Digital public health: data protection and data security
Digital public health applications are becoming increasingly popular; for example, about 45% of smartphone users have health or fitness apps on their devices. Most of these applications transfer the user's personal data to the provider of the health app. Application providers must comply with t...
Saved in:
| Published in | Bundesgesundheitsblatt, Gesundheitsforschung, Gesundheitsschutz Vol. 63; no. 2; p. 206 |
|---|---|
| Main Authors | , , |
| Format | Journal Article |
| Language | German |
| Published |
Germany
01.02.2020
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 1437-1588 1437-1588 |
| DOI | 10.1007/s00103-019-03083-w |
Cover
Loading…
| Abstract | Digital public health applications are becoming increasingly popular; for example, about 45% of smartphone users have health or fitness apps on their devices. Most of these applications transfer the user's personal data to the provider of the health app. Application providers must comply with the relevant data protection statutes.In this article we provide a survey of important data protection requirements and the necessary technical measures for data security that the provider of a health app must observe. This includes - amongst other things - mechanisms for consent, determination of and compliance with the legitimate purposes of the processing, and the granting of so-called "rights of the data subject" (e.g. right of access). Furthermore, the provider of the health application must follow best practice recommendations from the area of data security. Therefore, the provider must ensure that, for example, unauthorized access, manipulation, loss, and destruction of personal data are prevented by appropriate technical and organizational measures. State-of-the-art procedures such as encryption, rights management, securing integrity, pseudonymization, and logging are some examples of technical and organizational measures. When implementing these measures, it must be taken into account that the processing of health data generally entails high risk for the rights and freedoms of the data subjects and that unauthorized access to and/or manipulation of data, for example, can lead to the publication of a stigmatizing diagnosis or incorrect medication. |
|---|---|
| AbstractList | Digital public health applications are becoming increasingly popular; for example, about 45% of smartphone users have health or fitness apps on their devices. Most of these applications transfer the user's personal data to the provider of the health app. Application providers must comply with the relevant data protection statutes.In this article we provide a survey of important data protection requirements and the necessary technical measures for data security that the provider of a health app must observe. This includes - amongst other things - mechanisms for consent, determination of and compliance with the legitimate purposes of the processing, and the granting of so-called "rights of the data subject" (e.g. right of access). Furthermore, the provider of the health application must follow best practice recommendations from the area of data security. Therefore, the provider must ensure that, for example, unauthorized access, manipulation, loss, and destruction of personal data are prevented by appropriate technical and organizational measures. State-of-the-art procedures such as encryption, rights management, securing integrity, pseudonymization, and logging are some examples of technical and organizational measures. When