Health Data Privacy under the GDPR Big Data Challenges and Regulatory Responses Routledge Research in the Law of Emerging Technologies Series

The growth of data-collecting goods and services, such as ehealth and mhealth apps, smart watches, mobile fitness and dieting apps, electronic skin and ingestible tech, combined with recent technological developments such as increased capacity of data storage, artificial intelligence and smart algorithms, has spawned a big data revolution that has reshaped how we understand and approach health data. Recently the COVID-19 pandemic has foregrounded a variety of data privacy issues. The collection, storage, sharing and analysis of health- related data raises major legal and ethical questions relating to privacy, data protection, profiling, discrimination, surveillance, personal autonomy and dignity.

This book examines health privacy questions in light of the General Data Protection Regulation (GDPR) and the general data privacy legal framework of the European Union (EU). The GDPR is a complex and evolving body of law that aims to deal with several technological and societal health data privacy problems, while safeguarding public health interests and addressing its internal gaps and uncertainties. The book answers a diverse range of questions including: What role can the GDPR play in regulating health surveillance and big (health) data analytics? Can it catch up with internet-age developments? Are the solutions to the challenges posed by big health data to be found in the law? Does the GDPR provide adequate tools and mechanisms to ensure public health objectives and the effective protection of privacy? How does the GDPR deal with data that concern children?s health and academic research?

By analysing a number of diverse questions concerning big health data under the GDPR from various perspectives, this book will appeal to those interested in privacy, data protection, big data, health sciences, information technology, the GDPR, EU and human rights law.

Section 1
Health Data Privacy under the GDPR

Chapter 1
The GDPR and (Big) Health Data: Assessing the EU Legislator’s Choices

Maria Tzanou, Keele University, UK

Chapter 2
Attribution of Responsibility under the GDPR in the Context of Health Data Processing

Yordanka Ivanova, Sofia University St. Kliment Ohridski, Bulgaria, and Vrije Universiteit Brussel, Belgium

Chapter 3
Healthcare data about children in social media: the challenges raised under the GDPR

Rosemary Jay, Hunton Andrews Kurth, UK

Chapter 4
European-wide Big Health Data Analytics under the GDPR

Jos Dumortier, KU Leuven and Timelex Lawyers, Brussels, Belgium

Mahault Piéchaud Boura, Timelex Lawyers, Brussels, Belgium

Chapter 5

Privacy Issues in eHealth and mHealth Apps

Beatriz Sainz-de-Abajo, University of Valladolid, Spain

Isabel de la Torre-Díez, University of Valladolid, Spain

Susel Góngora-Alonso, University of Valladolid, Spain

Miguel López-Coronado, University of Valladolid, Spain

Section 2
A Critical Assessment of the GDPR’s Regulatory Solutions

Chapter 6

Regulating non-personal data in the age of Big Data

Bart van der Sloot, Tilburg University, the Netherlands

Chapter 7

Addressing Big Data and AI Challenges: A Taxonomy and Why the GDPR Cannot Provide a One-size-fits-all Solution

Maria Tzanou, Keele University, UK

Chapter 8

The GDPR, AI and the NHS Code of Conduct for Data-Driven Health and Care Technology

Joseph Savirimuthu, University of Liverpool, UK

Dr. Maria Tzanou is Senior Lecturer in Law at Keele University, United Kingdom.