Skip to main content
    • Aa
    • Aa

Information technology law and health systems in the European Union

  • Elias Mossialos (a1), Sarah Thomson (a1) and Annemarie Ter Linden (a1)

Objectives: This study aims to examine the impact of European Union (EU) law relating to information technology (IT) on health systems.

Methods: The study identifies EU directives relating to IT, analyzes them in terms of their impact on the use of IT in health systems, and outlines their implications for health technology assessment (HTA). Analysis is based on a review of literature identified through relevant databases and Internet searches.

Results: Developments in IT have serious implications for EU health systems, presenting policy makers with new challenges. The European Commission has adopted a range of legal measures to protect consumers in the “information society” However, as few of them are health-specific, it is not evident that they have implications for health, health systems, or HTA, and they may not be effective in protecting consumers in the health sector.

Conclusions: In light of the growing importance of IT in the health sector, legal and nonlegal measures need to be further developed at EU and international level. Where possible, future initiatives should pay attention to the particular characteristics of health goods and services and health systems. Although definitions of HTA usually recognize the importance of evaluating both the indirect, unintended consequences of health technologies and the legal aspects of their application, it seems that, in practice, HTA often overlooks or underestimates legislative matters. Those involved in HTA should be aware of the legal implications of using IT to provide health goods and services and compile, store, transfer, and disseminate health information electronically.

