The way the General Data Protection Regulation (GDPR) is interpreted in Ireland is a “disgrace” and is not serving the best interests of patients or the health system, according to the scientific director of the UK Health Data Research Hub for Cancer.
Speaking at the recent Smart Health Summit, Mark Lawler, professor of digital health at Queen’s University Belfast, said the interpretation and enforcement of GDPR in this jurisdiction has contributed to Ireland lagging behind countries in relation to data-driven healthcare.
“If you look at the way in which [GDPR] is interpreted in other parts of the European Union, it is pro using data to drive research and innovation, to drive better health care and better outcomes,” he said.
He highlighted advances in Northern Ireland as examples of how valuable data collection is to healthcare planning.
“We looked at the impact of COVID-19 on cancer services and cancer patients. In Northern Ireland, we were able to take data from five trusts in real time and link it to data from the rest of the UK to show that seven in 10 people who were being referred with suspicious symptoms were not getting to see their cancer specialist and four out of 10 were not receiving their treatment at the right time.
“If I tried to do that in Ireland, I’d still be trying to do it. That’s the reality. It’s not fair on patients, it’s not fair on the system. It’s not fair on the Department of Health and it’s not fair on researchers. It just does not make any sense.”
Prof Lawler’s views were echoed by the secretary general of the Department of Health, Robert Watt, who said legislators need to go back to the drawing board on the regulations.
“[GDPR] is being used now as a reason not to do things, as an excuse not to share data, even though, in my view, the safeguards provided in the existing legislative framework are more than adequate for us to be able to share data in a safe way to deliver the things we want to deliver,” Mr Watt said.
“If we are serious about [healthcare] reform, we have to be honest about some of the barriers and an overly cautious approach to GDPR, in my view, is a significant issue.
“We have to ask ourselves, why is Ireland a laggard. It’s not just money. We have to be honest with ourselves. It’s ambition, leadership, structure, and it is GDPR.”