Recently the EU Article 29 Data Protection Working Party (Working Party) published clarification on the meaning of health data in relation to lifestyle and wellbeing apps.
The Opinion from the Working Party runs to several pages and is particularly useful for businesses in the healthcare sector that either develop health data apps and devices or rely upon data from the same.
The Opinion indicates that whilst medical data is information about the physical or mental health of a data subject generated in a medical context, health data is a much broader term. In particular health data includes information about whether an individual:
Has a physical injury;
Wears glasses or contact lenses;
Is at risk of disease in the future;
Is ill in an employment context
Furthermore health data includes data about a person’s intellectual and emotional capacity, data on health conditions to be used in an emergency, membership of a patient support group, blood and urine test results and hereditary or genetic predispositions.
On the other hand the Working Party has concluded that some personal data processed through M-Health apps is not necessarily health data because it does not disclose data about an individual’s health (for example data about how many steps an individual takes during a day which on its own account produces no conclusive output about health as such).
As more and more individuals use wearable technology to manage health and lifestyle and as more and more clinics prescribe apps to assist in health management it will continue to become important for participants in the healthcare ecosystem to understand their roles and responsibilities in respect of these sensitive categories of personal data.