ISRAEL Law and Practice Contributed by: Alexandra Cohen and Eran Bareket, Gilat, Bareket & Co., Reinhold Cohn Group
ance, but about 30% had only partial compli- ance. However, enforcement in areas like AI/machine learning technologies or SaMD is still evolving. While general laws apply, there are no dedicated enforcement mechanisms yet, and guidance is provided through non-binding principles and alignment with international standards. 3.4 Sufficiency of Oversight Israel has begun to enact dedicated laws rel- evant to digital healthcare, such as the Medical Information Mobility Law (5784–2024). Howev- er, the broader regulatory framework still lacks comprehensive legislation tailored specifically to emerging digital health technologies such as AI, machine learning and SaMD. These areas are primarily guided by non-binding guidelines and general legal principles. While certain risks are strongly regulated through specific laws and dedicated enforcement depart- ments, such as privacy and data protection, the overall framework remains incomplete. There is growing recognition of the need for binding, tar- geted regulation to effectively address the com- plexities and risks posed by advanced digital tools, but no major legislative reforms have yet been enacted. 4. Liability 4.1 Legal Risks of Digital Healthcare Digital healthcare in Israel presents several legal and regulatory risks, primarily due to the absence of comprehensive, binding legislation tailored specifically to this sector. While the pro- tection of privacy and data is subject to a robust legal framework and actively enforced by the PPA, other aspects – such as AI, machine learn-
ing technologies and SaMD – remain governed primarily by non-binding circulars issued by the Ministry of Health, or by general legal principles. This regulatory framework creates uncertainty and increases the risk of non-compliance. This gap in comprehensive regulation also affects regulatory enforcement. Enforcement activities are most developed in the field of pri- vacy and data security, where the PPA exercises supervisory powers, conducts audits and may impose administrative or criminal sanctions. However there are currently no sector-specific enforcement mechanisms for emerging tech- nologies, leaving a gap in regulatory clarity and accountability. This limits the ability of regulators to address sector-specific risks in a consistent and proactive manner. These regulatory shortcomings contribute directly to heightened liability exposure for enti- ties operating in the digital health space. Liabil- ity exposure arises under multiple legal frame- works, including tort law (primarily negligence), strict liability pursuant to the Defective Products Liability Law 5740-1980, and contractual obli- gations. Entities involved in the development or use of digital health technologies may be held liable for harm caused by defective or inad- equately validated systems. In particular, the opaque nature of certain AI-based technologies presents challenges in establishing foreseeabil- ity and causation, complicating the allocation of legal responsibility. 4.2 Liability Frameworks The legal exposures discussed in 4.1 Legal Risks of Digital Healthcare are only partially addressed under statute. Privacy and data pro- tection are clearly regulated under the Protection of Privacy Law, enforced by the PPA, while prod- uct liability is governed by the Defective Prod-
62
CHAMBERS.COM
Powered by FlippingBook