Getting a Clean Bill of Health for Privacy in Your Mobile App
Call +32 2 239 20 00
App developers, users, and regulators alike are all grappling with the possibilities and implications of app technology in the health sector. As use of these apps grows, increasing attention is also being paid to privacy issues where those apps involve the collection and use of personal information including patient data. This article highlights some of the privacy fundamentals to consider, in particular when developing a medical app.
As use of these apps grows, increasing attention is also being paid to privacy issues where those apps involve the collection and use of personal information. European data protection laws are important to take into account in this regard, as even if a business is not established in Europe, it may be required to comply with European law, for example where an app generates traffic of personal information from smart devices located in Europe back to an entity, wherever they may be located.
Some of the main privacy issues to consider are:
-Defining the responsibilities of different actors in the app market: under European law companies who decide what information will be collected by an app and what it will be used for have strict data protection obligations;
-Ensuring that apps do not abuse individual privacy by accessing and using more information than is really necessary: European laws prohibit the collection or use of data which is not necessary for the app to function;
-Making sure appropriate measures are in place reflecting the sensitivity of information: Consent should be obtained for the collection and use of sensitive health information and security measures such as encryption are important to protect such information;
-Ensuring that individuals are meaningfully informed of how their information is used and they validly consent to that use: providing the necessary information to individuals can prove challenging in the small space available on a smart device screen, however it is not sufficient to have users simply click a general consent or install button.
A ‘privacy-by-design’ approach to each of the above issues is the best way to guarantee compliance with privacy obligations. While up to now apps have often been developed with scant regard for individual privacy, moving forward this will not be a viable approach. To read more about the privacy fundamentals of medical app development and practical solutions, follow the link below to the full article.
AUTHOR: By Emily Hay and Jan Dhont, Data Privacy Department, Lorenz Brussels
Copyright Lorenz
More information about Lorenz
Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer. For specific technical or legal advice on the information provided and related topics, please contact the author.
Some of the main privacy issues to consider are:
-Defining the responsibilities of different actors in the app market: under European law companies who decide what information will be collected by an app and what it will be used for have strict data protection obligations;
-Ensuring that apps do not abuse individual privacy by accessing and using more information than is really necessary: European laws prohibit the collection or use of data which is not necessary for the app to function;
-Making sure appropriate measures are in place reflecting the sensitivity of information: Consent should be obtained for the collection and use of sensitive health information and security measures such as encryption are important to protect such information;
-Ensuring that individuals are meaningfully informed of how their information is used and they validly consent to that use: providing the necessary information to individuals can prove challenging in the small space available on a smart device screen, however it is not sufficient to have users simply click a general consent or install button.
A ‘privacy-by-design’ approach to each of the above issues is the best way to guarantee compliance with privacy obligations. While up to now apps have often been developed with scant regard for individual privacy, moving forward this will not be a viable approach. To read more about the privacy fundamentals of medical app development and practical solutions, follow the link below to the full article.
AUTHOR: By Emily Hay and Jan Dhont, Data Privacy Department, Lorenz Brussels
Copyright Lorenz
More information about Lorenz
View all articles published by Lorenz
Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer. For specific technical or legal advice on the information provided and related topics, please contact the author.
