Data protection, new tech and privacy Charles.Lowe@ourmobilehealth
12 Slides3.85 MB
Data protection, new tech and privacy [email protected] 447860 619424 @LoweCM @ourmobilehealth
Warnings: 1) I am not a lawyer 2) 15 minutes is way too short So please familiarise yourself with the laws and check any important statements with your local legal advisers
General Data Protection Regulation aka GDPR Comes into force 25 May 2018 – 38 days’ time! Huge non-compliance cost: fines 4% global t’over/ 20m, plus compensation claims & reputational damage “Personal data” now includes genetic, mental, economic, cultural & social identity data New role of DPO as a person with expert knowledge of DP law and practices to ensure internal compliance
Three key principles Privacy by default Privacy by Data
Key implications for patients Explicit consent now required for data storage/use Consent can be withdrawn Right to erasure/be forgotten Privacy policies must be comprehensive, simple, easy to understand Access to personal data cannot (normally) be refused Right of data portability between systems
EC response for mHealth apps EC-initiated industry Code of Conduct: – In response to EC Green Paper 2014 – Initially voluntary, however volunteers accept legal liability under GDPR – Based on GDPR with appropriate mHealth enhancements – Current structure Q&A – Issue remains ensuring compliance – Still needs Article 29 WP approval for completion – See https://ec.europa.eu/digital-single-market/en/privacy-code-conduct-mob ile-health-apps
How we assess apps ASSESS REVIEW Assessment: 1. 2. 3. 4. 5. Apps 6. 7. 8. 9. 10. 11. Overview Effectiveness Regulatory Approval Clinical Safety Privacy & Confidentiality Security Usability Accessibility Interoperability Technical Stability Development plan Consolidation & Check Regulations Standards Best Practice Monitor 3 Experts: Clinical Patient Safety IT/IG CURATE & Distribute
How we assess apps ASSESS REVIEW Assessment: 1. 2. 3. 4. 5. Apps 6. 7. 8. 9. 10. 11. Overview Effectiveness Regulatory Approval Clinical Safety Privacy & Confidentiality Security Usability Accessibility Interoperability Technical Stability Development plan Consolidation & Check Regulations Standards Best Practice Monitor 3 Experts: Clinical Patient Safety IT/IG CURATE & Distribute
The basic processes this fits into This Photo by Unknown Author is licensed under CC BY-SA This Photo by Unknown Author is licensed under CC BY-NC
TRUST It’s about building confidence
How are patients affected? Experience to Q2 17 NHS Apps Library EMIS Apps Library Diabetes Prevention Programme Good Thinking (mental health) Parkinson’s UK
Thank you [email protected] 447860 619424 @LoweCM @ourmobilehealth
