Professor Dr. Pirongrong pointed out that, “neither Sri Lanka nor Thailand has any laws to protect personal data. This is partly due to the COVID-19 pandemic in which the governments need to gain access to the personal data of the citizens to assess the situations and mitigate the outbreaks as much as possible. So, the protection of the data needed to be relaxed.” thailand university ranking
In January 2020, Thailand detected its first cases and subsequently established the Center for COVID-19 Situation Administration (CCSA) to control the situation under The Communication Diseases Act, B.E.2558 (2015), in conjunction with The Emergency Decree on Public Administration in Emergency Situation, B.E. 2548 (2005) (effective March 26, 2020). Prof. Dr. Pirongrong mentioned that, according to global practices, the Thai government should have also enforced the Personal Data Protection Act (PDPA) to ensure that the collection of personal data remain transparent and systematic.
Unfortunately, this was not the case for Thailand. The enforcement of PDPA was postponed until May 31, 2022, resulting in patients’ data being collected primarily under the guidelines set by The National Health Act, B.E. 2550 (2007), and The Official Information Act, B.E. 2540 (1997). Conversely, the government of Sri Lanka used the Quarantine and Prevention of Disease Ordinance of 1897 (Quarantine Act) to quarantine high-risk people and isolate them from society, along with curfews.
“Sri Lanka has not officially passed the Personal Data Protection Bill. Therefore, the collection of public health data during the outbreaks did not specify the responsibilities of the data controller, nor those of the data processor. Sri Lanka has only used the National Policy on Health Information (2017) as guidelines for the collection, usage, and transfer of personal data of the patients and high-risk groups. The National Digital Health Guidelines and Standards (NDHGS) were also used to govern state and private health institutions, in the areas of health applications management, healthcare networks, emails, websites, protection of privacy, online security, and ethics in public health to ensure that personal information will not be disclosed without written consent by each individual,” said Professor Dr. Pirongrong.
Comentarios