How to protect confidentiality of data by putting in place proper contractual arrangements, setting out how a party may use any information or data associated with the App during its development and prior to it being made available on the market.
The adoption of smart technology solutions by the health and care sector has exploded in 2020. The pandemic has driven the sector to increase its use of smart phone technology solutions (“Apps”), an example of which is conducting video consultations and assessments. Adoption has historically been slow to develop across the sector generally, potentially due to perceived risks in maintaining integrity of special category personal data.
Now that more health and care providers are transitioning to greater use of Apps, the Covid-19 pandemic has propelled providers to implement systems which can assess an individual’s needs remotely.
In the ‘new normal’, the sector will increasingly adopt and implement the use of Apps to assess and deliver person-centric health and well-being advice and services. The Apps which are created will be in demand, competition is likely to be high and the potential commercial value to providers is significant.
Apps are created by combining software with data (in its broadest sense and by use of personal data). Part 1 of this 2-part series explored how intellectual property rights in Apps might be protected commercially. Part 2 will delve into how to protect confidentiality of data by putting in place proper contractual arrangements which set out how a party may use any information or data associated with the App during its development and prior to it being made available on the market.
A successful health and social care App must ensure data confidentiality. Any failure to do so may result in a data breach, resulting in potential claims by individuals affected as well as an investigation and potential fine from the ICO or other regulators. That is without taking account of the reputational damage, which would likely reduce consumer confidence in the product and company which will consequently impact on revenue and the ability to enter the supply chain (particularly with large organisations such as the NHS).
Use of personal data should always be minimised (e.g. limited to data needed to achieve the intended purpose) and anonymised data should be used where possible. However, use of personal data is likely necessary for health care Apps. A potential solution to address the risk of being victim to a cyberattack and potential data breach is to apply cryptographic algorithms to encrypt data. Cryptographic algorithms are used for tasks including data encryption and authentication. The benefit to using cryptographic algorithms being that if exchanged data is intercepted, the attacker is not able to understand the content, so the risk is reduced.
When designing an App, you should ensure that the confidentiality of any personal data is properly managed by applying the following measures and ensuring these are reviewed and managed whilst the App is in use:
If engaging third party software developers, you should ensure robust obligations of confidentiality are also put in place, including, for example, the purposes for which information can be used and its restrictions on use.
The benefit of having such obligations in place is that if data is shared, either purposefully or accidentally, during App design and development, the risk that there is misuse of the data (which offers a commercial advantage rather than a bad faith use of personal data) can be addressed by having an enforceable right against that third party to (i) seek an injunction preventing further use; and (ii) claim damages for breach of contract. To the extent any registrable intellectual property right subsists in the App (which is prevented due to prior disclosure), you may have a remedy to pursue such registration if it can be established that the disclosure was made in breach of confidence.
Apps have a valuable place in the healthcare market and will likely continue to attract significant investment to produce better ways of delivering healthcare solutions. However, failing to address the above risks prior to starting App development has the potential to thwart any project timelines for implementation and commercialisation, but is also at increased risk of being subject to a future dispute and potential breach of an individual’s data rights.
Partner
richard.nicholas@brownejacobson.com
+44 (0)121 237 3992
Browne Jacobson welcomed the Chief Coroner, His Honour, Judge Thomas Teague, KC as a guest speaker at our recent Health and Care Connect Conference. We are delighted to now publish the key insights from that session, authored by the Chief Coroner himself.
The BMA is advising all NHS / HSCNI consultants to ensure extra-contractual work is paid at the BMA minimum recommended rate and to decline offers of extra-contractual work that doesn't value them appropriately.
Browne Jacobson was delighted to welcome Professor Sir Jonathan Van-Tam as a key note speaker at our recent Health and Care Connect Conference. We are delighted to now share the film of this key note speech together with an article sharing the key insights written by Professor Sir Jonathan Van-Tam himself.
NHS England has published (October 2022) new guidance - Assuring and supporting complex change: Statutory transactions, including mergers and acquisitions.
NHS England has issued an updated (publication 11 October 2022) suite of Complex Change guidance about how it will assure and support proposals for complex change that are reportable to it. New and (where it is still in force) existing Complex Change guidance are as follows.
Created at the end of the Brexit transition period, Retained EU Law is a category of domestic law that consists of EU-derived legislation retained in our domestic legal framework by the European Union (Withdrawal) Act 2018. This was never intended to be a permanent arrangement as parliament promised to deal with retained EU law through the Retained EU Law (Revocation and Reform) Bill (the “Bill”).
It is clear that the digital landscape, often termed cyberspace, is a man-made environment, in which human behaviour dominates and where technology both influences and aids our role in it — through the internet, telecoms and networked computer systems, which are often interdependent. The extent to which any organisation is potentially vulnerable to cyber-attack depends on how well these elements are aligned.
In Mogane v Bradford Teaching Hospitals NHS Foundation Trust the Employment Appeal Tribunal (EAT) considered whether it was fair to dismiss a nurse as redundant on the basis that that her fixed-term contract was due to expire before that of her colleague.
Three months on from the commencement of the new statutory Integrated Care Systems (ICS) Anja Beriro and Gerrard Hanratty reflect on the main themes and issues that have come from the new relationship between local government and health.
