EU Network and Information Security Directive implemented into Danish law
The EU Directive on Network and Information Security (Directive 2016/1148/EU of 6 July 2016) has been implemented into Danish law on 10 May 2018.
The EU Directive is implemented by the Danish Requirements for Security of Network- and Information Systems Within the Healthcare Sector Act (no. 440/2018) (Danish language) and executive orders no. 458/2018 and 459/2018 (Danish language).
The new legislation imposes safety requirements that operators of essential services within the healthcare sector must comply with. The requirements aim at reducing the risk of a network or information system failure. It should be noted that operators of essential services must report themselves to the National Health Data Agency by 9 November 2018 at the latest. The Agency has announced that it will publish a form which can be used for the reporting on its website.
A prior version of this post was originally published by the same authors in Practical Law – Life Sciences, May 2018 Issue (Thomson Reuters).