Digital healthcare is an umbrella term that stands for the use of information and communication technologies (ICT) – and, in particular, internet technology – to support or improve healthcare in the broadest sense, including e-health platforms, electronic patient files, electronic drug prescriptions, teleconsultations, and medical, fitness and well-being applications (apps).
Digital medicine and digital therapeutics (DTx) are subsets of digital healthcare and hence conceptually fall within its broad scope. The difference between both concepts, however, might be hard to distinguish. Digital medicine refers to the deployment of technologies as tools for diagnosis and intervention to improve human health (eg, clinical decision support software) whereas DTx refers to evidence-based therapeutic interventions driven by software to prevent, manage or treat a medical disorder or disease and to spur changes in patient behaviour (eg, wearables and other wireless devices). They include patient-facing software apps that therapeutically support patients, bear the CE marking (see 6. Software as a Medical Device) and have a proven clinical benefit. Typically, DTx is classified as a subcategory of digital medicine.
Regulatory oversight, including the need for clinical evidence, will be critical in the context of digital medicine and DTx products and services due to their deployment for interventional, diagnostic and therapeutic purposes. In addition, these products will often meet the definition of a medical device, hence requiring compliance with applicable medical device legislation.
Both from a healthcare provider and patient/consumer perspective, it can be assumed that digital healthcare technologies, in general, will be – and already are – more rapidly and widely embedded into society due to their supportive and facilitative character. It is very likely, however, that some of these products will be received more sceptically by patients due to their more “invasive” nature (eg, insideables).
Neither “digital health” nor “digital medicine” or “DTx” is currently defined in the Belgian regulatory framework.
As the main technologies in digital healthcare are likely to be focused on the collection, processing, transmission and presentation of data, technologies such as cloud computing, communication technologies, wireless networks (such as 5G – see 9.1 The Impact of 5G Networks on Digital Healthcare) and big data will remain essential. Nevertheless, the importance of other technologies such as robotics, virtual reality and the internet of medical things (IoMT) cannot be underestimated.
Technologies (that can be) deployed in the context of digital medicine and DTx are equally numerous and include:
Novel health technologies (eg, AI, the IoMT, 5G networks and Bluetooth) are challenging the boundaries of the Belgian regulatory framework, which is often ill adapted to address the legal concerns such technologies entail. Existing laws and regulations scarcely accommodate for the questions raised as a result of a continuously developing digital healthcare industry, including with regard to:
The digitalisation of healthcare also involves a number of actors entering the industry that are unfamiliar with the highly regulated framework in which health products are embedded, which requires additional compliance investments. As a final point, the emergence of AI-driven healthcare technologies might involve ethical considerations regarding privacy, bias and discrimination in healthcare.
The Federal Agency for Medicines and Health Products (FAMHP) is the Belgian national competent authority overseeing the quality, safety and efficacy of medicines and health products, including medical devices, both during the clinical development process and with regard to the authorisation and marketing of drug and health products. To the extent digital health products are considered medical devices, they fall within the scope of the authority of the FAMHP. The actual conformity assessment procedure for granting the CE marking is carried out by the so-called “notified bodies” designated by the FAMHP.
The Federal Public Service for Health is more generally responsible for the organisation of healthcare in Belgium and controls the quality of health services and the practice of healthcare professionals. Hence, the deployment of digital medicine and DTx products and services by healthcare professionals and/or institutions is subject to regulation originating from this governmental agency and healthcare professionals have certain reporting obligations to its organs. In addition, the National Institute for Health and Disability Insurance (NIHDI) establishes reimbursement schemes for healthcare services, medicines and health products and thereby exerts an important influence on (the conditions for reimbursement of) health products and treatments. Lastly, professional associations such as the Order of Physicians and the Order of Pharmacists impose deontological obligations on healthcare professions, while self-regulatory industry organisations such as pharma.be and beMedTech lay down ethical rules for pharmaceutical and medical device companies.
Legislation specific to the area of digital healthcare is still very limited in Belgium. After a long transition period, Regulation (EU) 2017/745 (the Medical Device Regulation, or MDR) is applicable as of 26 May 2021 (although medical device manufacturers may be able to benefit from additional time within which to achieve MDR compliance) and Regulation (EU) 2017/746 (the In Vitro Diagnostic Medical Device Regulation, or IVDR) applies as of 26 May 2022. The Acts of 22 December 2020 and 15 June 2022 have brought the Belgian regulatory framework in line with the new EU legislation.
In January 2021, the NIHDI launched a scheme for the reimbursement of mobile health apps (as further discussed under 4.4 Regulatory Developments).
Additionally, electronic prescribing has been mandatory as of the beginning of 2020. The Healthcare Quality of Practice Act of 22 September 2019 safeguarding privacy, safety and quality of healthcare came into force on 1 July 2022 and impacts the permissibility of providing certain health services via digital means.
Finally, several legislative proposals in light of the European data strategy (which will undoubtedly have a considerable impact on the digital healthcare industry) have also been adopted in recent months, as further discussed under 3.1 Non-healthcare Regulatory Agencies, Regulatory Concerns and New Healthcare Technologies. One of the most notable examples thereof would be the forthcoming regulation on “The European Health Data Space”, which aims to create a framework for the sharing of health data across the EU (as discussed under 10.1 The Legal Relationship Between Digital Healthcare and Personal Health Information).
Enforcement concerning digital healthcare has been limited in Belgium up until this point. The main areas of enforcement concern data protection infringements, violations of the rules governing the marketing and sale of medical devices and competition considerations.
However, healthcare regulatory authorities have increasingly been on guard since the beginning of the COVID-19 crisis and the medtech industry will likely become an enforcement priority in the next few years due to the application of the MDR and the IVDR.
The increasing digitalisation of the healthcare industry is causing healthcare professionals and businesses to be impacted incrementally by legislators regulating digital markets. For instance, the European Union recently adopted several legislative acts governing digital markets, goods and services (including the Digital Services Act, the Digital Markets Act, the Data Governance Act and the Data Act (see 10.1 The Legal Relationship Between Digital Healthcare and Personal Health Information), as well as a European regulatory framework on AI (see 11.2 AI and Machine Learning Data Under Privacy Regulations).
In addition, both the European Commission and the Belgian Competition Authority have focused their enforcement efforts on the digital market in recent years. Moreover, the healthcare industry is continuously looking for guidance from, and engaging with, data protection authorities such as the Belgian Data Protection Authority and the European Data Protection Board to manage the challenges that accompany the introduction of novel technologies in the sector. Several regulatory agencies also take on a different role with regard to new health products. Where the Federal Public Service of Economy was traditionally predominantly involved in the setting of prices of medicines and implantable medical devices, it will now have to take on more responsibility with regard to the advertising of (online) healthcare products and services.
The interests of such non-healthcare agencies are from time to time at odds with those pursued by regulatory healthcare agencies. For example, considering the data protection concerns related to the transfer of personal data to certain third countries (see 10. Data Use and Data Sharing), privacy experts generally recommend that personal data be kept as much as possible within the European Economic Area or any other country that has been recognised by the European Commission as offering sufficient safeguards for data protection. This suggestion does not only collide with the reality of global pharmaceutical or medical device companies, where much of the research and development (R&D) takes place in countries not offering adequate protection of personal data, but also conflicts with the requirements of regulatory agencies governing the authorisation and marketing of health products, which generally demand worldwide clinical and safety data.
The interplay between the responsibilities of non-healthcare and healthcare agencies is now more frequently uncovered and many regulatory agencies have made commitments to collaborate more closely with one another. It will now be important to ensure that these pledges are being put into practice and a harmonised regulatory framework is being established.
