The creation of adata protection policy: aguide to telemedicine healthcare projects

Abstract

In Germany, an increasing number of telemedical pilot projects are in the implementation phase. All these projects have in common that they continuously produce, store, and exchange highly sensitive digital data. Abasic prerequisite for projects implemented in conformity with the law is acomprehensive data protection concept, especially after the introduction of the European Data Protection Regulation (DSGVO) in May 2018.The preparation of adata protection concept for atelemedical project is illustrated in this article using the example of the care project "Virtual Diabetes Outpatient Clinic for Children and Adolescents" (ViDiKi), which started on 1 April 2017 and is funded by the Innovation Fund of the Joint Federal Committee (G-BA). Firstly, the legal basis for data protection and the related challenges in the application of new communication technologies are explained. Subsequently, the creation and structure of the data protection concept are described.The data protection concept for aproject is constantly changing. It must be audited and regularly evaluated to ensure the security of patient data and to regulate data flows, data storage, and data processing. In practice, asecure and legally compliant exchange of data between study participants and physicians can thus be achieved.