Hide All
Allaert FA, Barber B. 1998 Some systems implications of EU Data Protection Directive. Eur J Information Systems. 7: 14.
Altenstetter C. 2003 EU and member state medical devices regulation. Int J Technol Assess Health Care. 19: 228248.
Altenstetter C. Regulation of medical devices in the European Union. In: Baeten R, ed. 2002. The impact of EU law on health care systems. Brussels: Peter Lang;
Armstrong K, Schwartz JS, Asch DA. 1999 Direct sale of Sildenafil (Viagra) to consumers over the Internet. N Engl J Med. 341: 13891392.
Arruñada B. 2001. Quality safeguards and regulation of online pharmacies. Barcelona: Department of Economics and Business;
Ballon IC. 2003. E-commerce and internet law: A primer. Paper presented at the 2nd Annual Spring Meeting of the State Bar of California, La Jolla, April 27-29, 2001. Available at: Accessed: July 28
Banta H, Luce B. 1993 Health care technology and its assessment: An international perspective. Oxford: Oxford University Press;
Barber B, Treacher A, Louwerse. 1996. Towards security in medical telematics. Oxford: IOS Press;
Bell J, Gomez R, Hodge P, Mayer-Schönberger. 2001 Electronic signature regulation. An early scorecard–Comparing electronic signatures legislation in the US and the European Union. Comput Law Security Rep. 17: 399402.
Bharvada K. 2002 Electronic signatures, biometrics and PKI in the UK. Int Rev Law ComputTechnol. 16: 265275.
Callens S. 2002 Telemededicine and the E-Commerce Directive. Eur J Health Law. 9: 93109.
Centre de Droit de la Consommation. 2000. Study on the practical application of Directive 92/59/EEC on General Product Safety: Summary of the study conclusions. Louvain-la-Neuve: Centre de Droit de la Consommation;
Chalton S. 1997 The transposition into UK law of EU Directive 95/46/EC (the Data Protection Directive). Int Rev Law Comput Technol. 11: 2532.
Council of Europe. 1981. Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data ETS no: 108. In: European treaty series. Strasbourg: Conseil de l'Europe;
Deringer FB. 2002. Product safety and liability in Europe. In: Freshfields Bruckhaus Deringer;
Desai A. 2003. The European Data Directive and its impact on the export of personal data from Europe to the United States: The Safe Harbour privacy principles. Available at: Accessed: May 20.
European Commission. Report from the Commission on the Application of Directive 85/374 on Liability for Defective Products. Brussels: European Union; 2001 31/01/2001. Report No. COM(2000) 893 final.
European Commission. Convention on the law applicable to contractual obligations (80/934/EEC). OJ 1980;L 266(09/10/1980):1-19.
European Commission. Council Directive 85/374/EEC on the approximation of laws, regulations and administrative provisions of the Member States concerning liability for defective products. OJ 1985;L 210(07/08/1985):29.
European Commission. Council Directive 92/59/EEC of 29 June 1992 on general product safety. OJ 1992;L 228 (11/08/1992):24-32.
European Commission. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. OJ 1995;L 281(23/11/1995):31-50.
European Commission. Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases. OJ 1996;L 077(27/03/1996):20.
European Commission. Directive 97/7/EC of the European Parliament and of the Council of 20 May 1997 on the protection of consumers in respect of distance contracts. OJ 1997;L 144(04/06/1997):19-28.
European Commission. Directive 97/66/EC of the European Parliament and of the Council of 15 December 1997 concerning the processing of personal data and the protection of privacy in the telecommunications sector. OJ 1997;L 024(30/01/1998):1-8.
European Commission. Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. OJ 1999;L 13(19/01/2000):12-20.
European Commission. Directive 2000/31/EC of the European Parliament and the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market ('Directive on electronic commerce'). OJ 2000;L 178(17/07/2000):1-16.
European Commission. Directive 2001/95/EC of the European parliament and of the Council of 3 December 2001 on general product safety. OJ 2001;L 11(15/01/2002):4-17.
European Commission. eEurope 2005: An information society for all. Brussels: European Union; 2002 28/05/2002. Report No.: COM (2002) 263 final.
European Commission. 2003. Healthcare. Available at: Accessed: May 20
European Court of Justice. 2003. Case C-322/01, December 11, 2003. Deutscher Apothekerverband eV v DocMorris NV and Jacques Waterval.
Eysenbach G. 1999 Online Prescribing of Sildanefil (Viagra®) on the World Wide Web. J Med Internet Res. 1: online.
Eysenbach G, Kohler C, Yihune G, et al. 2001. A framework for improving the quality of health information on the world-wide-web and bettering public (e)health: The MedCERTAIN approach. MedCERTAIN;
Gibbs D. 2001 Harnessing the information society? European Union policy and information and communication technologies. Eur Urban Regional Studies. 8: 7384.
Hendreson K, Poulter A. 2002 The distance selling directive: Points for future revision. Int Rev Law Comput Technol. 16: 289300.
Hustinx PJ. 1999. Informatietechnologie in de gezondheidszorg. Utrecht: Verenging voor Gezondheidsrecht;
James S. 2003. What does the EU product safety directive mean for US manufacturers? Available at: Accessed: July 28
Lipton J. 2002 Information wants to be property: Legal commodification of e-commerce assets. Int Rev Law Comput Technol. 16: 5366.
Long WJ, Pang Quek M. 200 Personal data privacy protection in an age of globalization: The US-EU safe harbor compromise. J Eur Public Policy. 9: 325344.
Makinen MM, Rautava PT, Forsstrom JJ. 2002 Restrictions on import of drugs for personal use within the European single market. Eur J Public Health. 12: 244248.
Muenchinger N, Mekaoui A. 2002 Electronic signatures: Regulatory aspects of electronic signatures. Comput Law Security Rep. 18: 2930.
National Information Center on Health Services Research and Health Care Technology. 2001. Introduction to health care technology assessment-glossary. Available at:;
Pearce G, Platten N. 2000 Promoting the information society: The EU directive on electronic commerce. Eur Law J. 6: 363378.
PriceWaterhouseCoopers. 2001. HealthCast 2010 E-Health Quarterly. Medical privacy. New York: PriceWaterhouseCoopers;
Raab CD. 1997 Co-producing data protection. Int Rev Law ComputTechnol. 11: 1124.
Roscam Abbing HDC. 2000 Internet, the patient and the right to care for health. Eur J Health Law. 7: 221228.
Rothchild J. 1998 Making the market work: Enhancing consumer sovereignty through the telemarketing sales rule and the distance selling directive. J Consumer Policy. 21: 279313.
Salaün A. 2000. Consumer protection issues, ESPRIT Project 27028. European Union: Electronic Commerce Legal Issues Platform;
Smith MF. 1996 Data protection, health care, and the new European directive. BMJ. 312: 197198.
Standing Committee on Copyright and Related Rights. 1998. Protection of databases. Geneva: Standing Committee on Copyright and Related Rights;
Terry N. 2001 MSJAMA: Access vs quality assurance: The e-health conundrum. JAMA. 285(: 807.
Thakur N. 2001 Database protection in the European Union and the United States: The European database directive as an optimum global model? I.P.Q.;1: 100133.
Thematic Working Group 6 of the European Health Telematics Association. 2000. Legal aspects of health telematics. Brussels: European Health Telematics Association;
U.S. Department of Commerce. 2001. Safe harbor list. Washington, DC: U.S. Department of Commerce;
U.S. Department of Commerce. 2001. Safe harbor overview. Washington, DC: U.S. Department of Commerce;
U.S. Department of Commerce. 2001. Safe harbor workbook. Washington, DC: U.S. Department of Commerce;
U.S. Department of Health and Human Services. 2003. Office for Civil Rights—HIPAA medical privacy—National standards to protect the privacy of personal health information. Available at: Accessed: July 16
Vajda C, Gahnström A. 2000. EC competition law and the Internet. European Union: ECIR;
Van Eecke P. Electronic Health Care Services and the E-Commerce Directive. In: Taeymans M, ed. 2001. A decade of research @ the crossroads of law and ICT. Gent: Larcier;
Wilson P. 2002 How to find the good and avoid the bad or ugly: A short guide to tools for rating quality of health information on the internet. BMJ. 324: 598600.
Wilson P. Identifying the European legal and ethical issues of emergent health telematics. In: Thick M, ed. 2000. Taking health telematics into the 21st century. Abingdon: Radcliffe Medical Press;
Recommend this journal

Email your librarian or administrator to recommend adding this journal to your organisation's collection.

International Journal of Technology Assessment in Health Care
  • ISSN: 0266-4623
  • EISSN: 1471-6348
  • URL: /core/journals/international-journal-of-technology-assessment-in-health-care
Please enter your name
Please enter a valid email address
Who would you like to send this to? *



Full text views

Total number of HTML views: 2
Total number of PDF views: 18 *
Loading metrics...

Abstract views

Total abstract views: 65 *
Loading metrics...

* Views captured on Cambridge Core between September 2016 - 22nd October 2017. This data will be updated every 24 hours.