Presentation is loading. Please wait.

Presentation is loading. Please wait.

MY SMART PHONE DOES WHAT WITH MY BLOOD PRESSURE DATA ??? Anita Fineberg, LL.B. CIPP/C Barrister & Solicitor President, Anita Fineberg & Associates Inc.

Published byWilliam Phelps Modified over 9 years ago

Similar presentations

Presentation on theme: "MY SMART PHONE DOES WHAT WITH MY BLOOD PRESSURE DATA ??? Anita Fineberg, LL.B. CIPP/C Barrister & Solicitor President, Anita Fineberg & Associates Inc."— Presentation transcript:

1 MY SMART PHONE DOES WHAT WITH MY BLOOD PRESSURE DATA ??? Anita Fineberg, LL.B. CIPP/C Barrister & Solicitor President, Anita Fineberg & Associates Inc. Privacy by Design Ambassador eHealth 2013: Accelerating Change May 29, 2013

2 CONCEPTS Consumer concerns The mobile ecosystem Data collected by mobile apps App “privacy gaps” The vicious cycle Recommendations Conclusions Contact information

3 CONSUMER CONCERNS  The three-quarters of Canadians who use mobile devices are increasingly likely to use privacy protection measures.  The majority of these people are likely to use a password to lock it (56%) and to adjust settings of the device or apps to limit the amount of personal information they share with others (53%).  This reflects significant increases in the use of such measures since 2011.

4 CONSUMER CONCERNS  The majority of mobile users (55%) have decided not to install, or have uninstalled, an app because of the amount of personal information they would have to provide.  A smaller proportion (38%) have turned off the location tracking feature on their mobile device because they were concerned about others accessing that information.. Source:Survey of Canadians on Privacy-Related Issues, Phoenix Strategic Perspectives, Conducted for the Office of the Privacy Commissioner of Canada, January, 2013

5 CONSUMER CONCERNS Source:U.S. Consumer Privacy Attitudes and Business Implications: TRUSTe®, July 2012

6 CONSUMER CONCERNS  Consumers are particularly concerned about their confidential health information falling into the hands of employers or others Source:Blue Chip Patient Recruitment, Leveraging Mobile Health Technology for Patient Recruitment: 2012 [cited 2012 October], Cited in Deloitte: mHealth in an mWorld How Mobile Technology is Transforming Health Care – Deloitte 2012

7 THE MOBILE ECOSYSTEM

8 DATA COLLECTED CAN INCLUDE Contacts Photo Library Videos Camera/Video Sensor Microphone Text Messages Dialer Calendar Items Location Reminders Social Integration Features Source:A Brief Overview of the Mobile App Ecosystem: FPF (Future of Privacy Forum)/World Privacy Forum, September 2012 User entered info

9 “PRIVACY GAP”IMPACT ON CONSUMERS Lack of a privacy policyNo information on what information the app collects, uses, discloses, to whom and for what purposes and for how long Failure to seek express consent for the collection of PHI (initially and when the purpose of the use and/or disclosure changes) Sensitive information may be collected, used and/or disclosed for purposes unexpected by the consumer Inability to change default settingsNo choice with respect to the use of their information; i.e. no ability to “opt- out” APP “PRIVACY GAPS”

10 “PRIVACY GAP”IMPACT ON CONSUMERS Failure to inform consumer if app accesses local resources (e.g. device address book, contacts, camera, photos), for what purposes and obtain consent prior to access Unaware that other PI/PHI may be collected and used, other than that required for the operation of the app No contact information so that a user may have their privacy questions and/or concerns addressed Uncertainty related to whether the app is collecting, using and/or disclosing their information in a manner consistent with their understanding and/or expectations

11 THE VICIOUS CYCLE

12 RECOMMENDATIONS Developers  Understand the environment in which the app will be used, by whom and the type of information required for its operation  Obtain privacy advice before development begins  Assess “proof of concept” against legal requirements, best practices and user expectations  Build in privacy controls from the beginning  Ensure the app functions as stated in its privacy policy BOTTOM LINE WHAT PHI IS BEING COLLECTED, USED AND DISCLOSED, BY WHOM AND FOR WHAT PURPOSES?