The majority of people do not feel the need to embellish their CV to get that coveted position and move on up the career ladder. Their worthiness and benefit to the hiring organisation are easily demonstrated through the recruitment process – application, psychometric testing, selection day or interview.
On Saturday 15 October a wave of light swept the internet when thousands of people flooded social media with pictures of candles to remember the babies that they have lost. This event signifies the end of Baby Loss Awareness Week which aims to break the silence that is associated with baby loss in pregnancy and infancy.
The Coronavirus Act 2020 allowed any registered medical practitioner to sign a medical certificate of cause of death (“MCCD”), even if the deceased was not attended to during his or her last illness and not seen after death, provided that the medical practitioner could state the cause of death to the best of their knowledge and belief.
In our latest Shared Insights session, Focus on Emergency Medicine, chaired by Jennifer Fagin and Amelia Newbold, we were pleased to be joined by: Dr Alex Crowe, Deputy Director Incentive Schemes & Academic Partnerships, NHS Resolution and Consultant Nephrologist and Miss Susie Hewitt MBE, Consultant in Emergency Medicine, University Hospitals of Derby and Burton NHS Foundation Trust.
Browne Jacobson has been ranked as a Top Tier law firm in 25 key practice areas in Legal 500 UK 2023, the independent directory of comparative law firm performance. The firm also continues to underpin its status as one of the leading law firms in the East Midlands region with 16 Tier 1 rankings.
On 7 July this year, NHS England published its statutory guidance for Integrated Care Boards (ICBs) and with it set out the ICBs’ role and responsibilities and how they should collaborate, interact and carry out their anti-fraud, bribery and corruption functions in concert with NHS England.
The Chancellor’s recent mini-budget provided a significant announcement for business as it was confirmed that the off-payroll working rules (known as “IR35”) put in place for public and private sector businesses from 2017 and 2021 will be scrapped from April 2023.
This case provides a reminder to contracting authorities that whilst the bar for an award of damages in procurement cases is high, following the Supreme Court ruling in Energy Solutions EU Ltd v Nuclear Decommissioning Authority [2017] 1 WLR 1373, it is not insurmountable when a contracting authority has acted with disregard to the Public Contracts Regulations 2015 (PCRs). There is also further guidance as to the use of frameworks
Welcome to our August edition of Public Matters, our monthly round-up of legal updates, news and insights for the public sector.
Deprivation of Liberty Safeguards was due to transition to Liberty Protection Safeguards in October 2020 but delayed due to the pandemic. While the public consultation has now closed and we’re still unclear of what the final legislation and code will look like, it’s worth noting and keeping a watching brief.
In this session, our speakers discussed the Fitness to Practise Regime and how we can help.
This will be the first in a series of webinars looking into different areas of care and will focus on elderly care. Our speakers will be looking forward into 2023 and beyond to consider how elderly care may change in the future and will share insights gathered from a round table event held the week before.
As of 21 July, two separate pieces of legislation came into force which seeks to mitigate against strike action. It should come as no surprise that this is a direct response to the rail strikes, which have dominated the news in the last couple of months.
This on-demand webinar is presented by Jacqui Atkinson and Bridget Prosser. What HR issues are on your to-do list and what are the employment law ramifications?
This is an important training course for practising clinicians and any NHS professionals who would benefit from understanding the inquest process, including those working in clinical governance and risk, complaints, family liaison and in-house legal teams.
In this article, we discuss some of the themes we have seen in recent CQC regulation as well as providing an update on the development of their new assessment framework. I will also highlight other key developments in the sector that all providers should be aware of.
This summer saw the publication of a report describing itself as a ‘once in a generation’ opportunity to reset children social care. Based on the current trajectory, the report concluded that 100,000 children would be held in care in the next decade.
This on-demand webinar looks at the Secretary of State’s new powers under the Health & Care Act 2022 & impact on current approach for healthcare providers.
Presented by Gerard Hanratty, this on-demand webinar looks into the key new functions for Integrated Care Systems under the new Health & Care Act 2022. It provides a useful update on what is new, how it may be interpreted and what issues may arise.
This on-demand webinar is suitable for legal and procurement specialists operating within publicly funded contracting authorities.
In this session, our speakers discussed fundamentals of disclosure, general points on disclosure & Post-Pandemic, interested Persons & Patient Safety Incident Response, and how we can help & Takeaway Tips.
The much-anticipated draft Mental Capacity Act Code of Practice and Regulations, including the Liberty Protection Safeguards (“LPS”), has arrived.
The Liberty Protection Safeguards (LPS) were introduced in the Mental Capacity (Amendment) Act 2019 and will replace the Deprivation of Liberty Safeguards (DoLS) system. The LPS framework aims to deliver improved outcomes for people who are or who need to be deprived of their liberty.
Welcome to our latest health newsletter for Summer 2022. We have a packed edition which includes fascinating insights from clients and our own lawyers into the potential impact of the Health and Care Act 2022 and associated DHSC integration policy.
HSIB published its report on Maternal deaths during the first wave of COVID-19. The report takes a closer look at the impact that COVID-19 had during the initial period of March to May 2020.
Browne Jacobson commercial health partner, Jonathan Hayden, speaks to Darren Ramen, UK head of legal at Alliance Medical about the interest surrounding Community Diagnostic Centres (CDCs).
