Medical apps and the health data they produce were supposed to revolutionise the way healthcare was provided but it just hasn’t happened. Digital health consultant Marc Southern asks if we’ve opened a can of worms
‘Take a couple of apps, and I’ll see you again next week…’ A couple of years ago this headline was all I saw across the digital/tech media. With the rise in ‘app culture’ circa 2011, the promise offered by health apps was palpable. The UK government was hopeful that this would allow patients to track and monitor their health more effectively. Apps were going to solve all our health problems, ultimately taking some of the burden off the GP and aligned health services. There was even a suggestion that these could be offered free of charge. The explosion in healthcare apps led to the creation of the NHS Health Apps library – an NHS-vetted store for health apps. With more than 150,000 health apps now available, finding one that can genuinely help was a struggle – so the library was a great idea. The apps were reviewed to ensure compliance with data protection laws and clinical accuracy. The app library gained some attention, but didn’t fundamentally change the way in which apps were ‘prescribed’ by healthcare professionals. Other services, for example, Happtique, had tried this approach before and failed.
Now researchers from Imperial College London have published three studies in the BMC Medicine journal that raise serious concerns about the NHS Health Apps Library. Outside the major issues regarding the poor quality of the apps, for me, one of the biggest concerns was the chronic lack of data privacy review; 70 of 79 of the apps tested transmitted data over the internet, with 38 of those not providing any information about what data would be sent. Whether this oversight was due to a lack of understanding of the data protection legislation, or a weak approval process, it’s hard to say, but what it outlines is the lack of clarity around the use of personal health data within medtech. These findings are sure to set back health apps and how they might be able to improve healthcare.
The NHS Health Apps Library is no longer live. The criteria for reviewing apps are being reconsidered and, once that is complete, the library will go live again. This is a good example of the current gap that exists between patients’ data privacy and security. We can all see the potential value of services that use personal health data. However, we must balance this potential with laws and regulations to ensure that patients and healthcare professionals aren’t cheated out of information that they own. Whether you are creating a website, an app, a device or a piece of software, you must consider how personal health data is going to be used to the benefit of the user and your organisation.
A recent KPMG survey showed that 74 per cent of consumers would be happy to share personal health data collected from a wearable device, but only 60 per cent were comfortable for the data to be shared and stored with other entities, including healthcare providers. This clearly illustrates the ‘trust gap’ that exists. This is partially because of the way that companies go about obtaining your data.
We’ve all experienced it before. We download an app and are confronted by a terms-of-use statement that’s several pages long, filled with complicated language about what the company will or won’t do with your data. Most of the time consumers don’t read the statements and aren’t fully aware of what they are signing up to. You may say that it’s their fault, but I believe some of that fault lies with the medtech companies. If a company wants to use your data, then it needs to set out clearly how it will use that information. This is a common theme of EU-wide data protection legislation. However, according to the European Data Protection Supervisor (EDPS), it’s an area of regulation that isn’t clearly understood. With improvements in understanding comes continued trust and development.
All that being said, many health-tech companies are looking for ways that they can harness personal health data so that it benefits both parties. Different forms of value can be extracted from data in three main categories:
For all of the above to work, it requires the company to be very clear and specific with its users. As the NHS has learnt through its Health Apps Library, explicit consent is what is needed. As consumers become more aware, there will be even more pressure for companies to ensure clarity in how they interact and use personal health data.
You're the expert! Write for The Engine or share your articles, papers and researchAdd your content
Add your content
Sign up for Ignition, our regular, ideas-packed newsletter