Data protection issues in cross-border interoperability of Electronic Health Record systems within the European Union

Abstract This study investigates the data protection concerns arising in the context of the cross-border interoperability of Electronic Health Record (EHR) systems in the European Union. The article first introduces the policies on digital health and examines the related interoperability issues. Second, the work analyses the latest Recommendation of the European Commission on this topic. Then, the study discusses the rules and the obligations settled by the General Data Protection Regulation to be taken into account when developing interoperable EHRs. According to the data protection by design and by default provision, EHR systems should be designed ex ante to guarantee data protection rules

Scientific research processing health data in the European Union: data protection regime vs. open data

Data processing is fundamental for medical and biomedical scientific research. Data access and open sharing foster innovation and knowledge in these fields. However, supporting data-intensive research raises several data protection issues. The legal framework is complex and the proposal recently issued by the European Commission on the European Health Data Space aims at introducing rules to open research data. This paper provides an overview of the relevant data protection laws in the European Union, focusing on the key elements for researchers. It also deals with the policies and legislation on Open Science and Open Data, and discusses the new acts within the Data Strategy that may be relevant for a scientific project to open medical research. Then, the tensions between the data protection regime and the open research data framework are analysed to find the viable solutions for data access and sharing

Hyaluronated and PEGylated Liposomes as a Potential Drug-Delivery Strategy to Specifically Target Liver Cancer and Inflammatory Cells

Hepatocellular carcinoma (HCC) is the most frequent primary liver cancer and is characterized by poor clinical outcomes, with the majority of patients not being eligible for curative therapy and treatments only being applicable for early-stage tumors. CD44 is a receptor for hyaluronic acid (HA) and is involved in HCC progression. The aim of this work is to propose HA- and PEGylated-liposomes as promising approaches for the treatment of HCC. It has been found, in this work, that CD44 transcripts are up-regulated in HCC patients, as well as in a murine model of NAFLD/NASH-related hepatocarcinogenesis. Cell culture experiments indicate that HA-liposomes are more rapidly and significantly internalized by Huh7 cells that over-express CD44, compared with HepG2 cells that express low levels of the receptor, in which the uptake seems due to endocytic events. By contrast, human and murine macrophage cell lines (THP-1, RAW264.7) show improved and rapid uptake of PEG-modified liposomes without the involvement of the CD44. Moreover, the internalization of PEG-modified liposomes seems to induce polarization of THP1 towards the M1 phenotype. In conclusion, data reported in this study indicate that this strategy can be proposed as an alternative for drug delivery and one that dually and specifically targets liver cancer cells and infiltrating tumor macrophages in order to counteract two crucial aspect of HCC progression

Artificial and Biological Neurons: Interdisciplinary Issues and Future Perspectives. White Paper

Recent developments in the technological domain have increased the interactions between artificial and natural spheres, leading to a growing interest in the ethical, legal and philosophical implications of AI research. The present paper aims at creating an interdisciplinary discussion on issues raised by the use and the implementation of artificial intelligence algorithms, robotics, and applied solutions in the neuroscience and biotechnology field. Building on the findings of the webinar “Workshop neuroni artificial e biologici: etica e diritto”, this work explores the issues discussed in the workshop, it attempts to show both the existing challenges and opportunities and it seeks to propose ways forward to overcome some of the investigated problems

Italian DPA against Vodafone: History of a \u20ac12 million fine

This report analyses and discusses the complex investigation of the Italian DPA and the long Deliberation of this authority against Vodafone

DATA PROTECTION BY DESIGN IN THE E-HEALTH CARE SECTOR: THEORETICAL AND APPLIED PERSPECTIVES

In the digital age, e-health technologies play a pivotal role in the processing of medical information. As personal health data represents sensitive information concerning a data subject, enhancing data protection and security of systems and practices has become a primary concern. In recent years, there has been an increasing interest in the concept of privacy by design (PbD), which aims at developing a product or a service in a way that it supports privacy principles and rules. In the European Union, Article 25 of the General Data Protection Regulation provides a binding obligation of implementing data protection by design (DPbD) technical and organisational measures. This thesis explores how an e-health system could be developed and how data processing activities could be carried out to apply data protection principles and requirements from the design stage. Currently, there is a lack of clarity and knowledge on the topic for developers, data controllers and stakeholders. The research attempts to bridge the gap between the legal and technical disciplines on DPbD by providing a set of guidelines for the implementation of the principle in the e-health care sector. The research is based on literature review, legal and comparative analysis, and investigation of the existing technical solutions and engineering methodologies. So, this thesis uses both legal comparison and the interdisciplinary method. The work can be differentiated by theoretical and applied perspectives. First, it critically conducts a legal analysis on the principle of PbD and it studies the DPbD legal obligation and the related provisions. Later, the research contextualises the rule in the health care field by investigating the applicable legal framework for personal health data processing. Moreover, the research focuses on the US legal system by conducting a comparative analysis since PbD is an international principle and in the US federal law there is a specific rule for the e-health care sector that mandates the implementation of technical and organisational safeguards. Adopting an applied perspective, the research investigates the existing technical methodologies and tools to design data protection and it proposes a set of comprehensive DPbD organisational and technical guidelines for a crucial case study, that is an Electronic Health Record system

