In May 2015, the European Data Protection Supervisor ("EDPS") released an Opinion regarding the reconciliation of Mobile Health (hereinafter: "mHealth") technologies with data protection. mHealth technologies are designed to deliver health-related services through smart devices, in a way that is intended to reduce costs and simplify the patient's recourse to healthcare. Naturally, such devices usually process personal health information, and sometimes even process a large volume of lifestyle and well-being information.
The EDPS clarified within this Opinion, that it is necessary to protect the individuals' fundamental rights, particularly those of his or her dignity, privacy, self-determination and data protection.
In order to achieve these goals, the EDPS calls upon the European policy makers to use its prerogative to increase transparency and the level of information provided to individuals in relation to the processing of their data, and to ensure that the designers, developers and manufacturers of the mHealth technologies do not collect more data than is needed to perform the expected functions. The EDPS also callsfor mHealth technologies not to use the information for practices that could cause harm to consumers, such as discriminatory profiling, and to enhance data security and encourage the application of privacy by-design, and by default through privacy engineering, as well as the development of building blocks and tools.
This Opinion, although being only consultative, usually outlines the way forward and is used by the European policy makers with respect to new legislation. Accordingly, it is entirely possible that we will come across this matter in upcoming legislation proposals.