Exploring Regulatory Interplay in the Health Internet of Everything: Digital Health Technologies, Data Protection and Cybersecurity.

Abstract

Against the backdrop of interconnected devices, people, and processes in the Internet of Everything (IoE) an examination of the MDR (Regulation (EU) 2017/745 of the European Parliament and of the Council of 5 April 2017 on medical devices, amending Directive 2001/83/EC, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009 and repealing Council Directives 90/385/EEC and 93/42/EE), data protection and cybersecurity rules are carried out with respect to medical devices' privacy and security. The legal analysis therefore investigates how and to what extent the MDR could cope with the copious challenges of cybersecurity and data protection in the IoE of medical devices. The article sheds light on how the MDR sets a minimal standard of requirements for medical device safety and security. In this respect, an unexpected and complicated regulatory interplay is discussed providing for a well-coordinated approach for digital health technologies. Finally, the article discusses several key points of the proposed EU AI Regulation considering digital health technologies.