Preventative healthcare (also referred to as “primary prevention”) refers to a category of healthcare in which the main objective is to avoid a disease occurring by detecting health problems before any symptoms develop (eg, vaccination).
Diagnostic healthcare (also referred to as “secondary prevention”) involves treating or diagnosing a disease as early as possible by monitoring existing problems, checking new symptoms, and following up on test results to initiate treatment without delay, and, as a result, reducing its mortality or severity (eg, radiology, ultrasound, cancer screening programmes and laboratory testing).
Preventative healthcare and diagnostic healthcare must be distinguished from curative care, which is only initiated when a disease has manifested itself with the onset of symptoms.
The rapid convergence between digital technologies and healthcare has changed how preventative healthcare is delivered at the population level, shifting the focus from curative care to preventative care. New tools such as clinical decision support software, wearables, insideables, and fitness and well-being apps significantly contribute to actively monitoring a patient’s health status and preventing or diagnosing diseases.
It is therefore not surprising that the future of healthcare is expected to be preventative, which is substantially cheaper (ie, diseases are prevented or diagnosed before they become major and expensive treatments are avoided) and is considered fundamental in the context of the future sustainability of the Belgian healthcare system.
Fitness and well-being apps that cannot be classified as a medical device (see 6. Software as a Medical Device) are not (yet) regulated by the legislature. However, this does not necessarily imply that the data collected and processed through such apps is not regulated either. On the contrary, in the event that this data concerns information that is related to an identified or identifiable natural person within the meaning of the General Data Protection Regulation (GDPR), such processing must comply with the provisions of said regulation (see 10.1 The Legal Relationship Between Digital Healthcare and Personal Health Information). In addition, the EU funds an initiative (Label2Enable) that seeks to establish a high level of quality and reliability of health and wellness apps based on CEN-ISO/TS 82304-2.
The use of mobile health apps in the healthcare process is becoming more common and plays a substantial role in the context of increased preventative healthcare (see 4.2 Increased Preventative Healthcare). However, their reimbursement has long been a sore point in Belgium, particularly because of the difficulty of evaluating such apps. The Belgian federal government has therefore established a system making reimbursement of these apps possible. Under the new procedure applicable as from 1 October 2023, companies can apply directly to the NIHDI for validation of their mobile medical app. Other stakeholders, such as scientific associations, hospitals or professional associations of healthcare providers, can now also submit such application.
“mHealthBelgium” is a platform managed by industry organisations beMedTech and Agoria, which was created with support from the Belgian government. It centralises all relevant and necessary information regarding mobile health apps for patients and provides a validation pyramid consisting of three levels: M1, M2 and M3 (including M- and M+).
The first level, M1, requires that the app is a medical device bearing the CE mark and that the FAMHP is notified, which will then verify the app’s conformity with the applicable medical device legislation. In addition to the requirements of the first level, apps entering the second level, M2, must meet all ICT requirements as imposed by the eHealth-platform in the context of cybersecurity and data protection and privacy. Since 2024, the second level also requires that an admissible reimbursement request has been submitted to the NIHDI and, hence, that the socioeconomic value of the app is being evaluated. The third level, M3, regulates the funding and reimbursement of the app. In this regard, an app entering M3- is temporarily funded while still collecting data regarding its socioeconomic value. If the app’s socioeconomic value is adequately proven, the app is eligible to enter M3+, which means that the NIHDI will officially reimburse the app. However, the rollout of the reimbursement pyramid has had limited success so far, proving the socioeconomic importance of apps remains difficult. Only one app, the rehabilitation and recover app “moveUP”, has managed to enter level M3-, and no apps have achieved level M3+. The reimbursement agreement for moveUP ended on 30 June 2023, meaning that, at present, no mobile health application is being reimbursed by the NIHDI.
As an alternative funding route, in order to promote sports and a healthy lifestyle, Belgian health insurance funds provide “additional advantages” such as partly reimbursing gym subscriptions or other (app) memberships. In addition, the NIHDI is strengthening the provision of psychological care for the Belgian population by largely reimbursing the costs involved. In this way, psychological care is becoming more accessible and the threshold lower. The Belgian e-Health Action Plan 2022-2024 also sets forth the ambition to integrate mental healthcare more comprehensively into care pathways to advance to a more holistic approach to healthcare.
The challenges non-healthcare companies might face – or that non-healthcare companies should at least consider extensive. Notably, this industry is highly regulated and complicated. Non-healthcare companies will therefore need to adjust their market strategies in accordance with the applicable regulatory frameworks that govern health products and services (eg, in the context of the promotion of medical devices). Moreover, these companies will also have to invest largely in compliance, which will very likely include compliance with data protection laws and regulations, intellectual property laws and regulations, and medical device legislation.
Finally, yet importantly, non-healthcare companies will need to take into account that they will have to accommodate not only the interests of the end users but also those of other stakeholders within the healthcare industry such as doctors, hospitals, health insurance providers and the NIHDI.
The enhanced use of connected devices in healthcare can be explained by the confluence of societal and business challenges requiring increased reliance on tele- and digital health, and the development of advanced technologies enabling the same. The limited number of healthcare staff and constrained healthcare budget in Belgium necessitate a focus on cost-efficiency, which can be best achieved through value-based, personalised and remote healthcare. In addition, there is a clear desire on the part of patients to play a more active role in their treatment, by being able to consult their medical records through remote and mobile channels and by tracking their health data in real time through wearable devices.
IoMT devices (ie, digital healthcare products that connect to IT systems through online computer networks) have the potential to create a continuous stream of health data, making them the ideal solution for patient monitoring, diagnosis, patient support and intelligent decision-making. Cloud computing services can connect different devices, users and systems and are considered a convenient and efficient way to store and manage the massive amounts of data collected and processed. This enables interoperability between platforms, allowing patients and healthcare providers to easily access online health records which compile the patient’s medical information from various sources. Finally, as discussed below (see 11. AI and Machine Learning), AI-driven technologies may provide an array of benefits (and challenges) for healthcare providers and patients.
It is mainly through the integration of these technologies that a connected healthcare system can emerge, which not only optimises collaboration between healthcare providers (thereby reducing costs and increasing efficiency), but also enhances patient experience and control.
While the use of connected devices is rapidly gaining ground in all areas of healthcare, the follow-up of patients with chronic conditions (such as cardiovascular disease or diabetes) in particular has benefitted from the advances in remote monitoring. Women’s healthcare has also been positively affected by the emergence of medical devices tracking, ao, ovulation, pregnancy and nursing. In addition to the vital role they play in remote monitoring and home (after-)care, IoMT devices such as smart beds, automatic nurse call systems and hand-hygiene monitors have the potential to increase efficiency and improve patient safety in hospitals.
As discussed in detail hereunder (see 15. Liability), in Belgium, the traditional regimes consist of contractual and extra-contractual liability. On top of that, Belgium’s medical liability system is twofold, including the medical liability of a physician or a hospital as well as a fund to compensate for severe damage as a consequence of, for instance, medical accidents without liability. In this context, manufacturers, suppliers or sellers of health devices such as wearables, implantables and digestibles might be liable under the product liability framework if the end user (eg, a patient) has suffered damage due to the malfunctioning of such products. Given the upcoming extension of the product liability regime at EU level, the latter may become even more relevant.
The healthcare industry is particularly sensitive to data breaches and incidents (eg, the leaking of personal data) and cybersecurity attacks (eg, hacking). As a result, stakeholders should always carefully assess the possible implications and risks when making use of the IoMT, whether it be in a cloud computing environment or an on-premises and local computing platform. In the event that a digital healthcare company decides to collaborate with a cloud service provider, this service provider will likely process the data on behalf of the digital healthcare company. Within the context of the GDPR, the company might then be considered a controller (ie, which decides on the purposes and the means of the processing of personal data) and the service provider a processor, which, in turn, might outsource several processing activities to its sub-processors.
