The EU Digital Services Act, set to take effect on February 17, 2024, will have significant implications for US-based healthcare IT companies and may influence future legislation in the United States. This new EU law updates the existing EU Electronic Commerce Directive and aims to address illegal and misleading online content, protect Internet users from fraud, and improve control over personal data collection and usage.

One key aspect of the Act is the inclusion of new legal requirements for Very Large Online Platforms (VLOPs) such as Amazon and eBay, and Very Large Online Search Engines (VLOSEs) such as Bing and Google. These platforms, along with other US-based social media companies, e-commerce platforms, collaboration tools, content sharing platforms, messaging apps, and advertising networks, will be required to comply with the EU Digital Services Act if they provide services to EU citizens.

One notable issue addressed by the Act is the liability of online service providers for third-party content generated by users. While providers are initially granted immunity under Chapter 2 of the Act, if they become aware of illegal activity or content and fail to remove or disable access to it, they will be in violation of the Act. This puts pressure on service providers to actively monitor and respond to illegal or harmful content on their platforms.

The Act also introduces requirements for websites that host chatrooms, forums, or allow public comments. Although these websites technically fall under the definition of an online platform, it remains unclear how EU regulators will interpret the terms “minor” and “ancillary” in regards to their obligations under the Act. As a precaution, it is advisable for US-based websites to comply with the Act’s provisions, including reporting suspicions of criminal activity and suspending users who frequently post illegal or misleading information.

Some relevant articles within the EU Digital Services Act for the US healthcare IT industry include the requirement for companies to appoint a “point of contact” for EU citizens, even if they do not collect personal information. Transparency reporting obligations will also be imposed on intermediaries, and organizations must develop complaint and redress mechanisms to address user concerns. Additionally, deceptive designs that manipulate users into making decisions will be prohibited.

The EU Digital Services Act serves as a reminder of the increasing importance of protecting user privacy and ensuring responsible online behavior. As US healthcare IT companies navigate compliance with this new law, it is crucial to prioritize transparency, accountability, and user-centric practices.

Sources:

– EU Digital Services Act.

– EU Electronic Commerce Directive.