Privacy and mHealth: How Mobile Health 'Apps' Fit into a Privacy Framework Not Limited to HIPAA
41 Pages Posted: 13 Jul 2014 Last revised: 26 Sep 2014
Date Written: May 7, 2014
Abstract
The iPhone changed the world. On June 28, 2007, the iPhone first made it possible to carry in your pocket what amounted to a mini-computer. It was obvious from the start that this device would now connect us to our work, our friends, our families, and, more generally, to the information age. What was somewhat less obvious in 2007 was that this little device would change the way we were connected to ourselves and, in particular, our bodies and our health. The iPhone, and now smartphones of many types, not only connect us to one another and each of us to our physical health and our health care providers, but potentially they also connect our physical health to everyone else. This revolution is now popularly referred to as mobile health, or “mHealth.” The iPhone, and successors like Android and Samsung Galaxy, ushered in a new age in which privacy is being redefined. Privacy law analysis relevant to mHealth is often framed in terms of whether the Health Insurance Portability & Accountability Act (“HIPAA”) applies to an app. Although the federal health privacy statute is certainly central to many mHealth privacy inquiries, the applicable legal landscape, in fact, consists of a patchwork of privacy protections, some health-sector-specific and some not. This Article identifies how the various privacy problems relevant to mHealth have been and continue to be addressed. In addition, we offer analysis of mHealth apps by analyzing the privacy problems relevant to the different types of mHealth products. Finally, we offer commentary on what the future holds for mHealth's privacy law protections.
Suggested Citation: Suggested Citation