La privacy by design. Un'analisi comparata nell'era digitale

Il secondo volume della collana \u201cPrivacy e Innovazione\u201d \ue8 dedicato al lavoro vincitore della prima edizione del premio per la miglior tesi di laurea o di dottorato sui temi della protezione dei dati personali e dell\u2019innovazione tecnologica, bandito dal Centro studi privacy e nuove tecnologie. Il testo, selezionato da un\u2019apposita commissione, \ue8 stato ritenuto particolarmente meritevole sia per il grado di approfondimento e di maturit\ue0 di analisi raggiunta, sia per la scelta del tema, fondamentale nel nuovo quadro di tutela dei dati personali, ma probabilmente ancora poco indagato: il principio di privacy by design, qui esaminato in un\u2019ottica anche comparatista e con attenzione alla sua evoluzione e alle prime importanti applicazioni pratiche. La protezione dei dati personali fin dalla progettazione \ue8 infatti oggi non pi\uf9 solo un contributo dottrinale, ma una risoluzione internazionale adottata dalle autorit\ue0 garanti di tutto il mondo e, soprattutto, una norma vincolante dell\u2019Unione Europea e oggetto di massima considerazione presso gli ordinamenti giuridici di altre importanti aree geografiche \u2014 Stati Uniti e Canada in primis. La privacy by design \ue8 un approccio che comporta una maggiore tutela dei diritti della persona, in modo coerente e completo. Progettare le tecnologie in modo privacy\u2013friendly \ue8 doveroso non solo per proteggere i dati degli individui, ma anche per garantire che l\u2019esercizio degli altri diritti fondamentali non sia ingiustamente penalizzato

Data Protection by Design in the E-Health Care Sector

In the digital age, e-health technologies play a pivotal role in the processing of medical information. As personal health data represent sensitive information concerning a data subject, enhancing data protection and security of systems and practices has become a primary concern. This book explores how an e-health system could be developed and how data processing activities could be carried out to apply data protection principles and requirements from the design stage. There is currently a lack of clarity and knowledge on the topic among developers, data controllers and stakeholders. The research attempts to bridge the gap between the legal and technical disciplines on DPbD by providing a set of guidelines for the implementation of the principle in the e-health care sector.illustratorIn the digital age, e-health technologies play a pivotal role in the processing of medical information. As personal health data represent sensitive information concerning a data subject, enhancing data protection and security of systems and practices has become a primary concern. This book explores how an e-health system could be developed and how data processing activities could be carried out to apply data protection principles and requirements from the design stage. There is currently a lack of clarity and knowledge on the topic among developers, data controllers and stakeholders. The research attempts to bridge the gap between the legal and technical disciplines on DPbD by providing a set of guidelines for the implementation of the principle in the e-health care sector

Data protection by design in the e-health care sector: theoretical and applied perspectives

In the digital age, e-health technologies play a pivotal role in the processing of medical information. As personal health data represents sensitive information concerning a data subject, enhancing data protection and security of systems and practices has become a primary concern. In recent years, there has been an increasing interest in the concept of Privacy by Design, which aims at developing a product or a service in a way that it supports privacy principles and rules. In the EU, Article 25 of the General Data Protection Regulation provides a binding obligation of implementing Data Protection by Design technical and organisational measures. This thesis explores how an e-health system could be developed and how data processing activities could be carried out to apply data protection principles and requirements from the design stage. The research attempts to bridge the gap between the legal and technical disciplines on DPbD by providing a set of guidelines for the implementation of the principle. The work is based on literature review, legal and comparative analysis, and investigation of the existing technical solutions and engineering methodologies. The work can be differentiated by theoretical and applied perspectives. First, it critically conducts a legal analysis on the principle of PbD and it studies the DPbD legal obligation and the related provisions. Later, the research contextualises the rule in the health care field by investigating the applicable legal framework for personal health data processing. Moreover, the research focuses on the US legal system by conducting a comparative analysis. Adopting an applied perspective, the research investigates the existing technical methodologies and tools to design data protection and it proposes a set of comprehensive DPbD organisational and technical guidelines for a crucial case study, that is an Electronic Health Record system