implementing these measures, it must be taken into account that the processing of health data generally entails high risk for the rights and freedoms of the data subjects and that unauthorized access to and/or manipulation of data, for example, can lead to the publication of a stigmatizing diagnosis or incorrect medication.Digital public health applications are becoming increasingly popular; for example, about 45% of smartphone users have health or fitness apps on their devices. Most of these applications transfer the user's personal data to the provider of the health app. Application providers must comply with the relevant data protection statutes.In this article we provide a survey of important data protection requirements and the necessary technical measures for data security that the provider of a health app must observe. This includes - amongst other things - mechanisms for consent, determination of and compliance with the legitimate purposes of the processing, and the granting of so-called "rights of the data subject" (e.g. right of access). Furthermore, the provider of the health application must follow best practice recommendations from the area of data security. Therefore, the provider must ensure that, for example, unauthorized access, manipulation, loss, and destruction of personal data are prevented by appropriate technical and organizational measures. State-of-the-art procedures such as encryption, rights management, securing integrity, pseudonymization, and logging are some examples of technical and organizational measures. When implementing these measures, it must be taken into account that the processing of health data generally entails high risk for the rights and freedoms of the data subjects and that unauthorized access to and/or manipulation of data, for example, can lead to the publication of a stigmatizing diagnosis or incorrect medication. Digital public health applications are becoming increasingly popular; for example, about 45% of smartphone users have health or fitness apps on their devices. Most of these applications transfer the user's personal data to the provider of the health app. Application providers must comply with the relevant data protection statutes.In this article we provide a survey of important data protection requirements and the necessary technical measures for data security that the provider of a health app must observe. This includes - amongst other things - mechanisms for consent, determination of and compliance with the legitimate purposes of the processing, and the granting of so-called "rights of the data subject" (e.g. right of access). Furthermore, the provider of the health application must follow best practice recommendations from the area of data security. Therefore, the provider must ensure that, for example, unauthorized access, manipulation, loss, and destruction of personal data are prevented by appropriate technical and organizational measures. State-of-the-art procedures such as encryption, rights management, securing integrity, pseudonymization, and logging are some examples of technical and organizational measures. When implementing these measures, it must be taken into account that the processing of health data generally entails high risk for the rights and freedoms of the data subjects and that unauthorized access to and/or manipulation of data, for example, can lead to the publication of a stigmatizing diagnosis or incorrect medication. |
| Author | Selzer, Annika Lange, Benjamin Kunz, Thomas |
