Healthcare advisory services

Healthcare Quality Improvement Act of 1986 (HCQIA)

The Healthcare Quality Improvement Act (HCQIA) provides immunity for medical professionals and institutions during conduct assessments. The law originated partially due to a Supreme Court ruling involving abuse of the physician peer review process. To date, HCQIA continues to evolve as the act arises in courtrooms and justices deliver new rulings. Legislators enacted the law to protect medical professionals from peer review-related lawsuits and to encourage physicians to file official complaints after encountering unprofessional and dangerous peer conduct.

Patient Safety and Quality Improvement Act (PSQIA) of 2005

The Patient Safety and Quality Improvement Act (PSQIA) protects health care workers who report unsafe conditions. Legislators created the law to encourage the reporting of medical errors, while maintaining patients’ confidentially rights. To ensure patient privacy, the HHS levies fines for confidentially breaches. The law also authorizes the Agency for Healthcare Research and Quality (AHRQ) to publish a list of patient safety organizations (PSOs) that record and analyse patient safety data. The Office for Civil Rights (OCR) enforces the law among national health care facilities.

The EU revised the laws governing medical devices and in vitro diagnostics to align with the developments of the sector over the last 20 years. The priority was to ensure a robust, transparent and sustainable regulatory framework and maintain a high level of safety, while supporting innovation. Two new regulations of the preceding on medical devices and in vitro diagnostic medical devices entered into force in May 2017. With effect from 26 May 2021, Regulation (EU) 2017/745Search for available translations of the preceding of the European Parliament and of the Council of 5 April 2017 on medical devices replaced Council Directive 90/385/EECSearch for available translations of the preceding on active implantable medical devices and Council Directive 93/42/EEC of the preceding on medical devices.  With effect from 26 May 2022, Regulation (EU) 2017/746Search for available translations of the preceding of the European Parliament and of the Council of 5 April 2017 on in vitro diagnostic medical devices replaces Directive 98/79/EC of the European Parliament and of the Council of the preceding on in vitro diagnostic medical devices after a transition period. Read the press release from the European Commission of the preceding  In order to get ready for the new regulations of the preceding the Commission prepared detailed information for all actors involved. 

The NHS Long Term Plan, published in January 2019, set out a 10-year practical program of phased improvements to NHS services and outcomes, including a number of specific commitments to invest the agreed NHS five-year revenue settlement. This Implementation Framework sets out the approach Sustainability and Transformation Partnerships (STPs)/Integrated Care Systems (ICSs) are asked to take to create their five-year strategic plans by November 2019 covering the period 2019/20 to 2023/24. These plans should be based on realistic workforce assumptions and deliver all the commitments within the Long-Term Plan.

The PHMC Act

  The PHMC Act and its subsidiary legislation promulgated the minimum standards for maintaining a healthcare service. These standards relate mainly to the general maintenance of the facilities, medical record keeping, drug storage, infection control, medical and nursing manpower, and fire safety.

The HCSA  

The HCSA was enacted in January 2020 to replace the current PHMCA with a more flexible and modular services-based licensing regime, and to enhance patient welfare, safety, and continuity of care. The HCSA will be implemented for Licensees in three phases, outlined in Annex A. In the interim, existing PHMCA Licensees not rolled over into HCSA will continue to be subject to the prevailing Regulations and requirements under the PHMCA. 

Singapore’s HEALTHCARE CYBERSECURITY ESSENTIALS (HCSE)  

 In the Ministry of Health (MOH)’s Cybersecurity Advisory to all licensees under the Private Hospitals and Medical Clinics Act (PHMCA) on 8 Feb 2021, MOH shared a set of cybersecurity measures in response to the SolarWinds supply chain attack to safeguard and ensure the integrity of personal and medical data within medical records, so as to be compliant with the PHMC Regulations and the Personal Data Protection Act (PDPA). MOH also indicated that they will be releasing a set of guidance to help licensees improve the cybersecurity of their IT systems. 

As of 25 November 2014, the Japanese Pharmaceutical Affairs Law (also known as PAL) was revised, with its title changed to the “Act on Securing Quality, Efficacy and Safety of Pharmaceuticals, Medical Devices, Regenerative and Cellular Therapy Products, Gene Therapy Products, and Cosmetics” (abbreviated as the PMD Act). The PMD Act provides the legal framework for the regulation of medical devices, in vitro diagnostic reagents, pharmaceuticals, drugs and cosmetic products as well as regenerative and cellular therapy products in the Japanese market. Administration and oversight of the PMD Act legal framework is the responsibility of Japan’s Ministry of Health, Labour and Welfare (MHLW). Pharmaceuticals and Medical Devices Agency (PMDA) is Japan's regulatory agency that works together with MHLW. It conducts scientific assessments of marketing application of pharmaceuticals and medical devices, monitoring their post marketing safety.   

Australian Department of health set standards for the products and services you use and we then check regularly to make sure those standards are being met. For example: 

The Therapeutic Goods Administration Australia’s largest regulator the 

Therapeutic Goods Administration looks at prescription medicines, vaccines, sunscreens, vitamins and minerals, medical devices, blood and blood products 

The Aged Care Quality and Safety Commissioner The Aged Care Quality and Safety Commissioner looks into the quality of care or services being delivered to people receiving aged care services

 Ombudsman  The Private Health Insurance Ombudsman protects the interests of private health insurance consumers. Regulation activities can include accreditation of individuals and organisations, monitoring, reviews, investigations and complaints. 

