On 20 November 2022, the Saudi Data and Artificial Intelligence Authority launched a public consultation on proposed amendments to the Personal Data Protection Law, promulgated by Royal Decree No. M/19, dated 09/02/1443H, which was originally published on 24 September 2021.
The public consultation will remain open up until 20 December 2022 and all organizations are invited to submit their comments by that date.
On 30 June 2022, the Government of Abu Dhabi Department of Health (DoH) issued Circular No. 147 of 2022 requiring health and pharmaceutical facilities licensed by the DoH (“Licensed Entities”) to obtain a “secure” or “safe” certificate that certifies they operate in full compliance with the requirements of the Abu Dhabi Standard for Health Information Security and Cyber Security Standards (“Standards”). Licensed Entities have until the end of this year (i.e., by 31 December 2022) to complete an audit process to verify their self-certification with the Standards.
The Circular also states that Licensed Entities are urged to apply stricter cybersecurity controls, including to ensure health data is not transmitted outside of the UAE and to discontinue the use of any cloud-based services that store or utilize health data, irrespective of whether that solution is hosted within or outside the UAE.
Explore Data PULSE, a platform which helps you to navigate the complex landscape of data, regulatory and IP protection concerns at each stage of the medical product life cycle. As you navigate through each key issue, Data PULSE will help you to identify and mitigate risks across multiple jurisdictions and optimize your strategy through research, market authorization and post-market study phases.
On 10 March 2022, the National Data Management Office (NDMO) published for consultation a draft of the executive regulations (“Regulations”) to the Personal Data Protection Law, promulgated by Royal Decree No. M/19, dated 09/02/1443H (PDPL). The consultation invites comments on the Regulations and will close on 25 March 2022. The timing suggests that the publication of the final version of the Regulations is likely to occur later than the previously advised date of 23 March 2022.
To highlight data security and privacy laws and developments that are already in place, or in progress, in Africa, the new Baker McKenzie Africa Data Security and Privacy Guide outlines information on country-specific data privacy and security laws in 11 countries in Africa – Ghana, Kenya, Madagascar, Mauritius, Morocco, Nigeria, Rwanda, South Africa, Togo, Uganda and Zimbabwe
On 27 November 2021, the UAE published the long awaited UAE Personal Data Protection Law, Federal Law 45 of 2021 on Personal Data Protection. The development signifies a landmark in the evolution of the UAE’s regulatory framework and lays the foundation for the modernization of the economy and digitization of the country’s growth sectors.
On 24 September 2021, the long anticipated Personal Data Protection Law, promulgated by Royal Decree No. M/19, dated 09/02/1443H (corresponding to 16 September 2021), was published in the Saudi Official Gazette. The Law was developed by the Saudi Data and Artificial Intelligence Authority, which will be the competent governmental authority to administer the Law for a period of two years but it may thereafter transfer such competence to the National Data Management Office.
The UAE’s Ministry of Health and Prevention (MoHAP) has issued a long awaited resolution setting out exceptions to Article 13 of Federal Law No. 2 of 2019 (“Health Data Law”), which by default prohibits the transfer, storage, generation or processing of health data that relates to health services provided in the UAE (“UAE Health Data”) outside of the UAE.
After several years of debate, the Egyptian government has introduced the Republic’s first standalone data protection law, which aims to regulate and protect citizens’ data online. On 15 July 2020, Resolution No. 151 of 2020 (the Law) (available in Arabic here) was published in the Official Gazette. The provisions under the new Law are modeled on the EU General Data Protection Regulation (GDPR) and the Law adopts similar concepts and definitions. It is hoped that the new Law will help Egypt attract foreign investment by increasing consumer confidence in electronic data processing and setting clear parameters for companies looking to capitalize on the growth of the digital economy.
As the 2019 Novel Coronavirus (COVID-19) continues to spread across the world, governments are actively working with global and local health authorities to implement nationwide measures to help curb transmission and mitigate virus-related risks as well as offer relief for businesses and individuals in these challenging times. In response, businesses…