Promoting Effective and Inclusive ICT Policy in Africa

Tag Archives: Digital Health

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Digital Health
11Mar

Human Rights Implications of Health Care Digitalisation in Kenya

Author CIPESA Posted on

By CIPESA Writer |

The evolution of digital health is largely driven by technological advancements, the quest for more efficient healthcare, and the growing demand for available, accessible, affordable and quality services. The United Nations’ 2030 Agenda for Sustainable Development recognises the transformative potential of Information and Communications Technology (ICT) in fostering human progress, bridging digital divides, and creating knowledge societies. Despite technological advancements, the World Health Organization (WHO) notes that many countries, including Kenya, have yet to fully leverage digital health for positive outcomes. 

​​The transition from the National Health Insurance Fund (NHIF) to the Social Health Insurance Fund (SHIF) presents a policy shift towards realising Universal Health Coverage (UHC) in Kenya. However, this transition has faced significant challenges that impact the right to health, particularly for vulnerable and marginalised groups (VMGs). A major concern within this transformation is the role of digitalisation in health care management and its implications for service delivery. 

It is against this background that the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), the Danish Institute for Human Rights and the Kenya National Commission on Human Rights (KNCHR) undertook a human rights impact assessment on digitalisation of the health care sector in Murang’a, Laikipia, Kisii and Homabay counties in Kenya. The assessment included the NHIF to SHIF transition, digitalised solutions in the sector and their potential impacts especially on Vulnerable and Marginalized Groups (VMGs) to access quality health care.

This report presents the findings of the assessment which was conducted through literature review and field data collection, as elaborated in the methodology section below. The report highlights the positive impacts of digitalisation of health services, pressing challenges, and impacts on the state of healthcare. It also provides targeted and actionable recommendations for improving the effectiveness, inclusivity, and human rights compliance of digital health initiatives in Kenya.

As an integral part of a human rights-based approach, this assessment took a gender-responsive approach to adequately reflect the experiences of women and to understand gender relations within households and communities. It included a gender-responsive context analysis and representative participation in engagements as well as the conceptualisation, adaptation, and utilisation of existing public sector digital infrastructure for enhanced gender responsiveness.

A Human Rights-Based Approach to public sector digitisation should include Human Rights Impact Assessments (HRIA) in the conceptualisation, development, implementation, and monitoring of digital solutions, and the results thereof should be made publicly available. As such, HRIA is often called for, but examples of such assessments are hard to come by, making few public examples of HRIA of public digitalisation products. Therefore, this assessment documents and shows outcomes that may serve as a model and practical guidance for conducting future human rights impact assessments in the public sector in Kenya and beyond.

Read the full report here.

03May

Does Kenya’s Digital Health Act Mark A New Era for Data Governance and Regulation?

Author CIPESA Posted on

By Edrine Wanyama |

In October 2023, Kenya enacted the Digital Health Act which seeks to promote the safe, efficient and effective use of technology for healthcare and to enhance privacy, confidentiality and security of health data. It also provides for the safe transfer of personal, identifiable health data and medical records to and from health facilities within and outside Kenya, and the development of standards for provision of m-Health, telemedicine, and e-learning.

While Kenya enacted the Data Protection Act earlier in 2019, the dedicated digital health law is a positive step towards addressing the potential data privacy challenges related to health data. The law could deliver dividends for the e-health sector by leveraging data and technology to devise interventions and solutions that improve health services delivery.

In a recent brief, CIPESA analyses the Digital Health Act and what it portends for health data governance in Kenya. As the brief notes, if rightly implemented, the law will offer lessons in proper health data governance, while ensuring the rights of data subjects and the principles of data protection are respected and promoted.

The new law is the latest addition to Kenya’s policy and legal initiatives that aim to buttress the health care system including through technology and improved data governance. Others include the National eHealth Policy 2016-2030 and the Guidance Note on the Processing of Health Data developed by the data protection authority.

The Digital Health Act presents an opportunity for strengthening patient data protection while making strides in addressing privacy challenges by emphasising the need to comply with the Data Protection Act, 2019. The law has set the pace for health data governance in Africa as it deals with data related to medical insurance, physician notes and diagnosis, medical records on current and past health history, and health data governance. Appropriate data governance will provide safeguards against breaches and misuse such as in disease surveillance, research and innovation.

Section 4 of the Act emphasises the data principles to be applied to health data: treating health data as a strategic national asset; safeguarding privacy, confidentiality and security of health data for information sharing and use; facilitating data sharing and use for informed decision-making at all levels; and using the digital health eco-system to serve the health sector and to facilitate, in a progressive and equitable manner, the highest attainable standard of health.

Data, including health data, requires specialised agencies to guarantee its protection. The Digital Health Act establishes a Digital Health Agency which is charged with establishing and managing an integrated health information system. The system will ensure quality assurance in the health sector, since it will be guided by data protection principles, scalability and interoperability, efficiency and effectiveness, simplicity and accessibility, and consistency. The Digital Health Agency will potentially promote accountability and transparency in the health sector.

While integrated data and information management systems offer numerous benefits, they also pose risks of abuse and privacy violations, especially during pandemics such as Covid-19, when there was surveillance on individuals based on health data. During the surge of Covid-19, several countries such as Kenya and Uganda adopted measures to contain the virus but with adverse impacts on data protection and privacy. It is imperative therefore that the Digital Health Agency takes all necessary measures to ensure that the Integrated Health Information System robustly guards against unauthorised access, processing, use and transfer of individuals’ private health information within the country as well as across its borders. 

Section 45 on e-Waste Management offers indications in the right direction for the management of e-waste in the health sector. It also provides pointers to promoting the use of sustainable models for e-waste management through public-private partnerships. Nevertheless, in promoting reuse and lifetime extension of e-waste in health data, the law potentially creates opportunities where e-health data may be used unfairly by unscrupulous individuals.

The Digital Health Act is a progressive move towards appropriate regulation of digital health services in Kenya. It points to the relevance of technology in enhancing health care amidst the growing significance of personal data, its protection, management and governance. Other countries in the region could borrow from Kenya’s example to enact similar legislation on digital health and health data governance.

Read the full brief here.