Regulating Mobile Health Apps

From Digital Culture & Society

(Difference between revisions)

Revision as of 15:35, 16 March 2020

1 About This Subject
2 Articles
- 2.1 Article 1

About This Subject

The importance of regulating mobile health apps has been an area of concern amongst the medical community and the platforms that offer these services. The following articles were reviewed to demonstrate the positive effects of regulating mobile healthcare apps in order to establish standards and develop clear guidelines for the future of these applications.

Articles

Article 1

Privacy and Security in Mobile Health (mHealth) Research

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4432854/

Context

Research on the use of mobile technologies for alcohol use problems is a developing field, this data has the potential to yield new insights into the factors that lead to disease. Although the research literature in this area is sparse, lessons can be learned from other communities, such as cybersecurity or Internet security, which offer techniques to reduce the potential risk of data breaches or tampering in mHealth. This article focuses on privacy, confidentiality, and security in mHealth, areas ripe with research questions and opportunities whose times are overdue.

Summary

The Department of Health and Human Services, and the Office for Civil Rights, developed the Health Insurance Portability and Accountability Act (HIPAA), which provides defined policies and guidelines for maintaining privacy and security of a patient health information. Within the Act, the Privacy Rule sets national standards for protecting every individual’s health information, and the Security Rule sets national standards for protecting personal health information in an electronic format. Researchers must therefore abide by the Federal Policy for the Protection of Human Subjects, also known as the Common Rule. The Common Rule was introduced in 1991 to protect individuals participating in research activities. The Common Rule sets out detailed policies and guidelines about informed consent, adverse events, handling of biological data, and vulnerable populations, and many other health related issues. Based on the lack of current regulations in the technology field, this article proposed changes to the researchers of these platforms, specifically in mHealth to develop systems that enhance participant privacy. This article suggests changes such as a simple electronic or paper checklist of possible data points administered before data collection and/or a patient-facing data dashboard that will allow participants to exercise their rights to control and access their data. Another option was to create a context-aware system that the participant controls, specifically the privacy options, that could change based on factors such as location, and who is accessing the data to match the participant’s level of trust. Other suggestions include; creating new security protocols as a simple way to increase data security, for example, enabling WPA2 encryption on a wireless device enhances the security of information transmitted over wireless networks, or the addition of VPNs or authentication factors can also be applied to networks to protect data that can be transferred. Specific areas of focus suggested that more attention is needed in the deletion of personal information from the app once the user has uninstalled the app and better data encryption practices. Also, it was observed that some apps did not have a privacy policy, and that mobile vendors must mandate the need for apps to have privacy.

Strengths and Weaknesses

This article demonstrated many strengths, first it suggested privacy changes could have an ability to reach a large and broad sample of consumers that already collect and continuously stream data on a range of potentially sensitive and possibly illegal behaviors and events. Research shows that most Americans consider information stored on their mobile phones to be as, or even more private than the information stored in their personal computers. This is an apparent disconnect between perception of privacy and how personal data is used. This research therefore suggested ways to enhance technological literacy are needed. Continued strengths from this literature suggest that rather than the people having to voice concerns about the risks in health research and care, that the scientific community should increase its efforts to teach the public about privacy and security risks in these technologies. This article therefore proposes changes to mobile health apps by including the addition of specific data management processes for individual security and privacy. Lastly, it highlights ways to standardize requirements within these applications that will improve uniformity in research, and how these changes will provide more clarity for researchers as they design research protocols to support digital privacy and security for all users. One areas of study weakness was noted in the results section where the authors go into detail on how consumers need to be more aware, proactive and involved in measures to protect their information, however in the discussion the focus was more on the providers to make these applications more transparent. The article should be addressed to all parties with shared responsibilities in the management of personal and private health care related information.

Assessment

Conclusions of this study suggest that adopting standard guidelines and creating a regulatory framework for mobile health apps will help address the challenges and to avoid the security risks associated with these platforms. Key findings propose that regulators must develop standards that the developers need to adhere to ensure privacy and security of users. It also suggests that the Involvement of healthcare professionals on factors such as functionality, usability and security will enhance the trustworthiness of the apps and increase their adoption by trusted consumers. Therefore, developers and healthcare professionals must work together to establish standards and develop clear guidelines for app development. This study aimed to enlighten users, and to encourage their education within the benefits and risks of using mHealth apps.

