mHealth Data Security, Privacy, and Confidentiality: Guidelines for Program Implementers and Policymakers
As digital health tools and data platforms proliferate, it’s important to look at how and if they are able to protect client privacy and system security. MEASURE Evaluation, funded by the United States Agency for International Development (USAID), has published the mHealth Data Security, Privacy, and Confidentiality Guidelines and a companion checklist to help mHealth project managers and health information systems (HIS) officials from ministries of health assess their system capacity to address these concerns.
A landscape analysis and literature review showed that digital systems in sub-Saharan Africa are developing fast and a need exists for leadership to establish or improve the existing governance.
Vulnerabilities exist at each point of the mHealth ecosystem, such as lack of policy guidance, hardware and software vulnerable to unauthorized infiltration, or insecure user practices. These guidelines propose ways to proactively address vulnerabilities to reduce possibilities of data breaches and address leadership and governance, user-training, and technology-specific issues.
The guidelines and checklist are global public goods that countries and organizations can use to strengthen their mHealth systems. Like most digital tools, these guidelines will be updated based on new learning and evolving technology.