It is therefore of profound importance to contractually cover any risks relating to data protection and cybersecurity and to allocate the roles and responsibilities clearly and adequately in a data processing agreement. This agreement must include extensive audit rights for the benefit of the digital healthcare company as well as a liability clause that sufficiently protects the digital healthcare company in the event of any claims of patients or a data protection authority as a result of infringements by the cloud service provider. Lastly, the cloud service provider must ensure appropriate organisational and technical measures to secure any personal data and confidential documents stored.
Healthcare institutions making use of the IoMT should establish information security policies that encompass administrative, technical and physical safeguards to protect against the unauthorised or accidental disclosure, use, destruction, loss or alteration of patient information. These may include, for example, automated security testing tools and vulnerability scanners, cybersecurity training, spam blockers, the restriction of administrator privileges to a limited number of users, etc.
On 19 April 2024, the Belgian Act establishing a framework for cybersecurity of network and information systems of general public safety interest, also called the “NIS2 Act”, was approved by the federal parliament. The NIS2 Act transposes the new Network and Information Security Directive or NIS2 (Directive (EU) 2022/2555) into Belgian law. NIS2 provides a better response to the growing threats posed by the digitalisation of healthcare and the surge in cyber-attacks through stronger security requirements, also addressing the security of supply chains, streamlined reporting obligations, more stringent supervisory measures and stricter enforcement requirements, including harmonised sanctions across the European Union. Since many hospitals and other healthcare providers in Belgium did not fall under the scope of application of the first NIS Directive (Directive (EU) 2016/1148) and transposing law, NIS2 will be particularly important for the Belgian healthcare industry as it extends the scope of entities to which the NIS requirements apply. According to the Belgian Centre for Cybersecurity, the total number of companies in Belgium covered by NIS legislation will increase by a factor of 20 to 40 with the introduction of NIS2. The NIS2 Act will enter into force on 18 October 2024.
Recently, the European lawmakers have adopted one of the recent years’ most groundbreaking pieces of legislation regulating artificial intelligence systems (see 11.2 AI and Machine Learning Data Under Privacy Regulations), which will have an important impact in the field of the IoMT, to the extent the latter increasingly relies on AI-driven technologies.
Under the MDR, software is classified as a medical device in its own right (MDSW) if it is intended to be used for a medical purpose as set out in Section 2(1) of the MDR (eg, diagnosis, prevention, monitoring, treatment or alleviation of a disease, injury or disability, or control or support of conception). The medical device framework shall also apply if software is intended to drive or control the use of a medical device or can be considered as an accessory of a medical device. The classification of software as an MDSW has important consequences, as the medical device framework is complex and burdensome, especially for manufacturers that are just entering the digital healthcare market. Software companies may therefore be incentivised to indicate that their product is not intended for medical purposes and should instead be considered a fitness or wellness product, in order to avoid having to comply with this framework.
The MDR introduced a new risk-categorisation system for medical devices that entails that many MDSWs may now fall under Class IIA and higher. This may, for example, be the case when software is used to make therapeutic or diagnostic decisions (eg, clinical decision support software). If an MDSW cannot be classified under Class I, self-assessment will no longer suffice to receive the CE marking and, thus, market access for an MDSW may become increasingly time-consuming. Indeed, medical devices of Class II (A&B) and Class III must undergo a conformity assessment procedure and (for certain Class IIB and Class III devices) a clinical evaluation before receiving the CE marking to be placed on the market. The same requirements apply to (software as) medical devices that use AI or machine learning. Moreover, the new EU regulation on AI (the “Artificial Intelligence Act” – see also 11. AI and Machine Learning) recognises that medical devices powered by certain AI systems may be considered “high-risk” and imposes a check on compliance with the requirements for any such AI system in the conformity assessment of the medical device. As indicated above (see 2.2 Recent Regulatory Developments), to the extent software is considered a medical device, it falls within the scope of authority of the FAMHP, which (as prescribed by the MDR), is responsible for designating and monitoring the notified bodies that carry out the conformity assessment procedure, and for the post-market surveillance of medical devices.
The MDR further requires that any proposed changes in the design, intended use, product-range, type or quality management system of a device are assessed and approved by the relevant notified body. Given that software improvements are made on a continuous basis, this requirement is ill-adapted to the reality of MDSW. The burden of undergoing an assessment procedure each time an update to the software is envisaged may effectively hold back improvements in patient care. The more rigorous requirements of the quality management system under the MDR compared to its predecessor and a focus on post-market surveillance in the MDR and the Artificial Intelligence Act are the first steps towards managing software that is improved or modified throughout its lifetime; however, a comprehensive framework on machine/deep learning medical devices is still absent and the current landscape still revolves around “static” rather than “dynamic” medical devices.
Telehealth holds the promise of increasing the accessibility, efficiency and affordability of healthcare while offering the patient a more personalised and highly specialised approach. Through telehealth services, the patient’s right to choose their physician is no longer determined by location but by best fit. In addition, telemonitoring services through wearables and other remote patient monitoring devices and technologies foster early discovery and intervention and provide physicians with a dynamic overview of a patient’s health status as opposed to a snapshot at the time a patient comes in for consultation.
Tele-expertise is no longer limited to a select group of key opinion leaders consulting on rare diseases but is also readily used by general practitioners seeking advice from specialists.
Virtual hospitals (ie, healthcare facilities that operate completely online) could be a viable alternative to physical hospitals, especially for conditions that do not require urgent medical attention. Through the use of connected devices, audiovisual communication and AI, virtual hospitals would offer a solution to manage increased demand and costs, while also reducing patient exposure to infections.
Where hospitals and physicians go digital, the online (retail) pharmacy follows, providing pharmaceutical advice and products more rapidly and cost effectively. However, telehealth services also give rise to several risks and challenges, more notably regarding the credibility and certification of online healthcare providers; the confidentiality, privacy and security of patient data; the reimbursement of cross-border services; and medical liability.
So far, Belgium does not have an integral telehealth framework. While telemonitoring and tele-expertise between physicians has been common practice for quite some time, the National Council of the Order of Physicians has long been opposed to diagnosing patients at a distance, asserting that considerable risks were involved and that, therefore, physicians could only diagnose patients without a physical consultation in exceptional cases. However, Directive 2011/24/EU on patients’ rights in cross-border healthcare established the “country of origin” principle, meaning that healthcare professionals established in a member state of the European Union can provide healthcare services to patients located in other member states under the same terms and conditions as they are able to provide in their member state of establishment. In other words, Belgium cannot impose its regulatory framework on a healthcare provider that is established in another EU member state and is providing healthcare services to a recipient in Belgium. In addition, Directive 2011/24/EU obliges the NIHDI to reimburse certain cross-border healthcare services. This led to the contradictory situation where a patient could not receive reimbursed telehealth services from a physician located in Belgium, but that patient could receive (reimbursement for) those healthcare services if they were provided by a physician located in another EU member state.
The beginning of the COVID-19 crisis signified the end of an era in which healthcare was centred around in-person consultations and brought the telehealth framework on stream. The emergency measures taken by the legislature provided that telehealth services were allowed and were reimbursable by the NIHDI, if provided within certain conditions. However temporary these measures were, it is already apparent that the sudden widespread use of health services at a distance has induced a shift in mindsets, not only of physicians and patients, but also at the regulatory level. In a communication of June 2022, the National Council of the Order of Physicians has recognised that teleconsultations could be a valuable tool to complement face-to-face patient care, under certain conditions. Notably, precautions must be taken to guarantee the quality and continuity of care, such as updating the patient’s electronic record, and the therapeutic relationship between the patient and the physician (including the consent of the patient) must be adequately established. Further, physicians should only prescribe medicinal products or medical devices via Recip-e, the official system for electronic prescriptions. The National Council has, since its communication in June 2022, advised on a number of topics relating to teleconsultations, including whether a certificate of absence can be provided to a patient by its physician during teleconsultations without face-to-face contact and whether a deposit for booking a doctor’s appointment via a platform can be requested.
