Book an appointment with us, or search the directory to find the right lawyer for you directly through the app.
Find out moreThis comprehensive guide is designed to help you navigate the intricate landscape of family business and private wealth in the Middle East, where family businesses constitute approximately 60% of GDP and employ 80% of the workforce in the GCC, offering unparalleled opportunities for wealth creation and preservation.
Packed with insights, strategies, and expert advice from our talented lawyers, Legacy provides tailored solutions to the unique challenges of asset protection, succession planning, and dispute resolution in this dynamic region.Read the publication and equip yourself with the knowledge and tools necessary to thrive, whether you’re a seasoned investor, a family business owner, part of the next generation, or a newcomer exploring opportunities in the region.
Read NowThe Abu Dhabi Department of Health (“DoH”) has published a Circular (DoH Circular No. (71) of 2020) which states that it will be initiating an audit program to ensure that all healthcare entities in the Emirate of Abu Dhabi are complying with the Abu Dhabi Healthcare Information and Cyber Security Standards (“ADHICS Standards”).
DoH issued the ADHICS Standards on 3 February 2019 to ensure that the healthcare sector in Abu Dhabi harmonises its practices regarding privacy and information security to meet international standards and complement the Abu Dhabi Government’s Policy on the Healthcare Information Exchange (“HIE”) (dated 29/11/2018) to enhance the safety and security of health information.
Effectively there was a 12-month transition period to comply with the ADHICs standards.
The healthcare information and cyber security requirements within ADHICS Standards include standards for the following:
A significant control in the ADHICS Standards is Section CM 4.2 which provides that no healthcare entity can use cloud services or infrastructure to store, process or share information that contain the health information of a patient.
The control further states that healthcare entities must identify and disconnect integration of a system that processes, stores or utilises health information with any systems that connect or utilise cloud services and not share identified or de-identified health information with third parties, inclusive of counterparts and partners, unless authorised by the DoH.
The audit program will be undertaken by the Emirates Classification Society (TASNEEF) through their subsidiary TASNEEF-RINA Business Assurance (TRBA).
The audit program will be conducted in three year cycles, where in the first year of the cycle, there will be an audit conducted by TRBA to check for compliance with ADHICS, where a conformance certificate will be awarded.
In the second and third year of the cycle, there will be a surveillance audit to check for compliance with ADHICS, but no certification is provided for surveillance audits.
For more information regarding compliance with ADHICS Standards, Al Tamimi & Company’s Healthcare Sector and Technology, Media & Telecommunications teams regularly advise on laws and regulations impacting the healthcare sector. For further information please contact healthcare@tamimi.com.
Andrea Tithecott
Partner, Head of Regulatory, Head of Healthcare
a.tithecott@tamimi.com
Andrew Fawcett
Senior Counsel, Technology, Media & Telecommunications
a.fawcett@tamimi.com
To learn more about our services and get the latest legal insights from across the Middle East and North Africa region, click on the link below.