Challenges to the EU-US Privacy Shield- What are the legal issues and how might these affect cloud-based medical AI technologies?

Timo Minssen*, Claudia Seitz, Mateo Aboy, Marcelo Corrales Compagnucci

*Corresponding author for this work

Abstract

Cloud-based medical AI-technologies rely on effective and robust legal frameworks for international data transfer. This is not always simple to achieve as it can be illustrated in the United States (US)–European Union (EU) context. Due to the lack of general data protection law at the federal level, the US currently does not have a general “adequacy decision” from the European Commission (EC) to enable EU-US cross-border data transfers without the need for additional data protection safeguards. As a fallback, a “limited adequacy” decision was adopted in 2016 on the so-called “EU-US Privacy Shield Framework.” This framework protects the fundamental rights of natural persons in the EU and allows the free transfer of personal data to companies that are certified under the EU-US Privacy Shield. However, the EU-US Privacy Shield has been recently contested at the Court of Justice of the European Union (CJEU). This paper analyzes the EU-US Privacy Shield Framework, the associated legal challenges, and how these might affect organizations deploying or implementing cloud-based medical AI technologies relying on cross-border data transfers from EU data subjects .

Original languageEnglish
JournalEuropean Pharmaceutical Law Review
Number of pages19
ISSN2511-7157
Publication statusSubmitted - 21 Nov 2019

Fingerprint

Dive into the research topics of 'Challenges to the EU-US Privacy Shield- What are the legal issues and how might these affect cloud-based medical AI technologies?'. Together they form a unique fingerprint.

Cite this