RIS
Thailand’s health data governance is primarily regulated by the Personal Data Protection Act (PDPA) of 2019, the National Health Act of 2007, and the Cybersecurity Act of 2019. Emphasis is placed on swift responses to data breaches, continuous improvements in data protection, thorough risk assessments, and collaborative digital health governance. Compliance with the PDPA and alignment with the GDPR are essential, along with ensuring access rights to healthcare and obtaining explicit consent for sensitive data processing. These measures aim to improve protection, transparency, and accountability in health data management, fostering trust, security, and innovation within Thailand’s healthcare sector.