Singapore’s Ministry of Health has confirmed its intention to table the Health Information Bill in the second half of 2023. Andy Leck and Ren Jun Lim, principals at Baker McKenzie Wong & Leow, consider its objectives
Through the Health Information Bill, the Ministry of Health (MOH) seeks to enable the collection of patients’ selected health data from healthcare providers and to allow healthcare providers to share patient information with one another in a safe and secure manner.
Background
In September 2022, the MOH submitted the white paper on Healthier SG to Parliament. Key features of Healthier SG ‒ which is the name given to the major reform of the healthcare system ‒ include the mobilisation of the network of family doctors to deliver preventive care for residents and the setting up of necessary enablers such as IT.
During the parliamentary debates on the white paper on Healthier SG in October 2022, the MOH raised that one of the key tools for the successful implementation of Healthier SG is the National Electronic Health Record (NEHR), a central repository of patient summary health records. This would allow healthcare workers, including family doctors, to draw from and contribute to this common platform.
To facilitate the proper collection, use and sharing of health data among healthcare providers in a safe and secure manner, the MOH announced its intention to introduce the Bill.
Objectives of the Bill
In March 2023, the MOH confirmed its intention to table the Bill in the second half of 2023, sharing that, as of December 2022, all public healthcare institutions and over 30% of private MOH-licensed healthcare institutions have access to NEHR.
Once the Bill has been implemented, the MOH would be able to benefit patients, residents and healthcare providers in the following ways:
By increasing the functionality of the NEHR through mandatory contribution of summary data by licensed healthcare providers as well as prescribed users like retail pharmacists
By enhancing the legal framework to facilitate proactive data sharing across MOH entities, Healthcare Services Act licensees and appointed community partners to facilitate better monitoring and follow-ups
By implementing safeguards for data sharing to protect patient confidentiality and respect patient autonomy
By implementing cybersecurity, data security and data protection measures to safeguard health information
Ensuring safe and secure data sharing
Since May 2022, the MOH has consulted with more than 800 residents, patients, industry experts and healthcare providers to better understand concerns about the Bill.
Key concerns raised were in relation to medicolegal liabilities, cybersecurity and data security. The MOH intends to address these concerns in the following ways:
By setting out cyber and data security requirements for healthcare entities. For example, data intermediaries will need to ensure their IT systems and services maintain good cyber hygiene, and data and systems will have to undergo regular backups and updating of software and security patches
By implementing safeguards such as data security classifications and requirements for proper data storage, transmission and disposal
By aligning data security and protection with prevailing policies and standards under the Personal Data Protection Act
The MOH is also working with the Personal Data Protection Commission and the Cyber Security Agency of Singapore to identify areas where safeguards need to be strengthened.
The MOH will continue to engage stakeholders as the MOH continues designing the Bill.
©2023 All rights reserved LaingBuisson 
