The UAE Department of Health Abu Dhabi has formally launched its audit program to assess the compliance of licensed entities and professionals with its suite of data privacy and information security standards, including the Abu Dhabi Healthcare Information and Cyber Security Standard. As well as allowing the Department of Health to identify areas for improvement, such audits also increase the risk of penalties for regulated entities who are yet to embed these standards in their operations.
Digital service providers should be ready to demonstrate that their services comply with the law and to answer more specific questions linked to the security features of their services, including authentication processes, levels of encryption and vulnerability and incident management processes. Data localisation will, in many cases, be a more sensitive issue but must be addressed as we can also expect to see an increase in the number of requests to configure (or reconfigure) digital services so that health data does not leave the UAE.
The Department of Health Abu Dhabi, DoH, has launched the "AAMEN" audit programme, which aims to ensure that all healthcare facilities in the Emirate of Abu Dhabi are compliant with the information security and data privacy standards required to protect sensitive patient healthcare data. This is in line with its ongoing efforts to further ensure the highest levels of data privacy and information security. The first stage of the programme will target 60 healthcare facilities, which are set to be audited before the end of the year. The next phases of the programme will see expansion of auditing to include all healthcare facilities in the emirate.