Retrieved from "https://kumu.brocku.ca/digitalculturesociety/Regulating_Mobile_Health_Apps"

Regulating Mobile Health Apps

From Digital Culture & Society

Revision as of 15:35, 16 March 2020

Contents

About This Subject

Articles

Article 1

Context

Summary

Strengths and Weaknesses

Assessment

Views

Personal tools

Navigation

Search

Toolbox

 Research on the use of mobile technologies for alcohol use problems is a developing field, this data has the potential to yield new insights into the factors that lead to disease.  Although the research literature in this area is sparse, lessons can be learned from other communities, such as cybersecurity or Internet security, which offer techniques to reduce the potential risk of data breaches or tampering in mHealth. This article focuses on privacy, confidentiality, and security in mHealth, areas ripe with research questions and opportunities whose times are overdue.
+====Summary====
+The Department of Health and Human Services, and the Office for Civil Rights, developed the Health Insurance Portability and Accountability Act (HIPAA), which provides defined policies and guidelines for maintaining privacy and security of a patient health information.  Within the Act, the Privacy Rule sets national standards for protecting every individual’s health information, and the Security Rule sets national standards for protecting personal health information in an electronic format. Researchers must therefore abide by the Federal Policy for the Protection of Human Subjects, also known as the Common Rule. The Common Rule was introduced in 1991 to protect individuals participating in research activities. The Common Rule sets out detailed policies and guidelines about informed consent, adverse events, handling of biological data, and vulnerable populations, and many other health related issues. Based on the lack of current regulations in the technology field, this article proposed changes to the researchers of these platforms, specifically in mHealth to develop systems that enhance participant privacy. This article suggests changes such as a simple electronic or paper checklist of possible data points administered before data collection and/or a patient-facing data dashboard that will allow participants to exercise their rights to control and access their data. Another option was to create a context-aware system that the participant controls, specifically the privacy options, that could change based on factors such as location, and who is accessing the data to match the participant’s level of trust.  Other suggestions include; creating new security protocols as a simple way to increase data security, for example, enabling WPA2 encryption on a wireless device enhances the security of information transmitted over wireless networks, or the addition of VPNs or authentication factors can also be applied to networks to protect data that can be transferred. Specific areas of focus suggested that more attention is needed in the deletion of personal information from the app once the user has uninstalled the app and better data encryption practices. Also, it was observed that some apps did not have a privacy policy, and that mobile vendors must mandate the need for apps to have privacy.
+====Strengths and Weaknesses====
+This article demonstrated many strengths, first it suggested privacy changes could have an ability to reach a large and broad sample of consumers that already collect and continuously stream data on a range of potentially sensitive and possibly illegal behaviors and events. Research shows that most Americans consider information stored on their mobile phones to be as, or even more private than the information stored in their personal computers.  This is an apparent disconnect between perception of privacy and how personal data is used. This research therefore suggested ways to enhance technological literacy are needed. Continued strengths from this literature suggest that rather than the people having to voice concerns about the risks in health research and care, that the scientific community should increase its efforts to teach the public about privacy and security risks in these technologies. This article therefore proposes changes to mobile health apps by including the addition of specific data management processes for individual security and privacy. Lastly, it highlights ways to standardize requirements within these applications that will improve uniformity in research, and how these changes will provide more clarity for researchers as they design research protocols to support digital privacy and security for all users. One areas of study weakness was noted in the results section where the authors go into detail on how consumers need to be more aware, proactive and involved in measures to protect their information, however in the discussion the focus was more on the providers to make these applications more transparent. The article should be addressed to all parties with shared responsibilities in the management of personal and private health care related information.
+====Assessment====
+Conclusions of this study suggest that adopting standard guidelines and creating a regulatory framework for mobile health apps will help address the challenges and to avoid the security risks associated with these platforms. Key findings propose that regulators must develop standards that the developers need to adhere to ensure privacy and security of users.  It also suggests that the Involvement of healthcare professionals on factors such as functionality, usability and security will enhance the trustworthiness of the apps and increase their adoption by trusted consumers. Therefore, developers and healthcare professionals must work together to establish standards and develop clear guidelines for app development. This study aimed to enlighten users, and to encourage their education within the benefits and risks of using mHealth apps.