Legal Aspects of Patient Data Governance in Digital Health: A Comparative Analytical Study of UAE and Indonesian Legislation

Abstract

This study provides a comparative legal analysis of the United Arab Emirates (UAE) and Indonesia regarding the regulation of digital health technologies, particularly electronic medical records (EMR) and artificial intelligence (AI). It examines core legal dimensions including data security, patient consent, monitoring mechanisms, and data ownership. Although both countries have adopted ambitious digital health strategies, the UAE has developed a more comprehensive and integrated regulatory framework through Federal Law No. 2 of 2019 on the Use of Information and Communication Technology in Health Fields and the Personal Data Protection Law No. 45 of 2021. These instruments ensure stricter data protection, structured access control, encryption standards, and regular audit mechanisms. In contrast, Indonesia, despite the enactment of Minister of Health Regulation No. 24 of 2022 and Law No. 27 of 2022 on Personal Data Protection, still faces challenges in enforcement, interoperability, and accountability. The findings highlight the need for Indonesia to strengthen its legal and institutional infrastructure to ensure compliance, enhance data privacy, and promote patient trust in digital health systems. Drawing lessons from the UAE experience, the study proposes policy reforms aimed at aligning Indonesia’s legal framework with international standards and fostering a secure, ethical, and innovation-oriented digital health environment.

Ähnliche Arbeiten