DOH launched new regulations in the past few years applicable to the healthcare providers in different domains such as (JDC)the data certification for the payers/payee, (AAMEN) for the information security and the data privacy.  Abu Dhabi Healthcare Information Security Program (ADHICS) The Abu Dhabi Healthcare Information Security Program - AAMEN, aims to ensure that all healthcare facilities in the Emirate of Abu Dhabi are compliant with the information security and data privacy standards required to protect sensitive patient healthcare data. The program allows Department of Health to evaluate healthcare facilities for their compliance against the highest standards of information security, and provides the support needed to achieve world-class patient data privacy, securing the confidentiality of health information in its different forms, maintaining its accuracy and ensuring its accessibility.   

THE STRATEGY:

Abu Dhabi Healthcare Information and Cyber Security Strategy As part of AAMEN program the Department of Health has released Abu Dhabi Healthcare Information and Cyber Security Strategy to serve as a framework that defines the important principles that guide the unique and comprehensive approach to continue enhancing the preparedness of Abu Dhabi’s healthcare sector to mitigate cyber threats securely and effectively. Department of Health is the first entity in the region to develop such strategy for the healthcare sector. It is part of ongoing efforts to further enhance information infrastructure of the healthcare sector. The new strategy will contribute to putting in place a cohesive and proactive response framework related to the current and future healthcare cybersecurity challenges for the Emirate of Abu Dhabi, while remaining focused on digital transformation through enabling technology, innovation and AI adoption in the healthcare sector of the emirate.

 The strategy consists of six key areas of focus: Cyber Security Governance Cyber Security Resilience Cyber Security Capabilities Cyber Security Partnerships Cyber Security Maturity Cyber Security Innovation   AAMEN Program Initiatives As part of AAMEN Program, Department of Health has developed the following instruments setting the minimum cybersecurity protection requirements stakeholders must comply with… 

ADHICS 

ADHICS stands for “Abu Dhabi Health Information and Cyber Security” Healthcare facilities are required to meet the standard requirements in order to integrate within the new 'Malaffi' system. The standard is mandatory for licensing healthcare practitioners and facilities.   

Malaffi  

Malaffi is the region’s first Health Information Exchange platform, that safely and securely connects public and private healthcare providers in the Emirate of Abu Dhabi. Malaffi enables the meaningful, real-time exchange of important patient health information between the healthcare providers, creating a centralized database of unified patient records, improving healthcare quality and patient outcomes. Malaffi (Arabic for ‘my file’), is operated by Abu Dhabi Health Data Services – Sole Proprietorship LLC (ADHDS), established as Public Private Partnership (PPP) between the Department of Health – Abu Dhabi (DOH) and Injazat, a regional leader in digital transformation, cloud, and cyber security. As part of the DOH’s strategic priorities, Malaffi is a key component of the digital transformation of the healthcare system in Abu Dhabi. With universal, Emirate-wide participation of facilities and patients, every medical interaction a patient has, from a routine checkup, consultation or emergency treatment, to laboratory tests or radiology reports, is now collated in their personal file, with their medical history safely and securely stored and instantly accessible when needed. By providing instant access to the patient’s longitudinal medical file, Malaffi facilitates the making of better-informed and more efficient clinical decisions, enhances coordination and transition of care, reduces unnecessary duplication of tests and procedures, reduces the risk of medical error, and improve patient safety and experience. As a centralized database of robust population health information, Malaffi informs and drives the DOH’s public health initiatives for a healthier Abu Dhabi. In the future, using AI technology and machine learning, Malaffi will increasingly be used to reduce disease progression, promote improved health outcomes and, ultimately, prolong life. 

Data Privacy Patient Healthcare Data Privacy Standard act as the general data protection regulation in the emirate to safeguard and protect the privacy of the patients and stakeholders in the healthcare sector.   

IoMT

 Internet Of Medical Things Security Standard     As part of AAMEN program initiatives DoH seeks to strengthen the emirates healthcare sector cybersecurity, through partnering with the Abu Dhabi healthcare sector CERT team to mitigate the cyber risk proactively while creating a solid infrastructure and an ecosystem for information sharing, as well as facilitating and ensuring business continuity. Abu Dhabi Healthcare Computer Emergency Response Team – Healthcare CERT As part of AAMEN program initiatives Department of Health seeks to strengthen the emirate's healthcare sector cybersecurity, by establishing Abu Dhabi Healthcare CERT. The main goal of the Healthcare CERT, from a cybersecurity perspective, is to protect information, and the ability of critical infrastructures to continue to function. It typically monitors incidents at a sector level, identifies incidents that could affect critical infrastructures, warns critical stakeholders about computer security threats, and helps to build organizational CERTs in the public and private sectors.

Dubai Telehealth Standard   The advancements in medical and communications technology has had a profound impact on the healthcare services globally. Telehealth offers the opportunity to improve the delivery and accessibility of healthcare services at low cost. It also provides the means for leveraging scarce resources and improving care and access for patients in remote areas. The appropriate application of telehealth technologies can enhance the provision of healthcare services by facilitating communication between physicians/ nurses/ allied health professionals and patients. Telehealth services include but are not limited to scheduling appointments, assessment, providing medical advice, treatment, therapy, laboratory testing, diagnostics, surgery, monitoring chronic conditions, counselling and prescribing and dispensing of medications. The DHA Standard was developed to improve the scope, effectiveness, efficiency, quality, and safety of Telehealth services in the Emirate of Dubai. 

Telehealth is divided into six key areas:

•  Teleconsultation; 
•  Telediagnosis;  
•  Telemonitoring (remote patient monitoring); 
•  Mhealth (Mobile Health);  
•  Telerobotics and robot-assisted services; and 
•  Telepharmacy.