Embed Size (px)
Citation preview
Europe's work in progress: quality of mHealth
Pēteris Zilgalvis, J.D.,Head of Unit, Health and Well-Being,
DG CONNECT
Voka Health Community29 September 2015
Table of Contents1. Context: Green Paper on mHealth2. Outcome of the consultation: privacy and
security3. mHealth main concerns, obstacles and challenges4. Health and Medical devices reform5. Health and the Reform of Data Protection6. Code of conduct on mobile health apps7. Future European standard on quality criteria 8. Guidelines for validity and reliability of data9. EU-US Memorandum of understanding
Context: Green Paper on mHealth
The Green Paper asked stakeholders for their inputs on how to overcome the main challenges to mHealth deployment, e.g.:
- data protection and security- big data- the legal framework- patient safety- mHealth’s role in healthcare systems
Transparency is necessary to increase trust (which data, who will use the data and the purpose of use) Reliable and safe techniques for anonymisation and
pseudonymisation Important to give citizens control over their data Data minimisation, data protection by design and default Users' consent and access controls are crucial
Results – data protection and big data
Results of the consultation - Privacy and security
Strong privacy and security tools are needed to build users' trust
Data encryption both "in transit" and "at rest" Authentication mechanisms, e.g. digital certificates,
biometric parameters, tokens etc. Importance of secured network settings to prevent
data interception
mHealth main concerns
One of the main obstacles: Current lack of trust
Source: Mobiquity, The Appification of Health and Fitness, April 2014
mHealth key challenges
Health and Medical devices reform Current legislation:
Council Directive 90/385/EEC on Active Implantable Medical Devices (AIMDD) Council Directive 93/42/EEC on Medical Devices (MDD) Council Directive 98/79/EC on In Vitro Diagnostic Medical Devices (IVDMD)
Medical devices reform: Proposal for a Regulation of the European Parliament and of the Council on i)
medical devices and ii) in vitro diagnostic (IVD) medical devices
The aim of the revisions is to ensure: a consistently high level of health and safety protection for EU citizens using
these products; free and fair trade of the products throughout the EU; EU legislation is adapted to the significant technological and scientific
progress in this sector over the last 20 years.
Health and the Reform of Data Protection
Data protection is a fundamental right in the EU
Personal data relating to health are sensitive data:General principle no processing unless necessary e.g. for reasons of public interest or where the data subject has given explicit consent
General Data Protection Regulation (GDPR) specific provisions on processing for health purposes and on historical, statistical and scientific research purposes.
Health and the Reform of Data Protection
Processing is legitimate if necessary for public health purposes, provided that Member States adopt sufficient safeguards. Contrary to the current Directive, the GDPR requires Member States to provide such rules, e.g. for cancer registers.
Consent of the individual is not always required. Where important scientific research purposes cannot be
achieved by processing anonymous data, processing of personal data should be authorized.
However, anonymisation (or at least pseudonymisation) should be utilised whenever feasible.
Code of conduct on mobile health apps
covering privacy/ data protection and security principles. Legal basis: Article 27 of the data protection directive
95/46/EC. Process: industry code of conduct working group set up in
March 2015 with the EC as facilitator to be signed by main parties involved in the processing of data
in the apps environment and possibly to be approved by the Article 29 Working Party.
Code of conduct on mobile health apps
Objectives: Enabling informed choices. Increased trust by individuals. Competitive advantage for the signatories to the code. Raising awareness of EU data protection rules. Facilitate compliance with data protection rules at EU
level.
Future European standard on quality criteria
European standard on quality criteria for the development of health and wellness apps, taking as a basis the publicly available specification PAS:277 recently published by the British Standards Institution (BSI).
Guidelines for validity and reliability of data
Idea presented during open stakeholder meeting on 6 July
Assess the validity of data for the purposes of linking apps to electronic health records (EHR).
Facilitated by the Commission or interested Member States.
Stakeholders were asked to express their interest to participate in working group: drafting team.
EU-US Memorandum of understanding
Roadmap to strengthen transatlantic cooperation in eHealth and Health information technologies (IT).
Cooperation Roadmap: Advancing eHealth Interoperability eHealth Workforce Development
