Skip to main content

Telemedicine & Connected Devices

Overview

Telemedicine has grown significantly in Indonesia, particularly following the COVID-19 pandemic, which accelerated digital health adoption. The regulatory landscape for telemedicine and connected medical devices in Indonesia sits at the intersection of:

  • Medical device regulation (Kemenkes / Regalkes)
  • Telemedicine service regulation (Ministry of Health telemedicine regulations)
  • Telecommunications regulation (Ministry of Communications and Information Technology — Kominfo)
  • Personal Data Protection Law

What Is a Connected Medical Device?

A connected medical device is a hardware medical device that transmits data electronically — either to a healthcare provider, a companion app, a cloud platform, or another device. Examples:

  • Remote patient monitoring devices (blood glucose meters with connectivity, home ECG monitors, continuous glucose monitors)
  • Connected pulse oximeters and blood pressure monitors
  • Smart inhalers
  • Implantable devices with remote telemetry capability
  • Wearable biosensors for clinical use

Device Registration Requirements

The hardware connected medical device requires a standard NIE registration through Regalkes, classified by its risk class under the general ASEAN classification rules. Connectivity features do not change the fundamental classification — the device is classified based on its primary medical function.

However, the connected aspects of the device do add additional documentation requirements:

  • Cybersecurity risk assessment (how could the wireless/network connectivity be exploited to harm patients or compromise data?)
  • Data integrity measures
  • Description of the companion app/software, if any (is it a medical device in its own right — SaMD?)
  • Cloud data storage architecture and data residency

Telemedicine Service Regulation

Telemedicine platforms (video consultation, e-prescription, remote diagnosis services) are regulated separately from medical devices under:

  • Permenkes No. 20/2019 on telemedicine services (and subsequent updates)
  • Telemedicine services must be operated by licensed healthcare facilities
  • Physicians providing telemedicine services must hold valid Indonesian medical licences

If a medical device is specifically designed to enable or support a telemedicine service (e.g. a remote stethoscope, a telepathology imaging system), it may face dual regulatory scrutiny — both as a medical device (NIE from Kemenkes) and as part of a telemedicine service setup.

Personal Data Protection (UU PDP)

The Personal Data Protection Law (Law No. 27 of 2022) came into force in 2024 and sets requirements for the processing of personal data — including health data generated by connected devices. Key obligations for connected device manufacturers:

  • Lawful basis for data collection (patient consent)
  • Data minimisation
  • Security measures for health data
  • Breach notification
  • Data subject rights (access, correction, deletion)
  • Restrictions on cross-border data transfer

Manufacturers of connected devices that process Indonesian patient data must assess UU PDP compliance alongside the device registration process.