By Geert Thienpont, Managing Director

i~HD is pleased to observe the growth of the potential that mobile health apps are offering. We can see that the necessary caution is being taking by the ICT industry and it is great that governments and NGOs are taking measures to safeguard the quality of mobile health apps and the safety of the citizen.  

A few examples:   

  • the validation pyramid initiative of mHealthBelgium is an initiative of the Belgian Federal Government 
  • ORCHA, UK’s leading health app evaluation and advisor organization 
  • WHO-ITU mHealth Hub in EU, a E.C funded project 
  • ISO (draft) Technical Specification 82304-2 – Health and wellness apps – Quality and reliability 

There is no need to question the added value that health apps already offer to maintain and improve the health of citizens and actions being taking to assure the trust between citizens, ICT vendors and healthcare providers. This trust unfortunately does not yet adequately cover all stakeholders in this specific ecosystem when talking about re-using this data for e.g. clinical research. 

Data re-users
Health data are generally collected with the primary goal of providing high-quality patient care. However, they are also often re-used to further improve patient outcomes and to foster innovation.

Although stakeholders are aware about the potential of the massive data volumes that are being collected and stored somewhere, less attention is being given to the fact that this data offers a huge opportunity to facilitate clinical research and to support Learning Health Systems. 

Within the current standards, CE marking and other quality labels that protect patients the main focus is on the front-end, the app itself: it should be user friendly, secure, protect user privacy, comply with the GDPR in the context of the daily healthcare. Much less attention is paid to assuring user trust with the reuse of that data, for example for research, which is usually handled by the SME vendor of the app product. 

The public is aware about the vulnerability of their health data and negative stories are widely publicised. 73% of EU citizens want to share health data on the precondition that data is secure and only accessible by authorised parties (source: Additional trust is required in the landscape of mobile apps and should not only be offered to citizens, but also the data re-users (e.g. researchers, who want to be confident that their uses of data is legitimate). 

Within its vision & mission, i~HD would like to emphasize that huge collections of health data may contribute to enriching knowledge and enhancing care if used  with respect to the citizens and that the required trust can be achieved, in the context of re-using data by focusing on: 

  • Data Quality 
  • GDPR and Information Governance 

Data Quality 

Health data, collected via health apps, often not fit for crucial reuse purposes such as clinical research, decision making, value-based health care. We therefore catalyse stakeholders to scale up their data quality, by coaching, educating and equipping them with instruments, organising assessments, providing insights and strategies to benchmark and enhance their health data quality, and providing expert support. 

GDPR and Information Governance 

All health app related stakeholders, and the public, need to trust the ways in which health data is re-used, and by whom. The General Data Protection Regulation (GDPR) has heightened our awareness of this. We have translated our expertise in data protection for reuse purposes into codes of practices, educational and certification programmes, which we provide to organisations and European projects. 

Initiative that helps establishing an additional -required- trust for re-using valuable data 

IDHIS & IG1-2020 Certificate

i~HD’s IDHIS (Information Governance & Data privacy of Health ICT Systems) assessment covers the specific needs of mHealth data flows from apps to data warehouses towards the data re-users (e.g. research institutes, pharma, … ). IDHIS validates the accountability of the organization and the GDPR compliance and transparency regarding the re-use of mHealth data by different stakeholders in the healthcare ecosystem. The IDHIS standard also involves the information security aspects as well as the audit readiness of mHealth apps. Other important domains within data processing such as ethical issues, data protection impact assessment, GDPR data minimization and data retention policies are within the scope of the IDHIS assessment.  
mHealth companies complying to the IDHIS standard will be awarded, after an independent audit, the i~HD Information Governance IG1 – 2020 certificate.  
This certificate will assure the integrity of the mHealth vendor and product, and will help the vendor to gain trust on the one hand towards the data providers (patients, citizens, healthcare providers,…) and on the other hand to the data platforms re-using the mHealth data for healthcare innovations. 
Achieving the IG1-2020 certificate assures that your mHealth app complies with the highest information governance standards and the General Data Protection Regulation (GDPR). 

FAIR Principles: Is mobile app data FAIR? 

It is important to remember the FAIR Principles – that data should be Findable, Accessible, Interoperable and Reusable. 
Arguably the data that is collected through mHealth apps risks being “un-FAIR:: the app may have been developed with commercial confidence in mind where the data serves the purposes of the developers and sponsors where they had not envisaged wider sharing, or thought about its usefulness. Maybe privacy and sharing concerns from citizens have meant that the apps are being very careful not to share data more widely. But are we missing out on being able to fully realise the benefits of real world data and allowing citizens a choice in sharing their data according to their own wishes? 

These questions are all the more important in the wake of the Track and Trace systems that have been started across Europe and with the new proposals around vaccination passports. In any health management app, the importance of the data it collects beyond its original purposes for wider research and care is apparent.  

So how do we make sure we do not repeat the history of siloed data and ensure we have confidence in its quality, citizen choice and utility for public good? How do we enable app developers to make their users’ data more useful, in a legally complaint way, without prejudicing their own business models? These are topics i~HD cares about! 

Geert Thienpont

Managing director