Slowly but surely, a liberalisation on the sale of medicines and medical devices is also emerging. As of 2019, patients and healthcare professionals can purchase their medical devices (carrying a CE mark) directly (online) from any distributor or manufacturer instead of in a pharmacy.
Since remote healthcare, logically, relies heavily on the use of online platforms enabling audiovisual communication, the EU Digital Services Act, which applies as from 17 February 2024, has a significant impact as well.
Telehealth services have only been introduced in the nomenclature of the NIHDI in the past few years and, even now, a comprehensive reimbursement scheme is lacking. Certain mobile health applications that (i) are classified as a medical device, (ii) are CE marked, connected or interoperable with the Belgian eHealth-platform, and (iii) have demonstrated sufficient socioeconomic added value are eligible for reimbursement (see 4.4 Regulatory Developments).
As of August 2022, teleconsultations via video or telephone conference are included in the nomenclature of the NIHDI and are consequently being reimbursed. The NIHDI is also testing a number of pilot projects concerning telemedicine and has expressed its commitment to develop a consolidated framework in the near future.
Consumer and connected devices and the IoMT are welcome allies in the fight against a rise in welfare and chronic diseases, the challenges arising from an ageing population and a healthcare budget that is increasingly under pressure from innovative but high-cost therapies. As discussed above (see 5.1 Internet of Medical Things and Connected Device Environment), it is mainly the integration of different technologies such as cloud computing services, AI-driven and machine learning technologies and sensor tag technology in (wearable) devices connected to mobile applications that has enabled the IoMT to flourish. Through wearables, physicians can monitor patients consistently and effectively at home, leaving hospital beds available for patients who need to be admitted for intervention. The older generation is able to live at home for a longer period via the help of digital assistants and medical-alert systems, which reduces the burden on residential care centres and care staff. Lastly, individuals are empowered to take their health into their own hands and, consequently, the overuse of healthcare services is prevented.
Nonetheless, the devices and applications related to the IoMT are not without their controversies. To begin with, mobile health applications and consumer devices are often presented as a wellness or fitness device and manufacturers avoid labelling their products as “intended for medical purposes” in order to evade the stringent regulatory requirements applicable to medical devices (for more information on classification as a medical device, see 6. Software as a Medical Device). Accordingly, medical advice may be disguised as lifestyle recommendations given by unqualified professionals, contrary to the rules on lawful practice of medicine and the regulatory oversight by the FAMHP on medical devices.
Another key problem is the inequality of access to these devices and technologies, as the reimbursement schemes for digital healthcare applications remain fragmented (see also 7.3 Payment and Reimbursement). Furthermore, since the patient data collected by IoMT devices and applications is often transmitted to the manufacturer prior to being provided to the healthcare provider, the medtech industry collaborates with healthcare professionals more closely and comes into contact with patients and patient organisations more often and more closely, which results in concerns regarding the advertising and promotion of health products. Last but not least, cybersecurity and privacy risks (eg, cyberattacks, malware, data breaches, phishing, etc) are also prominently present in this field of digital healthcare, as devices, technologies and applications are interconnected, which increases the “attack surface” of healthcare organisations and complicates the monitoring of security vulnerabilities. This lack of visibility also affects the security of personal (health) data collected in this setting, which is processed outside the strict realms of healthcare provision.
To date, the increased security risks resulting from the integration of different technologies and the connectivity between devices remains insufficiently addressed by applicable cybersecurity and data protection legislation and policies. However, the importance of ensuring device security in a healthcare setting cannot be underestimated, especially since any alterations in the functioning of IoMT devices resulting from cyberattacks could potentially jeopardise a patient’s life. While it is the responsibility of device manufacturers to design security and data protection into their devices, healthcare organisations could also take protective measures; eg, by creating an isolated network for connected devices, investing in the automated monitoring of security vulnerabilities and organising cybersecurity training for their staff.
The low latency, increased speed and bandwidth of 5G networks allows cellular wireless networks to compete fully with wired networks in the provision of digital healthcare. This, in turn, could allow for the provision of telehealth services from, and to, practically everywhere, even in the absence of wired networks. The possibilities for remote healthcare that 5G brings to the table are crucial for medical treatment in disaster areas, as wired infrastructure might be impacted or destroyed as a result of a disaster, or these areas might be hard to reach. The same applies for first responders, who, through 5G technology, will be able to provide remote first aid or benefit from the qualities and experience of specialists and colleagues without a need for their physical presence.
Moreover, the aforementioned qualities of 5G networks coupled with its increased connection density will allow for a more complete and effective integration of technologies such as the IoMT in digital healthcare. For example, one might think of the use of sensors and wearables, allowing the monitoring of vital functions not only during a telehealth consultation but consistently over a longer period, providing healthcare practitioners with useful insights on the overall health, stability or pathology of a patient. The use of IoMT technologies (enabled by 5G networks) will allow this data to be transmitted automatically to healthcare practitioners and allows the various wearables or sensors to communicate and interact with each other.
Overall, it can be expected that 5G will enable the provision of remote healthcare services in a more effective, reliable and comprehensive manner, with the possibility of remote operations due to low latency of 5G networks as a pinnacle.
Nonetheless, the highly sensitive and private nature of data created, processed and transferred in the context of digital healthcare is diametrically opposed to the public character of (5G) wireless communication networks. Hence, when entering into arrangements with telecoms providers that deploy and manage a 5G network, sufficient attention to provisions regarding responsibility for network security and data protection and privacy will be paramount. Furthermore, when relying on (wireless) technologies for the provision of critical services such as healthcare services, contractual provisions regarding the assurance of connection stability and liability for failure or interruption of services will also be crucial.
In the Belgian context, it needs to be noted that the telecom sector is currently an enforcement priority of the Belgian Competition Authority, which became evident when the Authority announced that it launched an investigation into anti-competitive practices in the roll-out of fibre-optic networks. The outcome of such investigation may further impact the roll-out of such networks and consequently, the 5G connection that may depend upon them.
Patients have the right to privacy and a carefully kept and stored (electronic) patient record in relation to their healthcare professional (Articles 9 and 10 of the Act of 22 August 2002 on Patients’ Rights and Articles 33–40 of the Health Care Quality of Practice Act of 22 September 2019). However, the time when medical confidentiality by healthcare professionals was sufficient to safeguard patients’ health information is long gone. Patient information is currently stored in an electronic health record on the eHealth-platform (the online portal of the Belgian federal government for storing and sharing health data) and can, to the extent relevant for treatment, be accessed by a patient’s healthcare providers. In November 2023, an amendment to Article 5, 4°, b) of the Law Establishing and Organizing the eHealth Platform has been adopted by the Belgian legislator. This provision eliminates the requirement for prior patient consent to upload medical records to the platform. Instead, it offers patients an opt-out option.
In Flanders, Vitalink is the digital platform that enables healthcare providers to share data of their patients, taken from their electronic health record, in a simple and secure way.
In addition, in a digitalised healthcare industry, several other participants will need to process a patient’s personal data. A prominent focus of the Belgian eHealth Action Plan 2022-2024 is the development of a Belgian Integrated Health Record (BIHR). This advanced model of data exchange, facilitated through a central digital platform, aims to enhance collaboration among all health stakeholders, ensuring a seamless continuum of care for patients. Among its objectives is the transformation of "real-world data" from the BIHR into "routinely collected data," thereby improving documentation, accessibility, quality, and reusability of the information.