| Author_xml | – sequence: 1 givenname: Thomas surname: Kunz fullname: Kunz, Thomas organization: Fraunhofer-Institut für Sichere Informationstechnologie (SIT), Rheinstraße 75, 64295, Darmstadt, Deutschland – sequence: 2 givenname: Benjamin surname: Lange fullname: Lange, Benjamin organization: Fraunhofer-Institut für Sichere Informationstechnologie (SIT), Rheinstraße 75, 64295, Darmstadt, Deutschland – sequence: 3 givenname: Annika surname: Selzer fullname: Selzer, Annika email: Annika.selzer@sit.fraunhofer.de organization: Fraunhofer-Institut für Sichere Informationstechnologie (SIT), Rheinstraße 75, 64295, Darmstadt, Deutschland. Annika.selzer@sit.fraunhofer.de |
| BackLink | https://www.ncbi.nlm.nih.gov/pubmed/31915865$$D View this record in MEDLINE/PubMed |
| BookMark | eNpNj01LxDAYhIOsuB_6BzxIj16ib_qm-fAm6ycseNFzSdLUjXTb2qTI_nsLu4KnGYaHYWZJZm3XekIuGdwwAHkbARggBaYpICikPydkwThKygqlZv_8nCxj_JrwQuV4RubI9GRFsSDqIXyGZJqsH20TXLb1pknbu6wyyWT90CXvUujazLTVIYvejUNI-3NyWpsm-oujrsjH0-P7-oVu3p5f1_cb2jPOErWqQPS8liiwBoe1NRYBjJFCeieUhCoXltUu14XhuedCgJseaQ6CC4m4IteH3mnM9-hjKnchOt80pvXdGMscsWBCs1xP6NURHe3OV2U_hJ0Z9uXfW_wFm2VXRw |
| ContentType | Journal Article |
| DBID | CGR CUY CVF ECM EIF NPM 7X8 |
| DOI | 10.1007/s00103-019-03083-w |
| DatabaseName | Medline MEDLINE MEDLINE (Ovid) MEDLINE MEDLINE PubMed MEDLINE - Academic |
| DatabaseTitle | MEDLINE Medline Complete MEDLINE with Full Text PubMed MEDLINE (Ovid) MEDLINE - Academic |
| DatabaseTitleList | MEDLINE - Academic MEDLINE |
| Database_xml | – sequence: 1 dbid: NPM name: PubMed url: https://proxy.k.utb.cz/login?url=http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?db=PubMed sourceTypes: Index Database – sequence: 2 dbid: EIF name: MEDLINE url: https://proxy.k.utb.cz/login?url=https://www.webofscience.com/wos/medline/basic-search sourceTypes: Index Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Public Health |
| DocumentTitleAlternate | Datenschutz und Datensicherheit in Digital Public Health |
| EISSN | 1437-1588 |
| ExternalDocumentID | 31915865 |
| Genre | Journal Article Review |
| GeographicLocations | Germany |
| GeographicLocations_xml | – name: Germany |
| GroupedDBID | -5E -5G -BR -EM -Y2 -~C .86 .VR 06C 06D 0R1 0R~ 0VY 1N0 1SB 203 23N 29~ 2J2 2JN 2JY 2KG 2LR 2P1 2VQ 2~H 30V 4.4 406 408 409 40D 40E 53G 5GY 5VS 67Z 6NX 8UJ 95- 95. 95~ 96X A8Z AAAVM AABHQ AACDK AAHNG AAIAL AAJBT AAJKR AANXM AANZL AARHV AARTL AASML AATNV AATVU AAUYE AAWCG AAYIU AAYQN AAYTO AAYZH ABAKF ABBBX ABBXA ABDZT ABECU ABFTV ABHLI ABHQN ABIPD ABJNI ABJOX ABKCH ABKTR ABMNI ABMQK ABNWP ABPLI ABQBU ABQSL ABSXP ABTEG ABTKH ABTMW ABULA ABWNU ABXPI ACAOD ACBXY ACDTI ACGFS ACHSB ACHXU ACKNC ACMDZ ACMLO ACOKC ACOMO ACPIV ACSNA ACZOJ ADHHG ADHIR ADINQ ADJJI ADKNI ADKPE ADRFC ADTPH ADURQ ADYFF ADZKW AEBTG AEFQL AEGAL AEGNC AEJHL AEJRE AEKMD AEMSY AEOHA AEPYU AESKC AETLH AEVLU AEXYK AFLOW AFQWF AFRAH AFWTZ AFZKB AGAYW AGDGC AGJBK AGMZJ AGQEE AGQMX AGRTI AGWIL AGWZB AGYKE AHAVH AHBYD AHIZS AHKAY AHSBF AHYZX AIAKS AIGIU AIIXL AILAN AITGF AJBLW AJRNO AJZVZ AKMHD ALMA_UNASSIGNED_HOLDINGS ALWAN AMKLP AMXSW AMYLF AMYQR AOCGG ARMRJ ASPBG AVWKF AXYYD AZFZN B-. BA0 BDATZ BGNMA BSONS CAG CGR COF CS3 CSCUP CUY CVF DDRTE DL5 DNIVK DPUIP EBD EBLON EBS ECM EIF EIOEI EJD EMOBN EN4 ESBYG F5P FEDTE FERAY FFXSO FIGPU FINBP FNLPD FRRFC FSGXE FWDCC G-Y G-Z GGCAI GGRSB GJIRD GNWQR GQ6 GQ7 GQ8 GXS H13 HF~ HG5 HG6 HMJXF HQYDN HRMNR HVGLF HZ~ IHE IJ- IKXTQ IMOTQ IWAJR IXC IXD IXE IZIGR IZQ I~X I~Z J-C J0Z JBSCW JCJTX JZLTJ KDC KOV KPH LAS LLZTM M4Y MA- N2Q N9A NB0 NPM NPVJJ NQJWS NU0 O9- O93 O9I O9J OAM P9S PF0 PT4 QOR QOS R89 R9I RIG ROL RPX RRX RSV S16 S1Z S27 S37 S3B SAP SDH SHX SISQX SJYHP SMD SNE SNPRN SNX SOHCF SOJ SPISZ SRMVM SSLCW SSXJD STPWE SV3 SZ9 SZN T13 TSG TSK TSV TT1 TUC U2A U9L UG4 UOJIU UTJUX UZXMN VC2 VFIZW W23 W48 WJK WK8 YLTOR Z45 ZMTXR ZOVNA 7X8 AAPKM ABBRH ABDBE ABRTQ AFDZB AFOHR AHPBZ ATHPR AYFIA DARCH |
