DataGuidance reports:
The Article 29 Working Party (WP29) issued, on 5 February 2015, a letter to the EU Commission (‘the Commission’) addressing a request to clarify the scope of health data in the context of wellbeing and lifestyle apps.
In particular, the WP29 stated that under the current Data Protection Directive (95/46/EC) further processing of mHealth personal data (even pseudonymised) for historical, statistical and scientific research purposes should only be permitted with the explicit consent of data subjects, with exceptions laid down in national law. ‘Any proposals to weaken and thereby broaden the scope of this type of processing […] should be negatively assessed in view of the real risk for data subjects of unequal/unfair treatment, based on further processing […],’ read the letter.
Read more on DataGuidance.