In this context, stakeholders should bear in mind that personal information regarding health and genetic and biometric data (for the purpose of identification) is considered sensitive personal data under Article 9 of the GDPR. Processing of such personal data is principally prohibited, unless a justification applies. Personal data relating to health can therefore only be processed in exceptional cases.
Besides the GDPR, recent initiatives have been taken to empower the patient in taking a more active role in the management of their health and accompanying health data. For example, the recent updates to the Patients’ Rights Act of 22 August 2002 require healthcare providers to make patient data available through government-validated online platforms and allow the patient to record some of its choices (eg, with respect to its care plan) and communicate with its healthcare provider online. Further, the patient’s right to receive information about its health status is reinforced.
Data Processing in Partnerships and Secondary Use
Other uncertainties relate to the data processing roles and responsibilities in multi-stakeholder innovative partnerships such as consortium agreements, but even in multi-study-site clinical research projects, it remains dubious which processing role each party takes on. This leads to ambiguity for data subjects and can cause considerable delays in negotiations in partnership agreements.
Another point of interest is the possibility to use existing research data for secondary use. The objective of the new Data Governance Act is to govern the reuse of publicly held, protected data, both personal and non-personal. This is accomplished by regulating new data intermediaries and fostering data sharing for altruistic purposes. Of course, if it concerns personal data, the GDPR also applies. The GDPR and the European Commission guidelines provide some flexibility to ask for consent for a broader field of research instead of for one research project; however, it remains to be seen how any such margin should be interpreted in practice (see Recital 33 of the GDPR). One of the key objectives of the European Health Data Space is to make health data (such as data resulting from research and development activities undertaken by pharmaceutical companies) available for re-use for research, innovation and public health purposes.
In relation thereto, Belgium has recently established a Belgian Health Data Authority tasked with overseeing the secondary use of health data and, more broadly, facilitating the exchange of health data for research purposes.
On 24 April 2024, the European Parliament approved the draft regulation creating a European Health Data Space, boosting the availability of qualitative health data and facilitating the sharing of personal data of patients for research, innovation and improvement of public health without losing sight of data protection and privacy. The regulation still needs to be formally approved by the Council of the EU before becoming law. The regulation will undoubtedly be a major step forward for digital healthcare in the EU, making especially the future of machine learning and AI in research and innovation look quite promising.
In the current healthcare ecosystem, it may be more appropriate to make use of the term “augmented intelligence” rather than “artificial intelligence”; that is to say, human capabilities can only be augmented but not replaced by intelligent devices. AI systems work well in verifying outcomes, correcting human errors and processing large amounts of information efficiently, but are presently not intended to function without human instruction, oversight and intervention in an industry as sensitive as the healthcare industry.
AI-driven technologies could offer an automated analysis of the collected data, recognising or predicting diseases to significantly increase the quality and speed of diagnosis.
For machine/deep learning and AI to work to the best of their abilities, large amounts of highly qualitative training data sets are needed. This requirement seems often to be at odds with a few of the basic principles of the GDPR, such as purpose – and use – limitation and data minimisation. It may therefore be challenging to secure sufficiently comprehensive rights on data in order to be able to use and share such data with relevant partners. Transparency and patient empowerment are useful tools that may help this purpose; ie, if extensive information about the processing of personal data is given by the healthcare provider to the patient, a patient is more willing to give its free informed consent (although the adequacy of consent as a legal basis must not be overestimated).
Lastly, due to the emergence of virtual assistants (such as Alexa), natural language processing (NLP) (ie, the ability of a computer program to understand human language as it is spoken and written) is slowly but steadily becoming integrated into the healthcare industry. However, NLP has led in the past to significant concerns from a data protection and privacy perspective due to the difficulty to confirm and verify the results of the data processed by AI systems, which are often characterised by bias. As a result, AI is usually difficult to deploy in a transparent manner and thus it is paramount to always carefully assess its intended use (eg, data processing impact assessment) in order to apply appropriate additional measures.
In April 2021, the European Commission unveiled its AI package proposing new rules and actions to turn Europe into the global hub for trustworthy AI. On 21 May 2024, the Council of the EU formally approved the EU Artificial Intelligence Act (already approved by the European Parliament in March), which sets out the regulatory framework applicable to all AI systems and models placed on the EU market, with specific requirements depending on the intended use case of the system or model. AI systems and models, including their output, developed and put into service for the sole purpose of scientific research and development do not fall within the scope of the Artificial Intelligence Act.
Although the Artificial Intelligence Act aims at protecting fundamental rights when AI is deployed, it does not cover any risks relating to black box AI, nor are there any guidelines in place that apply to this concern.
Due to the lack of transparency, black box AI poses a significant challenge in the context of the processing of personal data; namely, data subjects (eg, patients) have the right not to be subject to a decision based solely on automatic processing (Article 22, GDPR). A data subject may therefore request that a decision made about them by automated means shall be reviewed by a natural person (eg, a doctor). It may be difficult for the natural person to assess whether the decision made by an AI system was correct if that person is not aware of how the AI system decided on a certain outcome.
Companies that are entering the digital healthcare market by developing and selling new digital healthcare technologies should be aware of the challenges that the convergence of two industries entails. Traditional healthcare or pharmaceutical companies may be confronted with pertinent challenges relating to cybersecurity and data protection when entering digital markets (eg, ransomware, phishing and denial-of-service attacks). On the other hand, companies that are ordinarily involved in the offering of digital services and products to customers may be surprised to learn about the highly regulated context of the healthcare industry and the additional compliance requirements associated with entering that market.
Healthcare institutions or other customers of such new technologies have every interest in appropriately allocating the roles and responsibilities when negotiating agreements (eg, master services agreements, software as a service (SaaS) agreements and data processing agreements) and in adequately addressing any inherent risks.
In order for digital healthcare to be fully embraced by healthcare organisations and healthcare professionals, considerable changes to the infrastructure and organisation of hospitals and practitioners will be required. For instance, several cyber-attacks on Belgian hospitals and testing centres during the COVID-19 crisis have proven that healthcare institutions are a frequent target for cybercriminals and are often ill prepared for such a challenge.
At the level of the individual practitioner, several barriers prevent the adoption of healthcare technologies. A study by the Belgian Health Care Knowledge Centre concluded that general practitioners struggle with security concerns and an overload of information on e-health platforms. They also have to invest substantial amounts of their own time in getting to know new IT systems and they are reluctant to depend on external services for the operability and functioning of their general practice.
Besides investment in better infrastructure, due care should be given to a radically different manner of educating healthcare providers. In order for AI, mobile health technologies and wearables to find their way to individual practitioners, these caregivers should be incentivised and educated thoroughly and continuously. The Health Care Quality of Practice Act of 22 September 2019 imposes an obligation of continuous learning on healthcare professionals; however, multiple implementing acts are still required and qualitative digital healthcare learning opportunities need to be offered to practitioners.
As a final point, while improving the infrastructure at the level of healthcare organisations and professionals is critical for advancing digital healthcare, careful consideration should also be given to equal access and non-discrimination of patients. The uptake of the IoMT and general connectivity of patients must therefore also be reviewed on a population level.
Data management is of the utmost importance for companies active in the healthcare industry. For instance, adequately managing clinical trial data is fundamental with regard to the set-up, conduct and successful outcome of clinical trials. In this context, the Clinical Trial Regulation (Regulation (EU) No 536/2014) regulates clinical data management, which should result in the generation of high-quality and statistically reliable data from clinical trials. The central database “Clinical Trials Information
System” supports the entry, verification and quality control of data collected during clinical trials.