| ID | FETCH-LOGICAL-p141t-b8533e4f7363f0c3fbab300aa767ec6870d26b1fc295a42e4660c019940646733 |
| ISSN | 1437-1588 |
| IngestDate | Mon Jul 21 10:44:48 EDT 2025 Wed Feb 19 02:28:38 EST 2025 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 2 |
| Keywords | Technical requirements Health apps Health data Legal requirements GDPR |
| Language | German |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-p141t-b8533e4f7363f0c3fbab300aa767ec6870d26b1fc295a42e4660c019940646733 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 ObjectType-Review-3 content type line 23 |
| PMID | 31915865 |
| PQID | 2335169129 |
| PQPubID | 23479 |
| ParticipantIDs | proquest_miscellaneous_2335169129 pubmed_primary_31915865 |
| PublicationCentury | 2000 |
| PublicationDate | 2020-Feb 20200201 |
| PublicationDateYYYYMMDD | 2020-02-01 |
| PublicationDate_xml | – month: 02 year: 2020 text: 2020-Feb |
| PublicationDecade | 2020 |
| PublicationPlace | Germany |
| PublicationPlace_xml | – name: Germany |
| PublicationTitle | Bundesgesundheitsblatt, Gesundheitsforschung, Gesundheitsschutz |
| PublicationTitleAlternate | Bundesgesundheitsblatt Gesundheitsforschung Gesundheitsschutz |
| PublicationYear | 2020 |
| SSID | ssj0015823 |
| Score | 2.2397263 |
| SecondaryResourceType | review_article |
| Snippet | Digital public health applications are becoming increasingly popular; for example, about 45% of smartphone users have health or fitness apps on their devices.... |
| SourceID | proquest pubmed |
| SourceType | Aggregation Database Index Database |
| StartPage | 206 |
| SubjectTerms | Computer Security Germany Humans Public Health Software |
| Title | Digital public health: data protection and data security |
| URI | https://www.ncbi.nlm.nih.gov/pubmed/31915865 https://www.proquest.com/docview/2335169129 |
| Volume | 63 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1ZS8QwEA4eIIKI9y0VfJNIm7Rp65u3CPqiC_u2JG3qVte62Iqwv97J0e16LKgvpUxLWjLD15nOfDMI7VMe-FmUSZxmhGM_82IcwQtj-Dh7zE29kHuKjXxzy65a_nU7aDfcE80uqcRhMviRV_IfrYIM9KpYsn_Q7HBREMA56BeOoGE4_krHZ_mDmvnxqVd1V8X4qu7zwLZgqOuNtay04-o-5XIVj6x8kIqr15V5VYoeNymjy0YGvi3EwRYZRuRKWA2ahFAx-FJ2pJs6FmaA-4ksHvlzPrTHO9kb2GnaRZE_8dFfEBBvusNyDmlg06ch9gIzoK_GVQtc-Uh4a0FS9xj4Dt6mXqPUoydg_RirXjoUv4_eDHvYf9bqBOyAJ5pBE19aZteXJtE0gehB4XWLHA-TS0FEqOVPaRbltwfOopl6ifGBh3ZA7hfQvI0cnGNjBotoIpVLaM78dnUMm2wZRdYkHGMSjjGJI0cp32kMwgGDMLLaIFZQ6-L8_vQK2-EYuO_5XoUF-FlU-llIGc3chGaCC-q6nIcslAkDGE4JE16WkDjgPpE-Y27iqk7Q4ISykNJVNFW8FHIdOYyAgxInTATgjcqUcRCQOAqTFHzp0BUbaK_egw6Aj8oo8UK-vJUdQqnKs4LPuIHWzOZ0-qZLSqfewc2xV7bQbGNN22iqen2TO-DiVWJXK-wD4AJPxw |
| linkProvider | Springer Nature |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Digital+public+health%3A+data+protection+and+data+security&rft.jtitle=Bundesgesundheitsblatt%2C+Gesundheitsforschung%2C+Gesundheitsschutz&rft.au=Kunz%2C+Thomas&rft.au=Lange%2C+Benjamin&rft.au=Selzer%2C+Annika&rft.date=2020-02-01&rft.eissn=1437-1588&rft.volume=63&rft.issue=2&rft.spage=206&rft_id=info:doi/10.1007%2Fs00103-019-03083-w&rft_id=info%3Apmid%2F31915865&rft.externalDocID=31915865 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1437-1588&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1437-1588&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1437-1588&client=summon |