment of the cloud-native VIDA+ healthcare management system in the Kingdom of Saudi Arabia.
In conclusion, while these laws are available and implemented it is up to you to make sure they are regulated and widely known. Therefore, as an individual read up on the latest trends in data privacy & security and keep yourselves & the organization you work for up to date.
Healthcare Data Protection in Saudi Arabia
General Data Protection Regulation –
Sri Lanka’s Data Protection Act –