Healthcare entities should immediately assess whether Federal Law No. 2 of 2019 applies to their practices.

By Brian A. Meenagh

On 6 February 2019, the President of the United Arab Emirates (UAE) in conjunction with the UAE Minister of Health and Prevention (the Minister) issued a new law on the use of information and communications technology (ICT) in health fields in the UAE. Federal Law No. 2 of 2019 (the Law) entered into effect in May 2019 and will likely affect the activities of a number of entities operating in the healthcare sector in the UAE, including healthcare service providers, life sciences companies, cloud service providers, healthcare IT systems suppliers, and medical insurance providers.

The Law sets out high-level obligations and restrictions but delegates a significant amount of detail on the application of the Law — and, importantly, carve-outs to the application of the Law — to implementing regulations, professional guides, and decisions from the Minister. Such implementing regulations, professional guides, and Ministerial decisions will be key to providing affected entities with a full understanding of the Law.

This Client Alert sets out the five key features of the law with respect to its application to entities that collect, process, and store healthcare data in the UAE; identifies the matters that will be further clarified by the implementing regulations, professional guides, and Ministerial decisions; and flags additional issues that are likely to be addressed in future regulations and guidance.

This post was prepared with the assistance of Avinash Balendran.