UAE

Eshield Provides a wide range of services to our clients in the Middle East including but not limited to:

• NESA IA:

  To align and direct national cybersecurity efforts by cybersecurity companies in UAE, the UAE Government established the National Electronic Security Authority (NESA). NESA’s primary objective is to enhance national cybersecurity and safeguard our information and communications infrastructure. As part of this mandate, NESA developed the UAE Information Assurance (IA) Standards. Moreover, these standards aim to provide clear requirements for elevating the minimum level of IA across all relevant entities in the UAE. NESA develops and implements information security standards, policies, and guidelines that all entities in the UAE must adhere to in order to maintain compliance with the regulations. It is mandatory for all businesses, government agencies, and service providers operating in the UAE, and involves implementing a range of technical and organizational security measures to ensure the confidentiality, integrity, and availability of information. By complying, entities in the UAE can ensure the security of their operations, protect against cyber threats, and maintain the trust of their customers and stakeholders. Reference

• Abu Dhabi Information Security Standards:

  The Department of Health (DOH) has established the Abu Dhabi Healthcare Information and Cyber Security (ADHICS UAE) Standard as a strategic initiative. This initiative aligns with DOH’s vision and Federal/National mandates, which have been endorsed by DOH’s Executive Committee. Also, the provisions of this Standard are in harmony with international healthcare industry standards for Information Security. Reference

• UAE Data Protection Law(DPL):

  The Personal Data Protection Law, Federal Decree-Law No. 45 of 2021 regarding the Protection of Personal Data, establishes an integrated framework. This framework ensures the confidentiality of information and protects individuals’ privacy in the UAE. It also provides proper governance for data management and protection. Furthermore, it defines the rights and duties of all parties involved in data handling.The United Arab Emirates (UAE) recognizes the importance of safeguarding individuals’ privacy and has enacted comprehensive legislation known as the UAE Data Protection Law. This article aims to provide an overview of the UAE Data Protection Law, its key provisions, and the implications it has on businesses and individuals operating within the country. Reference

• ADHICS:

The Department of Health (DOH) established the Abu Dhabi Healthcare Information and Cyber Security (ADHICS) Standard. The ADHICS is a strategic effort endorsed by the Department of Health’s Executive Committee to fulfil the Department’s vision and government mandates. The ADHIS adheres to industry and international information security standards. It is intended to supplement the government’s Health Information Exchange (HIE) projects, which aim to increase security and public confidence. The implementation of ADHICS by DOH-regulated healthcare entities would increase data privacy and security in the Abu Dhabi health sector. Eshield is one of the best cyber security company in UAE we provide the service of ADHICS Compliance in UAE.

• ADGM Data Protection Regulations 2021 (“DPR”):

  This Guidance aims to explain how the DPR 2021 work and help you understand how your organization can comply with them. It will not tell you exactly what to do because the DPR 2021 recognizes that every organization is different, and therefore allow for some flexibility. However, this flexibility means that you need to think about, and take responsibility for, the specific ways you use personal data. Whether and how you comply depends on exactly why and how you use the data. There is often more than one way to comply with the DPR 2021. Reference

• DHCC Data Protection Regulation No. 7 of 2008) (“HDPR”):

  The purpose of this Health Data Protection Regulation is to promote and protect Patient Health Information and, in particular, to:

  1. Establish certain principles with respect to the collection, use and disclosure by the DHCA and Licensees within DHCC, of Patient Health Information.
  2. Establish certain principles with respect to access by each Patient to his Patient Health Information held by the DHCA and Licensees.
  3. Create a safe environment where health information systems are used to produce relevant and good quality information in support of the delivery of Healthcare Services.
  4. Promote a flexible approach to the protection of Patient Health Information while avoiding the creation of unnecessary barriers to the flow of Patient Health Information to appropriate parties.
  5. Establish a complaints mechanism for the investigation of complaints regarding Patient Health Information. Reference

• PCI DSS:

  The PCI Security Standards Council (PCI SSC) serves as a global forum, uniting payments industry stakeholders. Its purpose is to develop and promote data security standards and resources for safe payments worldwide. The PCI SSC has a clear mission: to enhance global payment account data security. This is achieved through the development of Abu Dhabi information security standards and the provision of supporting services by security companies in UAE. These efforts drive education, awareness, and effective implementation among stakeholders. To ensure alignment with our mission and meet the needs of the global payments industry, we employ a strategic framework that guides our decision-making process. PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. Reference

• Central Bank Consumer Protection Standards Bank’s Consumer Protection Regulation:

  The primary objective of the regulation is to protect consumers and contribute to the overall stability of the financial services industry. Also, the law aims to strengthen governance, promote responsible financing practices, and protect consumer rights. This Regulation comprises 15 articles, providing information about the minimum measures all financial institutions are required to take to protect customers’ data. It was aimed at better protection for the consumers, intended to cut red tape, and put in place a simpler and clearer consumer protection law that would be easier to interpret and enforce. The parameters contained in CPR’s are in tune with the changing times and is comparable with the standards of the European Union General Data Protection Regulation (EU GDPR). The UAE Federal Data Protection Law also combines the leading practices from global data protection laws including EU GDPR and other forward-looking technological concepts. Reference

• Information and Communications Technology(ICT) in Health Fields Law:

  The Federal Law No. 2 of 2019 on the Use of Information and Communications Technology in Healthcare (‘ICT Health Law’) regulates the use of ICT in the healthcare sector throughout the United Arab Emirates (‘UAE’) including in free zones with the following four aims of:

  • To ensure the optimal use of information and communications technology in the health sector.

  • Guarantee that the bases, standards, and practices adopted are in line with their internationally adopted counterparts.

  • Enable the Ministry of Health and Prevention (‘Ministry’) to collect, analyze and maintain health information at the country level.

  • Ensure the security and safety of health data and information. Reference

Our services include assessment and support services by ISO consultants in UAE which adds use to the top 10 security companies in UAE .