📊
Data Governance Playbook
  • Health data governance: a playbook for non-technical leaders
    • Why data governance is important in healthcare
    • Who is this playbook for?
    • How to use this playbook
    • Other related resources
  • Index
  • Play one: Implementing data governance in healthcare
    • The value of data governance for data-informed healthcare projects
    • How to implement a data governance framework for a healthcare organisation or project
      • 1. Data assets
      • 2. People
      • 3. Policies and processes
      • 4. Standards and technologies
    • Resources relating to this play
  • Play two: Understanding and mapping health data ecosystems
    • Data ecosystems in healthcare
    • Data governance and trustworthy data ecosystems
    • Mapping the data ecosystem
      • Use case 1: Mapping the ecosystem of a Covid-19 symptom tracker in the UK
      • Use case 2: Identifying current stakeholders to reduce snakebite mortality and morbidity in India
    • Resources related to this play
  • Play three: Roles and responsibilities in health data governance
    • Roles involved in health data governance
      • Senior data leader
      • Health system leader
      • Policy leader
      • Health project partner
      • Governmental body
      • Senior executive leader
    • How to enlist support from stakeholders
    • Resources relating to this play
  • Play four: Making data interoperable
    • What is interoperability and how is it relevant to healthcare?
    • Standards for data and interoperability
    • Existing standards for data
    • Data adaptors
    • When to use an adaptor
    • Resources relating to this play
  • Play five: Demonstrating the value of health data governance: case studies
    • Primary care data use: MedMij platform
    • Using research data: INSIGHT Health Data Research Hub
    • Using healthcare data for other purposes: Infectious Diseases Data Observatory
  • Play six: Emerging uses of data and technology in the health sector
    • Emerging uses of health data
    • Emerging technologies to support health data management
    • Resources relating to this play
  • Play seven: Assessing the legal, regulatory and policy context for sharing health data
    • Data protection laws and policies
    • Intellectual property
    • Other regulations and laws impacting use of health data
    • Socio-cultural norms
    • Resources relating to this play
  • Play eight: Managing risks when handling personal data
    • Managing personal data responsibly and ethically in healthcare projects
    • What is personal data?
    • Data protection regulations
    • Recognising personal data in healthcare projects
    • Impacts from use of healthcare data
    • Minimising risk - practical approaches
    • Appendix: Risks from personal data exposure and how harms can be mitigated
  • Play nine: How to set up successful data sharing partnerships
    • Understanding how data sharing occurs in the health sector
    • A step-by-step guide to setting up successful data sharing partnerships
      • Step 1. Understand the purpose of sharing data, and with whom
      • Step 2. Define the principles that will guide how data is shared
      • Step 3. Build and maintain relationships with your data sharing partners
    • Appendix: International frameworks for data sharing principles
    • Resources relating to this play
  • Play ten: Sharing health data: data agreements and technologies
    • Common types of data sharing agreements
    • How to choose the best method of sharing data
      • Step 1: Decide how widely you need or want to share data
      • Step 2: Decide on the type of agreement required for sharing data
      • Step 3. Consider how technology can facilitate data sharing and access
    • Appendix: Choosing technology to support data sharing and access
    • Resources relating to this play
  • Play eleven: Cross-border data sharing
    • What is cross-border data sharing?
    • Current trends and global discussions on cross-border data sharing
    • Overcoming challenges with cross-border data sharing
  • How to support trustworthy data sharing: Checklist
  • Slides to communicate the benefits of data governance to key health stakeholders
Powered by GitBook
On this page

Was this helpful?

  1. Play seven: Assessing the legal, regulatory and policy context for sharing health data

Data protection laws and policies

PreviousPlay seven: Assessing the legal, regulatory and policy context for sharing health dataNextIntellectual property

Last updated 3 years ago

Was this helpful?

There are a number of resources available that can help you understand which laws and regulations are applicable in which geographies (your jurisdiction), for example:

  • The explains how data protection regulations are applied for European citizens. The EU's is an extraterritorial legislation, meaning it is applied to any entity in any country that is managing the data of European citizens, even if that entity does not have an office or base in Europe.

  • The maps describes data protection laws globally.

  • The are also useful for understanding the key provisions of data protection legislation in each country.

Key questions to ask:

  • In which countries will the project collect, access, use or share data? How many jurisdictions will the project cover? Will data be stored or processed in a different jurisdiction from where the organisation is located?

  • What are the main privacy or data protection laws, policies and regulations that may impact the collection, access, use or sharing of personal data and/or anonymised data between different organisations in your jurisdiction or across jurisdictions?

  • Which organisations are responsible for enforcing data protection laws and other laws that might affect the use of health data? For example, the Information Commissioner's Office (ICO) in the UK.

  • What consent or legal basis is needed to collect, access,use or share existing health data? Are there conditions under which data may be shared without explicit consent, for example for public health emergencies or for non-profit research?

Useful resources:

  • The DLA Piper of data protection laws of the world.

  • OneTrust for privacy and regulatory context research.

  • A describing the ‘personal health train’, and defining data protocols and considerations based on FAIR principles and securing privacy.

Assessment of the EU Member States’ rules on health data in the light of GDPR report
General Data Protection Regulation (GDPR)
International Association of Privacy Professionals’ (IAPP) privacy law mapping chart
United Nations Conference on Trade and Development's data privacy regulation trackers
database
DataGuidance resources
video