The European Data Protection Supervisor (EDPS) has issued recommendations in relation to the Mobile Health (mHealth) phenomenon.

mHealth is a relatively new sector which combines healthcare and information and communications technology by using mobile applications to deliver health-related services through smart devices. This market uses public and private operators who process personal information, therefore, operators should follow data protection rules and be accountable for their data processing.

In order to ensure and sustain data protection the EPDS has devised the following recommendations:

  • the EU legislator should ensure that those who are responsible for the design supply and functioning of applications are held accountable and responsible for their actions;
  • privacy and data protection settings should be embedded into the design of applications in order to increase the transparency of applications in relation to processing personal data;
  • big data should only be used for purposes beneficial to individuals and not for practices that could cause harm e.g. discriminatory processes; and
  • the legislator should enhance data security through privacy engineering and the development of building blocks and tools.