Law-based and standards-oriented approach for privacy impact assessment in medical devices: a topic for lawyers, engineers and healthcare practitioners in MedTech

• URL: http://arxiv.org/abs/2409.11845v1
• Date: Wed, 18 Sep 2024 09:56:19 GMT
• Title: Law-based and standards-oriented approach for privacy impact assessment in medical devices: a topic for lawyers, engineers and healthcare practitioners in MedTech
• Authors: Yuri R. Ladeia, David M. Pereira,
• Abstract summary: The adoption of non-binding standards like ISO and IEC can harmonize processes by enhancing accountability privacy by design. The study advocates for leveraging both hard law and standards to systematically address privacy and safety in the design and operation of medical devices.
• Score: 0.0
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: Background: The integration of the General Data Protection Regulation (GDPR) and the Medical Device Regulation (MDR) creates complexities in conducting Data Protection Impact Assessments (DPIAs) for medical devices. The adoption of non-binding standards like ISO and IEC can harmonize these processes by enhancing accountability and privacy by design. Methods: This study employs a multidisciplinary literature review, focusing on GDPR and MDR intersection in medical devices that process personal health data. It evaluates key standards, including ISO/IEC 29134 and IEC 62304, to propose a unified approach for DPIAs that aligns with legal and technical frameworks. Results: The analysis reveals the benefits of integrating ISO/IEC standards into DPIAs, which provide detailed guidance on implementing privacy by design, risk assessment, and mitigation strategies specific to medical devices. The proposed framework ensures that DPIAs are living documents, continuously updated to adapt to evolving data protection challenges. Conclusions: A unified approach combining European Union (EU) regulations and international standards offers a robust framework for conducting DPIAs in medical devices. This integration balances security, innovation, and privacy, enhancing compliance and fostering trust in medical technologies. The study advocates for leveraging both hard law and standards to systematically address privacy and safety in the design and operation of medical devices, thereby raising the maturity of the MedTech ecosystem.

Related papers

• A Global Medical Data Security and Privacy Preserving Standards Identification Framework for Electronic Healthcare Consumers [2.57177976232483]
  Different countries have varying standards for the security and privacy of medical data. This paper proposed a novel and comprehensive framework to standardize these rules globally.
  arXiv  Detail & Related papers  (2024-10-04T17:22:55Z)
• Beyond One-Time Validation: A Framework for Adaptive Validation of Prognostic and Diagnostic AI-based Medical Devices [55.319842359034546]
  Existing approaches often fall short in addressing the complexity of practically deploying these devices. The presented framework emphasizes the importance of repeating validation and fine-tuning during deployment. It is positioned within the current US and EU regulatory landscapes.
  arXiv  Detail & Related papers  (2024-09-07T11:13:52Z)
• FEDMEKI: A Benchmark for Scaling Medical Foundation Models via Federated Knowledge Injection [83.54960238236548]
  FEDMEKI not only preserves data privacy but also enhances the capability of medical foundation models. FEDMEKI allows medical foundation models to learn from a broader spectrum of medical knowledge without direct data exposure.
  arXiv  Detail & Related papers  (2024-08-17T15:18:56Z)
• A Qualitative Analysis Framework for mHealth Privacy Practices [0.0]
  This paper introduces a novel framework for the qualitative evaluation of privacy practices in mHealth apps. Our investigation encompasses an analysis of 152 leading mHealth apps on the Android platform. Our findings indicate persistent issues with negligence and misuse of sensitive user information.
  arXiv  Detail & Related papers  (2024-05-28T08:57:52Z)
• The Design and Implementation of a National AI Platform for Public Healthcare in Italy: Implications for Semantics and Interoperability [62.997667081978825]
  The Italian National Health Service is adopting Artificial Intelligence through its technical agencies. Such a vast programme requires special care in formalising the knowledge domain. Questions have been raised about the impact that AI could have on patients, practitioners, and health systems.
  arXiv  Detail & Related papers  (2023-04-24T08:00:02Z)
• MedPerf: Open Benchmarking Platform for Medical Artificial Intelligence using Federated Evaluation [110.31526448744096]
  We argue that unlocking this potential requires a systematic way to measure the performance of medical AI models on large-scale heterogeneous data. We are building MedPerf, an open framework for benchmarking machine learning in the medical domain.
  arXiv  Detail & Related papers  (2021-09-29T18:09:41Z)
• The Medkit-Learn(ing) Environment: Medical Decision Modelling through Simulation [81.72197368690031]
  We present a new benchmarking suite designed specifically for medical sequential decision making. The Medkit-Learn(ing) Environment is a publicly available Python package providing simple and easy access to high-fidelity synthetic medical data.
  arXiv  Detail & Related papers  (2021-06-08T10:38:09Z)
• On Medical Device Cybersecurity Compliance in EU [4.3695508295565775]
  We review the new cybersecurity requirements in the light of currently available guidance documents. We argue that these core concepts form a foundations for cybersecurity compliance in the European Union regulatory framework.
  arXiv  Detail & Related papers  (2021-03-11T17:26:06Z)
• Privacy-preserving medical image analysis [53.4844489668116]
  We present PriMIA, a software framework designed for privacy-preserving machine learning (PPML) in medical imaging. We show significantly better classification performance of a securely aggregated federated learning model compared to human experts on unseen datasets. We empirically evaluate the framework's security against a gradient-based model inversion attack.
  arXiv  Detail & Related papers  (2020-12-10T13:56:00Z)
• Revolutionizing Medical Data Sharing Using Advanced Privacy Enhancing Technologies: Technical, Legal and Ethical Synthesis [5.6324529994086845]
  Homomorphic Encryption and Secure Multiparty Computation (defined together as Multiparty Homomorphic Encryption or MHE) PETs provide a mathematical guarantee of privacy, with MHE providing performance advantage over separately using HE or SMC. We explain how MHE can reduce the reliance on customized contractual measures between institutions.
  arXiv  Detail & Related papers  (2020-10-27T17:03:28Z)
• Application of Intelligent Multi Agent Based Systems For E-Healthcare Security [0.0]
  In recent years, availability and usage of extensive systems for Electronic Healthcare Record (EHR) is increased. In order to enhance the standard of the services provided in healthcare, these records where shared and can be used by various users depends on their requirements. notable issues in the security and privacy where obtained which should be monitored and removed. A novel Intelligent-based Access Control Security Model (IBAC) based on multi agents is proposed to maintain and support the security and privacy of E-healthcare systems.
  arXiv  Detail & Related papers  (2020-04-02T20:53:21Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.