13 RECOMMENDATIONS Consumers  Research mobile apps before installing them – credibility from development agreements; BlackBerry’s privacy notices service  Just because you pay for it doesn’t mean it is more privacy protective  Look for app “permissions” and opt-out features to verify that the app will collect PHI for purposes and perform only functions of which you are aware and approve  Watch out for collection of location data  Encrypt your phone data if storing PHI on the device  Understand the risks you are introducing to your mobile device

14 CONCLUSIONS  Consumer concerns over privacy affect both their initial downloading and continued use of health apps  Potential benefits of mHealth for both consumers and the health system more generally may be squandered if concerns are not addressed  Both the developer community and consumers have a role to play in creation of a trusted mHealth ecosystem

15 CONTACT INFORMATION ANITA FINEBERG, LL.B., CIPP/C BARRISTER & SOLICITOR PRESIDENT ANITA FINEBERG & ASSOCIATES INC. 416.762.4583 (B) 416.565.5007 (C) afineberg@sympatico.ca http://www.linkedin.com/in/anitafineberg

Download ppt "MY SMART PHONE DOES WHAT WITH MY BLOOD PRESSURE DATA ??? Anita Fineberg, LL.B. CIPP/C Barrister & Solicitor President, Anita Fineberg & Associates Inc."

Similar presentations

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
PHIPA: The Year in Review Moderator: Debra Grant Panelists: Pam Slaughter Eric Holowaty Eric Holowaty Ron Heslegrave Ron Heslegrave PHIPA Summit: A Balancing.

PHIPA: The Year in Review Moderator: Debra Grant Panelists: Pam Slaughter Eric Holowaty Eric Holowaty Ron Heslegrave Ron Heslegrave PHIPA Summit: A Balancing.
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
Informed Consent.

Informed Consent.
2014 HIPAA Refresher Omnibus Rule & HIPAA Security.

2014 HIPAA Refresher Omnibus Rule & HIPAA Security.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.

Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
COSTS AGREEMENTS AND DISCLOSURES BAR ASSOCIATION CPD SEMINAR 2 AUGUST 2007 By Roger Traves SC.

COSTS AGREEMENTS AND DISCLOSURES BAR ASSOCIATION CPD SEMINAR 2 AUGUST 2007 By Roger Traves SC.
PRIVACY A Consumer Reporting Agency Perspective. Collect and Sell Information on People Credit Bureaus – Equifax, Experian & TransUnion – are CRA’s But.

PRIVACY A Consumer Reporting Agency Perspective. Collect and Sell Information on People Credit Bureaus – Equifax, Experian & TransUnion – are CRA’s But.
Complying with Privacy to Enable Innovation & Research

Complying with Privacy to Enable Innovation & Research
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
Top of Content Box Line Subtitle Line Title Line Right Margin Line Wearables: Panacea or Pandora’s Box – A Security Perspective Gary Davis | Chief Consumer.

Top of Content Box Line Subtitle Line Title Line Right Margin Line Wearables: Panacea or Pandora’s Box – A Security Perspective Gary Davis | Chief Consumer.
Obtaining Informed Consent: 1. Elements Of Informed Consent 2. Essential Information For Prospective Participants 3. Obligation for investigators.

Obtaining Informed Consent: 1. Elements Of Informed Consent 2. Essential Information For Prospective Participants 3. Obligation for investigators.
HEAVEN’S HANDS COMMUNITY SERVICE H.I.P.A.A. What is HIPAA? HIPAA stands for the Health Insurance Portability and Accountability Act, which was passed.

HEAVEN’S HANDS COMMUNITY SERVICE H.I.P.A.A. What is HIPAA? HIPAA stands for the Health Insurance Portability and Accountability Act, which was passed.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;

What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;
1 Consent for treatment A summary guide for health practitioners about obtaining consent for treatment Bridie Woolnough Resolution Officer Health Care.

1 Consent for treatment A summary guide for health practitioners about obtaining consent for treatment Bridie Woolnough Resolution Officer Health Care.
Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.

Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.

Similar presentations

Ads by Google