Data Protection & E-Health

Data Protection

Health data and digital innovations are a key success factor for the healthcare industry. The protection of health data is of utmost importance for the European and national legislators. At the same time, the legislators are working on regulations to create data spaces that enable and facilitate the use of health data by patients, but also the secondary use of data for research by innovative pharmaceutical and medical device companies (e.g. draft regulation on the European Health Data Space, Health Data Utilisation Act in Germany).

In Germany, various provisions applicable to the healthcare industry are scattered across different laws (e.g. Federal Data Protection Act, German Social Code V, Hospital Acts etc.). Respectively, in particular globally acting and networked companies are facing major challenges, which require a precise knowledge and strict application of these provisions.

We support our clients on their way through the data protection jungle with, inter alia, the following services:

  • Design of privacy notices
  • Advice on data protection strategies in connection with innovative digital projects (e.g. patient app for communicating with doctors)
  • Drafting of contracts related to data storage, processing and transfer (e.g. contract data processing)
  • Data protection aspects in connection with the implementation of transparency requirements
  • Legally sound design of international transfer of health data
  • Legally sound design and implementation of data bases in the healthcare sector
  • Drafting of informed consents and data protection provisions in contracts
  • Strategic advice regarding handling of pharmacovigilance data and medical device vigilance data


The continuing digitalization in the healthcare sector (e.g. network medical technology, telemedicine, health services, digital vitality monitoring etc.) brings along specific challenges also with respect to the legal assessment of new products and methods in the field of e-health as well as the legally sound structuring in this context. It is our claim to support the developments of our innovative clients also from a legal perspective at the highest level and to map and implement the specific characteristics of the e-health sector.

Our services particularly include:

  • Qualification and classification of software (e.g. medical apps) as medical device
  • Legal advice related to digital health applications (DiGA), in particular legal classification, procedures at the BfArM, reimbursement issues
  • Legal advice regarding e-health in patient support programms (e.g. virtual interface to physicians)
  • Assessment of legal issues related to telemedicine
  • Assessment of data protection aspects related to e-health