Health data privacy under the GDPR : big data challenges and regulatory responses

The growth of data-collecting goods and services, such as ehealth and mhealth apps, smart watches, mobile fitness and dieting apps, electronic skin and ingestible tech, combined with recent technological developments such as increased capacity of data storage, artificial intelligence and smart algorithms, has spawned a big data revolution that has reshaped how we understand and approach health data. Recently the COVID-19 pandemic has foregrounded a variety of data privacy issues. The collection, storage, sharing and analysis of health- related data raises major legal and ethical questions relating to privacy, data protection, profiling, discrimination, surveillance, personal autonomy and dignity. This book examines health privacy questions in light of the General Data Protection Regulation (GDPR) and the general data privacy legal framework of the European Union (EU). The GDPR is a complex and evolving body of law that aims to deal with several technological and societal health data privacy problems, while safeguarding public health interests and addressing its internal gaps and uncertainties. The book answers a diverse range of questions including: What role can the GDPR play in regulating health surveillance and big (health) data analytics? Can it catch up with internet-age developments? Are the solutions to the challenges posed by big health data to be found in the law? Does the GDPR provide adequate tools and mechanisms to ensure public health objectives and the effective protection of privacy? How does the GDPR deal with data that concern children's health and academic research? By analysing a number of diverse questions concerning big health data under the GDPR from various perspectives, this book will appeal to those interested in privacy, data protection, big data, health sciences, information technology, the GDPR, EU and human rights law.

Section 1 Health Data Privacy under the GDPR Chapter 1 The GDPR and (Big) Health Data: Assessing the EU Legislator's Choices Maria Tzanou, Keele University, UK Chapter 2 Attribution of Responsibility under the GDPR in the Context of Health Data Processing Yordanka Ivanova, Sofia University St. Kliment Ohridski, Bulgaria, and Vrije Universiteit Brussel, Belgium Chapter 3 Healthcare data about children in social media: the challenges raised under the GDPR Rosemary Jay, Hunton Andrews Kurth, UK Chapter 4 European-wide Big Health Data Analytics under the GDPR Jos Dumortier, KU Leuven and Timelex Lawyers, Brussels, Belgium Mahault Piechaud Boura, Timelex Lawyers, Brussels, Belgium Chapter 5 Privacy Issues in eHealth and mHealth Apps Beatriz Sainz-de-Abajo, University of Valladolid, Spain Isabel de la Torre-Diez, University of Valladolid, Spain Susel Gongora-Alonso, University of Valladolid, Spain Miguel Lopez-Coronado, University of Valladolid, Spain Section 2 A Critical Assessment of the GDPR's Regulatory Solutions Chapter 6 Regulating non-personal data in the age of Big Data Bart van der Sloot, Tilburg University, the Netherlands Chapter 7 Addressing Big Data and AI Challenges: A Taxonomy and Why the GDPR Cannot Provide a One-size-fits-all Solution Maria Tzanou, Keele University, UK Chapter 8 The GDPR, AI and the NHS Code of Conduct for Data-Driven Health and Care Technology Joseph Savirimuthu, University of Liverpool, UK