As discussed (see 13.1 IT Upgrades for Digital Healthcare), the healthcare industry is a frequent target for cyber-attacks, and is generally ill prepared for such hazards, requiring swift and appropriate measures. In this context, there are several national and European initiatives, laws and regulations that aim at fostering and upgrading companies’ IT infrastructure and ensuring the continuity of care, including the Early Warning System of the Belgian Centre for Cybersecurity, the (Belgian implementation of the) NIS2 Directive or the Health Care Quality of Practice Act of 22 September 2019.
As mentioned before, the European legislator has made it a priority to improve the access to and encourage the sharing of both personal and non-personal data in the EU market, including by means of the Data Act and the Data Governance Act.
There are no frameworks in place that particularly apply to the protection of intellectual property in the field of digital healthcare. Therefore, one has to revert to existing and traditional regimes regarding intellectual property protection. Slowly but steadily, those regimes are being updated to keep pace with rapid technological developments.
Inventions are patentable if they fulfil the criteria of novelty and inventiveness and if they are capable of industrial application. Computer programs are in principle exempt from patent protection as such; however, software may be protected if incorporated in a product of a technical nature. Problems arise in relation to the inventor of AI inventions. Under the current guidelines for applications to the European Patent Office, the inventor needs to be a human being. This is problematic when inventions are made by AI without human intervention. In addition, one might wonder whether patents for inventions made by AI need to be vested in the researcher who discovers the invention when using the AI technology, the owner of the AI technology or the developer of that technology.
Furthermore, the author of a literary or artistic work that is original and expressed in a specific form is granted copyright protection. To the extent software and databases meet the requirements of expression and originality, they can also be protected by copyright. Copyright only protects the structure of a database and not its content. In addition, the content of a database can be protected by the Sui Generis Database Right if the acquisition, control or presentation of that content qualitatively or quantitatively represents a substantial investment on the creator’s or developer’s part (Article XI.306 of the Code of Economic Law). The European Union Directive 2019/790 on Copyright and Related Rights in the Digital Single Market (the Copyright Directive), which has been transposed into Belgian law by the Act of 19 June 2022, attempts to make the copyright legal framework more adapted to the reality of the digital environment in which works are now created, distributed and exploited.
Trade secret protection in Belgium is detailed in Title 8/1 of Book XI of the Code of Economic Law and based on Directive (EU) 2016/943 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure. Information constitutes a trade secret if:
The illegitimate disclosure or acquisition of such information can be contested in court and sanctioned.
There are many advantages and disadvantages in the context of intellectual property protection. A pertinent example relates to the fact that such protection might simultaneously foster and hinder innovation.
On the one hand, intellectual property protection plays a crucial role in fostering innovation, particularly in the context of R&D. Digital healthcare companies invest heavily in the development of a product, which usually requires a lot of time, energy and money. Successful products might be highly lucrative, which, in turn, might result in the digital healthcare company having a commercial advantage when compared to its competitors. Therefore, once granted, intellectual property protection provides the necessary tools to safeguard the hard work and prevent competitors from infringing the product. In this context, intellectual property incentivises innovation.
On the other hand, intellectual property protection might hinder innovation, especially when digital healthcare companies seek to obtain intellectual protection solely for anti-competitive purposes and hence use this protection to prevent competitors from entering the market. For instance, the digital healthcare company might use patents as a strategic deterrent by building up so-called patent thickets, making follow-on innovation by other firms entering the market a more challenging, costly or even impossible process.
The latest regulatory developments at EU level endeavour to address this tension by striking a balance between the advantages of intellectual property protection on the one hand and the need to make data more accessible to stimulate data-driven innovation on the other.
In this context, a noteworthy example of the merits of the Copyright Directive would be the introduction of exceptions to copyright for text and data mining (ie, the automated analysis of large bodies of data in order to generate knowledge on patterns, trends and correlations), which will be particularly useful for the training of data-driven AI systems. Indeed, having to obtain the prior authorisation of the owner of a database before being able to extract data from it would be excessively time consuming in the context of the development of an AI system.
Additionally, the new Data Act will likely have an impact on different forms of intellectual property protection. Article 43 provides, for example, that the Sui Generis Database Right (discussed above) does not apply to databases containing data obtained from or generated using an IoT product or related service. The absence of intellectual property protection for the content of such databases will significantly facilitate the use and sharing of (health) data resulting from IoMT devices. The Data Act further provides exceptions to the rule that trade secrets should only be disclosed with permission of the holder. As part of the data sharing obligations it introduces, the trade secret holder may be required to disclose its trade secrets to the user of a connected device or even a third party, subject to the user of a connected device or third party taking adequate technical and organisational measures to preserve the confidentiality of the trade secret. However, the regulation also shows respect for intellectual property rights by expressly requiring that any such disclosures are backed by confidentiality obligations and clarifying that the obligation of the holder to make data available to a data recipient does not automatically oblige the disclosure of trade secrets, unless otherwise required by EU or national law.
Finally, the draft regulation on the European Health Data Space also includes data sharing obligations in relation to anonymised or pseudonymised patient health data, which may be in tension with intellectual property and trade secret protection if it requires companies to share commercially sensitive data with competitors.
The contractual licensing structures in the digital healthcare industry vary depending on the type of product. For example, to download medical, fitness and well-being apps, digital health providers will usually offer an end-user licence agreement in order for the end user (B2C) to be able to use the app and its underlying software. As far as it concerns the licensing of cloud services, generally, the SaaS licence is used, where the cloud service provider hosts the app and related data, and makes it available to end users (B2B and B2C) over the internet.
Education is a competence of the Communities in Belgium. The Codex Higher Education of the Flemish Community provides that the intellectual property rights to inventions created by salaried researchers in the course of their research duties for the university or the university of applied sciences are vested in that university (of applied sciences). The university has the sole right to exploit any such inventions. Belgian universities have a long tradition of creating and supporting spin-off companies and the Flemish Catholic University of Leuven (KU Leuven) has been named the most innovative university in Europe several years in a row for its large amount of (successful) patents filed in the field of pharmaceuticals and biotech, agriculture and food, chemicals and medical devices.
Belgian universities often collaborate with industry partners and participate in European consortium projects by conducting R&D or seconding one of their researchers to a project. The ownership and exploitation of intellectual property rights differ from project to project; however, Belgian academic institutions often endeavour to secure the ownership rights to their R&D results and grant the exploitation rights to the industry.
The pandemic has evidenced that better public health is driven by improved collaborative working, including through public-private partnerships. In order to foster the innovation that such partnerships can yield, trust between the different participants needs to be built, including while drafting and negotiating R&D agreements. In this regard, the allocation of ownership and exploitation rights for digital health inventions must be determined from the outset.
As previously stated, default statutory rules vest intellectual property rights of new ideas, works or inventions with the inventor or author of such work. Therefore, pharmaceutical and medtech companies that outsource part of their R&D need to consider which rights they need to secure in relation to the results of the R&D, including if, and to what extent, they have sufficient freedom to operate to exploit the outcomes of their research investment commercially.
New technologies increase the number of participants involved in healthcare and make it increasingly complicated for a patient to seek redress for damage caused in the provision of healthcare. The liability of a physician or hospital can be invoked contractually and extra-contractually, depending on the act from which the damage arises. Furthermore, patients can seek compensation from the Fund for Medical Accidents in the case of severe damage caused by:
This Fund for Medical Accidents is financed exclusively by the Belgian state and is a service of the NIHDI.
Furthermore, product liability for medical devices is based on the strict liability regime of Directive 85/374/EEC. In this regard, a medical device is defective when it does not provide the safety that a person is entitled to expect, taking into account all circumstances, including:
Any person in the production chain, the EU importer and the supplier might be held liable.
