An important intervention on mHealth from the EU Data Protection Supervisor

At the end of last week, the EU Data Protection Supervisor (EDPS) published an excellent document entitled Mobile Health – Reconciling technological innovation with data protection. To quote the press release:

Failure to deploy data protection safeguards will result in a critical loss of individual trust, leading to fewer opportunities for public authorities and businesses, hampering the development of the health market. To foster confidence, future policies need to encourage more accountability of service providers and their associates; place respect for the choices of individuals at their core; end the indiscriminate collection of personal information and any possible discriminatory profiling; encourage privacy by design and privacy settings by default; and enhance the security of the technologies used.

The document itself contains much of interest. To this editor, who has heard many people poo-poo the importance of wellbeing data, it was good to see:

Lifestyle and well-being data will, in general, be considered health data, when they are processed in a medical context (e.g. the app is used upon advice of a patient’s doctor) or where information regarding an individual’s health may reasonably be inferred from the data (in itself, or combined with other information), especially when the purpose of the application is to monitor the health or well-being of the individual (whether in a medical context or otherwise). (Page 5)

As someone who gets concerned at turning people off sharing their health data, it was nice to see the recognition that: (more…)