Data collection via IT tools in the healthcare industry isn’t a terribly new concept, but it’s still something that hospitals and clinics have yet to fully take advantage of. With that being said, a new law set to came into effect in May 2018 may change the way industries across the board collect and manage private data.

The IoT revolution in healthcare

The concept of “IoT” (the Internet of Things) has essentially taken every industry by storm. IoT makes reference to the billions upon billions of devices that have been connected to the internet, collecting and distributing data.

With the mass production of cheap processors and the wide availability of wireless internet, practically any device nowadays can be connected to the web. This is why the Internet of Things presents countless possibilities for the healthcare industry.

The IoT can enable hospitals to track and monitor patients the moment they arrive for care, allowing for real-time data to automatically update patient records without the need of hospital staff, such as nurses, to update charts. The IoT also allows hospitals to keep track of expensive equipment more efficiently.

An example of IoT in healthcare is a service offered to diabetics called the Diabetes Digital Coach. It’s an e-learning system designed to aid patients struggling with diabetes to better manage their condition. This technology links to internet-enabled glucose monitors, keeping the user connected to the web at all times and providing real time feedback.

Tools such as the aforementioned make data gathering simplified and improves patient education so they can take decisive action in the moment.

Where does GDPR factor into the equation?

While data collection shows massive promise for revolutionizing healthcare, the General Data Protection Regulation (GDPR) may prove to be a roadblock of sorts for many medical institutions.

The GDPR, which went into effect on May 25th, 2018 tightens Europe’s laws on what companies can and can’t do with people’s data. It gives average citizens more control over how their data is collected and forces companies to provide justification for how they handle private data.

While the GDPR is European legislation its effects span the globe. This is because every organization that collects and monitors the data of European citizens must adhere to the guidelines set forth by this new legislation.

What does this mean for healthcare?

Hospitals and clinics will now be required to provide more “opt-in” options for patients before personal data can be used. That likely means the number of “pre-ticked” boxes on healthcare websites will appear less frequently, and medical institutions will be compelled to use more straightforward language to ensure patients grasp a full meaning of everything they’re reading.

The GDPR also allows for patients to have the right to be forgotten. That means patients can request their personal files be deleted if so desired.  If a company decides not to comply with the GDPR they will be mandated by law to pay a fine of €20 million (USD 24 million) or 4% of their annual turnover, whichever is greater.

What can healthcare do to adapt?

The healthcare industry finds itself in a precarious situation. On the one hand, data collection is easier than ever due to increasingly sophisticated IT tools. On the other hand, the globe-spanning effects of GDPR will greatly regulate how this information is collected and used.

As of this time, the guidelines of the GDPR are still fuzzy, but it’s safe to assume that industries that start making preparations now should have nothing to fear. Those that don’t make the proper preparations, however, will face the consequences come May this year.

Author: Laszlo Varga