10 Privacy Recommendations for Health App Developers From the AMA’s Latest Privacy Principles
Here are 10 significant points for health app developers from the AMA’s Privacy Principles:
- At or before the time of collection, make sure consumers know what information you are accessing, using, disclosing, and processing. Don’t use vague statements in a privacy policy that do not give consumers a meaningful understanding of what is happening.
- Give consumers the right to control access, use, processing, and disclosure of their data on a granular, rather than document, level.
- Give consumers the right to delete their information (exceptions apply).
- Allow consumers the ability to access and extract their data in a machine-readable format.
- Get opt-in consent before using a consumer’s information to train machines or algorithms.
- Minimize the collection and disclosure of health information.
- Provide consumers who use apps to access their medical records the ability to annotate their medical records, and have mechanisms to record who made the annotation, how, when, and why.
- Do not facilitate discrimination by, for example, creating and sharing risk scores or otherwise providing unconsented access to identifiable medical information that could form the basis for adverse decision-making.
- Maintain the confidentiality of consumers’ information.
- Make your de-identification processes and techniques publicly available.