In light of new technologies, these classic liability regimes may need to be revisited. A first step has already been taken by the EU Digital Services Act, which (slightly) updates the rules on liability of providers of online intermediary services, including cloud services providers, in relation to illegal content provided by the recipient of the service and published on the online platform. While the liability of the provider for copyright breaches and other infringements committed by customers through their services remains limited in principle, the EU Digital Services Act introduces more extensive transparency and due diligence obligations, which may result in an increased risk of liability for the provider. This may have implications for hosting service providers involved with health data and/or intermediaries connecting patients with HCPs.
AI-driven software sometimes lacks transparency in its decision-making and demonstrates considerable autonomous behaviour. This leads one to question whether a physician is at fault (and liable) if that physician does not follow a diagnosis made by an AI technology or, conversely, whether that physician fails to perform the required due diligence by making treatment decisions based on a diagnosis made by an AI technology without knowing exactly how the software reaches a conclusion. With respect hereto, the proposal for an Artificial Intelligence Liability Directive, complementing the AI Act, suggests the implementation of both a strict (product) liability and a fault-based liability regime for AI technologies, depending on the risk involved in that AI system.
Similarly, the existing product liability regime may not always offer relief with regard to defects in digital health technologies, as many of these applications contain one or several service elements, which may make it more difficult to classify the technology as a defective product.
In this context, the EU is currently overhauling its product liability laws in an attempt to better address the risks resulting from the new technological developments. The new Product Liability Directive was adopted by the European Parliament on 12 March 2024 and is awaiting formal approval from the Council of the EU. The most important changes include the expansion of the definitions of “product” to include software and “defect” to include cybersecurity and connectivity issues; the expansion of the scope of the damages that can be claimed to include medically recognised damage to psychological health and data loss or corruption; the removal of the EUR500 threshold for claims and the reduction of the burden of proof on the injured person (ao through the introduction of a presumption of the product’s defectiveness in certain situations, such as for scientific or technically complex cases). It is clear that these updates will have a significant impact on life sciences companies, especially those developing IoMT devices and other digital healthcare solutions.
As stated above, multi-participant involvement in the manufacture of digital healthcare technologies and the provision of healthcare services has gradually more complex to allocate responsibility. Under the defective product regime, any participant in the supply chain may be held liable, including the EU importer and the supplier.
As with data protection, any controller is accountable for any damage that arises from a processing activity that breaches the GDPR, in contrast with processors, which are only responsible for damage that is the result of that processor acting outside the lawful instructions of the controller. Data processing agreements thus often include rigid liability and indemnification obligations to ensure a controller can recover the damage that is caused by its service provider from that processor.
Introduction
The digital healthcare landscape in Belgium has experienced profound changes in recent years, propelled by technological advancements, evolving patient needs, and challenges brought on by the COVID-19 pandemic. The pandemic, in particular, has accelerated the adoption of digital health technologies across the country, mirroring global trends. The heightened need for remote care, telemedicine, and data-driven decision-making has underscored the importance of a robust and adaptable digital healthcare infrastructure. The crisis also highlighted the necessity for innovation and collaboration among stakeholders to build a more resilient system.
In light of these developments, this overview explores the key trends shaping Belgium's digital healthcare ecosystem and highlights the main challenges faced by healthcare organisations and policymakers.
Integrating Care: The Rise of Data Sharing Systems in Belgium
The growing emphasis on healthcare data sharing and interoperability has emerged as a key trend in Belgium's digital healthcare landscape. Historically, Belgium's healthcare system was very fragmented, marked by minimal co-ordination across different providers and care settings. Patients frequently encountered gaps in care when moving between healthcare providers or settings, such as transitioning from hospital to home care. This lack of co-ordination and data sharing led to inefficiencies, redundant efforts, and less-than-ideal patient outcomes. Interoperability efforts now aim to enhance continuity of care and improve communication across healthcare environments.
Several Belgian initiatives illustrate this push for better data integration and interoperability among healthcare stakeholders. For instance, the Flemish government's Vitalink platform enables secure sharing of critical patient data like vaccination records, medication schedules, and summaries from general practitioners (GPs) to other healthcare professionals, ensuring that relevant patient information is accessible across various care settings. Similarly, the Brussels Health Network (BHN) connects all public and private hospitals in the Brussels region, as well as the French and Dutch-speaking associations of GPs in Brussels. Through the BHN, healthcare providers can access and share relevant patient information, such as medical history, test results, and medication lists. This integration helps to avoid unnecessary repeat tests and medical history recounting, thereby enhancing care quality and efficiency.
The rapid expansion of digital health technologies such as electronic health records (EHRs) and telehealth platforms (eg, myconsultation.be, Doctena, Doktr) further facilitates data exchanges. EHRs allow healthcare professionals to access and share patient information securely, ensuring continuity of care and telehealth platforms to enable remote consultations and monitoring, facilitating care co-ordination between patients and healthcare providers. The commitment to improving data interoperability is also evident in the development of the European Health Data Space (EHDS), aimed at enabling cross-border health data exchange to support research and policymaking within the EU.
Implementation of these technologies has faced important challenges. Chief among these is the need to ensure data privacy and security, requiring comprehensive governance frameworks and robust technical safeguards. Belgium has taken steps to address these challenges, such as establishing the Belgian Health Data Agency to supervise the secondary use of health data and facilitate data exchange for research purposes.
However, healthcare providers still face the complexity of integrating various systems and workflows, which demands significant investments in infrastructure and training. For instance, the slow adoption of the mHealthBelgium validation pyramid and the limited reimbursement for mobile health apps indicate the need for a more supportive regulatory framework. These challenges underscore the ongoing need for strategic planning and resource allocation to successfully navigate and capitalise on digital health advancements in Belgium.
The Role of Multi-Stakeholder Partnerships
Another critical factor driving healthcare innovation in Belgium is the rise of multi-stakeholder partnerships. The Belgian digital health ecosystem includes a variety of key players: government bodies such as the Belgian Federal Public Service of Health, Food Chain Safety and Environment [Service public fédéral Santé publique, Sécurité de la chaîne alimentaire et Environnement / Federale Overheidsdienst Volksgezondheid, Veiligheid van de Voedselketen en Leefmilieu], regional health authorities like the Flemish Agency for Care and Health [Vlaams Agentschap Zorg en Gezondheid] and the Walloon Agency for a Life of Quality [AVIQ – Agence pour une Vie de Qualité], healthcare providers from hospitals to primary care centres and individual professionals, technology companies from multinational corporations to local startups, and research institutions including universities and academic medical centres. Patient organisations also play a pivotal role, advocating for patient needs and shaping the digital health landscape.
These diverse stakeholders come together in multi-stakeholder partnerships to co-create digital health solutions that address real-world challenges. An example of such collaboration is the Walloon e-health Living Lab (WeLL) by Mecatech which unites healthcare providers, technology firms, research bodies, patient organisations, and public authorities. This partnership focuses on developing and validating innovative e-health solutions like telemedicine platforms, remote monitoring devices, and mobile health applications.
One such initiative is the Mens Sana project, launched by WeLL in collaboration with the Réseau Santé Namur. The project aims to understand the needs of mental health users and develop support tools that allow them to thrive in their living environment. Through the Living Lab approach, a participatory process, and the involvement of all project stakeholders, the Mens Sana project has led to the development of a digital innovation: the NOO application. These collaborations foster an environment of co-operation that drives digital health adoption in Belgium.
