To read this content please select one of the options below:

A comparative analysis: health data protection laws in Malaysia, Saudi Arabia and EU General Data Protection Regulation (GDPR)

Jawahitha Sarabdeen (College of Law, Prince Sultan University, Riyadh, Saudi Arabia)
Mohamed Mazahir Mohamed Ishak (JS Law Firm, Pickering, Canada)

International Journal of Law and Management

ISSN: 1754-243X

Article publication date: 5 April 2024

252

Abstract

Purpose

General Data Protection Regulation (GDPR) of the European Union (EU) was passed to protect data privacy. Though the GDPR intended to address issues related to data privacy in the EU, it created an extra-territorial effect through Articles 3, 45 and 46. Extra-territorial effect refers to the application or the effect of local laws and regulations in another country. Lawmakers around the globe passed or intensified their efforts to pass laws to have personal data privacy covered so that they meet the adequacy requirement under Articles 45–46 of GDPR while providing comprehensive legislation locally. This study aims to analyze the Malaysian and Saudi Arabian legislation on health data privacy and their adequacy in meeting GDPR data privacy protection requirements.

Design/methodology/approach

The research used a systematic literature review, legal content analysis and comparative analysis to critically analyze the health data protection in Malaysia and Saudi Arabia in comparison with GDPR and to see the adequacy of health data protection that could meet the requirement of EU data transfer requirement.

Findings

The finding suggested that the private sector is better regulated in Malaysia than the public sector. Saudi Arabia has some general laws to cover health data privacy in both public and private sector organizations until the newly passed data protection law is implemented in 2024. The finding also suggested that the Personal Data Protection Act 2010 of Malaysia and the Personal Data Protection Law 2022 of Saudi Arabia could be considered “adequate” under GDPR.

Originality/value

The research would be able to identify the key principles that could identify the adequacy of the laws about health data in Malaysia and Saudi Arabia as there is a dearth of literature in this area. This will help to propose suggestions to improve the laws concerning health data protection so that various stakeholders can benefit from it.

Keywords

Acknowledgements

The authors would like to acknowledge the support provided by the Prince Sultan University (PSU) and the Governance and Policy Research Lab, PSU.

Citation

Sarabdeen, J. and Mohamed Ishak, M.M. (2024), "A comparative analysis: health data protection laws in Malaysia, Saudi Arabia and EU General Data Protection Regulation (GDPR)", International Journal of Law and Management, Vol. ahead-of-print No. ahead-of-print. https://doi.org/10.1108/IJLMA-01-2024-0025

Publisher

:

Emerald Publishing Limited

Copyright © 2024, Emerald Publishing Limited

Related articles