EDPS-IPEN Privacy by Design contest for mobile Health (mHealth) applications

The European Data Protection Supervisor (EDPS), in partnership with the Data Protection Authorities of Austria, Ireland and Schleswig-Holstein and supported by the Internet Privacy Engineering Network (IPEN), organised a contest for mobile Health (mHealth) applications in 2018.

The initiative aimed at promoting privacy engineering through the demonstration of a mHealth application implementing the “privacy by design and by default” principles.

The challenge to solve

The sector of mHealth has rapidly expanded in recent years. Undoubtedly, mHealth apps may lead to benefits in the life of individuals, lowering the cost of healthcare, empowering the control of patients over own healthcare, granting an immediate access to medical care and information online and providing new insights for medical research through the use of large amount of personal data.

At the same time, processing such data at large scale and over connected devices may reduce users’ control over their personal information and risks being misused and adversely affect users’ interests and fundamental rights. This is magnified by the mobile apps ecosystem, which so far has not given evidence of effective protection of personal data and integration of the principles of privacy by design and by default.

Contestants were challenged to develop a useful and user-friendly mHealth application at the forefront of the implementation of the data protection by design and by default principle, as required under the GDPR.

The submission period closed on 3 August 2018. As no submission met the requirements, no prize was awarded.

We will continue to monitor developments in this field.