Belgium's comprehensive approach includes developing strategies such as the Belgian Integrated Health Record [https://www.health.belgium.be/en/node/43130], aligning with European digital health priorities, and promoting multi-stakeholder partnerships. This integrated strategy aims to create a robust and inclusive digital health ecosystem, ensuring that the benefits of digital health are accessible to all, thereby enhancing the quality and accessibility of healthcare throughout the country.
Patient Empowerment, Remote Monitoring and Personalised Medicine
The digital healthcare revolution in Belgium has significantly enhanced patient empowerment. The introduction of telemedicine platforms, remote monitoring devices, and wearable technologies has given patients greater control over their health information, allowing them to actively participate in their care journey. These tools provide the ability to access healthcare services remotely, monitor health metrics in real-time, and engage more effectively with healthcare providers. Belgian startups are at the forefront of this movement, developing innovative solutions for remote patient monitoring and disease management.
For instance, a smartphone app employing photoplethysmography to detect atrial fibrillation has been approved with CE marking and is used by patients and healthcare providers nationwide. Likewise, a wearable platform that captures a wide array of physiological parameters is currently being tested in both clinical trials and real-world settings, demonstrating the impact of continuous monitoring on patient outcomes.
This shift towards a more efficient, remote method of healthcare delivery is particularly timely, as Belgium faces a declining number of GPs, many of whom are nearing retirement, with fewer young doctors entering general practice. This impending shortage is likely to result in longer waiting times and reduced access to primary care, especially in rural and underserved areas. Telemedicine and remote monitoring technologies present a viable solution to bridge this gap, allowing patients to consult healthcare professionals remotely and thus easing the strain on the healthcare system. Telemedicine also enhances the efficiency of healthcare delivery, enabling GPs to manage larger patient populations and prioritise in-person consultations for more complex or urgent cases.
Furthermore, the integration of telemedicine into the Belgian healthcare system promotes a more sustainable and cost-effective model of care. By reducing the necessity for in-person consultations and enabling early intervention and preventative care, telemedicine can potentially reduce healthcare costs and improve patient outcomes over the long term.
The future of digital health in Belgium is further shaped by the integration of Artificial Intelligence (AI) into healthcare. The Belgian (federal) government and healthcare stakeholders continue to invest in AI research and development, expecting AI to play a crucial role in enhancing the efficiency and effectiveness of healthcare delivery. Leveraging advances in genomics, data analytics, and AI, healthcare providers will be able to customise treatments to individual patients based on genetic profiles, lifestyle factors, and health histories. Belgian companies are developing AI-driven solutions for personalised medicine, with a focus on oncology and infectious diseases, promising improved patient outcomes and more efficient use of healthcare resources. For example, a company based in Leuven has devised AI algorithms for analysing brain scans, assisting in the diagnosis and monitoring of neurological disorders.
These advancements in personalised medicine are part of a broader potential for digital health to improve healthcare costs and efficiency in Belgium. Technologies such as telemedicine, remote monitoring, and AI-powered decision support systems can streamline processes, reduce unnecessary hospital visits, and optimise resource allocation. For instance, telemedicine could significantly cut costs by decreasing the need for in-person consultations and minimising travel expenses for patients. AI algorithms can also expedite the medical imaging analysis process, enhancing the efficiency of radiologists and reducing the time and costs associated with diagnosis and treatment planning.
As digital health solutions become more user-centric and intuitive, patient engagement is expected to increase, leading to better health outcomes and a more sustainable healthcare system. The future of digital health in Belgium will be shaped by the growing emphasis on patient empowerment and engagement. Digital tools, such as patient portals, mobile health apps, and online communities, enable patients to take a more active role in managing their health and well-being.
In summary, Belgium's digital healthcare landscape is being transformed by a variety of innovative technologies and trends. The increasing adoption of telemedicine, remote monitoring, and AI, coupled with the development of data-driven healthcare ecosystems, are poised to address pressing challenges such as the GP shortage and the need for more efficient healthcare delivery.
Regulatory Landscape and Reimbursement Challenges
Efforts to cultivate a robust digital health ecosystem in Belgium are often challenged by the intricate landscape of laws and regulations at both European Union and Belgian levels. For instance, compliance with the EU Medical Device Regulation and the EU In-Vitro Diagnostic Regulation can be particularly challenging for digital health companies, especially small and medium-sized enterprises. These regulations demand comprehensive clinical evidence, robust quality management systems, and continuous monitoring, which can be both resource-intensive and time-consuming. To effectively manage these regulatory demands, digital health companies must engage proactively with regulatory authorities, seek guidance from notified bodies, and invest in the infrastructure and expertise necessary to meet compliance standards.
Belgium's strong position in clinical research highlights the importance of maintaining a robust regulatory framework. For instance, in 2022, approximately 20% of all European clinical trials for cancer drugs were conducted in Belgium. Companies in the country invest EUR15 million per day in research and development, with a significant portion dedicated to clinical studies. Efforts to maintain Belgium's strong position in Europe face challenges, such as participant mobility, lack of trust in medical research due to knowledge gaps, economic barriers, and linguistic and cultural differences that may hinder communication.
The recent AI Act, which was officially adopted by the EU in May 2024, represents a significant development in the regulatory landscape. It is expected to be published in the EU's Official Journal shortly as at the time of writing. The AI Act introduces a risk-based framework for regulating AI systems, with stringent requirements for high-risk applications, including those used in healthcare. This legislation will notably influence the digital health sector in Belgium by mandating specific controls for high-risk AI systems.
The new requirements come on top of ongoing regulatory challenges, such as the General Data Protection Regulation (GDPR) which continues to shape the sector by enforcing strict rules on personal data processing, particularly health data, which requires heightened safeguards. Digital health companies are required to design their solutions with robust data protection and privacy measures, implementing effective technical and organisational controls to secure patient data.
Cybersecurity is another critical component of digital health regulation. The recent enactment of the NIS2 Belgian law, aligning with the EU's NIS2 Directive, mandates stricter cybersecurity measures for entities in critical sectors, including healthcare. As digital health technologies proliferate, ensuring strong cybersecurity protocols is essential for protecting patient data, maintaining trust in digital health solutions, and adhering to the evolving regulatory framework.
Despite these regulatory challenges, another significant barrier in Belgium is the reimbursement and funding for digital health solutions. The mHealthBelgium validation pyramid, introduced in 2018, was designed to facilitate the reimbursement of mobile health apps. This pyramid applies criteria at three levels: M1 (CE marking as a medical device), M2 (meeting interoperability and connectivity criteria), and M3 (demonstrating socioeconomic value for reimbursement). An app must satisfy the criteria at all levels in order to be reimbursed. However, adoption has been sluggish, and as of early 2024 only a few apps have successfully met all criteria to achieve reimbursement. The process of demonstrating socioeconomic value (level M3) has proved particularly daunting, limiting the broader integration of these technologies into the Belgian healthcare system.
Conclusion
Belgium is making significant advances in digital health, highlighted by its adoption of telemedicine, use of wearables, and the integration of AI into healthcare. The country benefits from a thriving ecosystem that includes prestigious academic institutions, innovative startups, and committed investors. This environment has set the stage for substantial growth in Belgium's digital health market, expected to reach revenues of USD889.80 million by the end of 2024. This growth is projected to continue, achieving a market volume of USD1,111.00 million by 2028, with a compound annual growth rate of 5.71% from 2024 to 2028.
Within this market, Digital Fitness & Well-Being is forecast to be the largest segment, generating revenues of USD389.20 million in Belgium in calendar year 2024. This prediction reflects the shift towards preventive and personalised care and the widespread use of wearables and mobile apps to promote health and monitor well-being.
Glaverbel Building
Chaussée de La Hulpe
166 Terhulpsesteenweg
1170 Brussels
Belgium
+32 2 647 73 50
+32 2 640 64 99
brussels@vbb.com www.vbb.com