The European Data Protection Supervisor (EDPS) has launched the EDPS-IPEN Privacy by Design contest for mobile Health (mHealth) applications.
The initiative aims to promote privacy engineering through the demonstration of a mHealth application implementing the “privacy by design and by default” principles, in order to create best practices that may constitute a reference for privacy-friendly development of mobile apps.
The mHealth sector has rapidly expanded in recent years. Undoubtedly, mHealth apps may lead to benefits in the life of individuals, lowering the cost of healthcare, empowering the control of patients over own healthcare, granting an immediate access to medical care and information online and providing new insights for medical research through the use of large amount of personal data.
At the same time, processing such data at large scale and over connected devices may reduce users’ control over their personal information and risks being misused and adversely affect users’ interests and fundamental rights. This is magnified by the mobile apps ecosystem, which so far has not given evidence of effective protection of personal data and integration of the principles of privacy by design and by default.
Filling this gap is of utmost importance and urgent. Healthcare providers and developers should therefore accept this challenge and consider the protection of privacy and personal data as a priority, especially after the adoption of the General Data Protection Regulation (GDPR) in the EU.
Contestants are challenged to develop a useful and user-friendly mHealth application at the forefront of the implementation of the data protection by design and by default principle, as required under the GDPR.
The contest is now open to any legal entity (including natural persons) or group of legal entities established in an EU Member State.
Two applications will be awarded prizes.
The application ranking as first in the selection will be awarded EUR 20 000.
The application ranking as second in the selection will be awarded EUR 10 000.
Both winners will have the opportunity to present their projects at the 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC), which will take place in Brussels the last week of October 2018.
Opening for submissions: 30 April 2018
Deadline for submissions: 3 August 2018 at 17.00 Central European Summer Time (CEST)
Evaluation period: September 2018
Possible project demonstration: September-October 2018
Award decision: end of September-mid October 2018
Prize Award ceremony: side event at the International Conference of Privacy and Data Protection Commissioners 2018, last week of October 2018, in Brussels
The rules and conditions for participation, including the eligibility and award criteria, are detailed in the Rules of Contest. Applications should be submitted using the online entry form by 3 August 2018 at 17.00 Central European Summer Time (CEST).
For questions about the contest, please email: firstname.lastname@example.org.