IN REMOTE areas or during an emergency, health-care professionals can decide much quicker what type of treatment a patient needs if they have immediate access to cellphone data about the person’s health.

While such data can make a world of difference to those requiring care, it is the collection, usage and sharing of this information that raises concerns.

According to a study by Dirk Brand and Nezerith Cengiz from Stellenbosch University and Annelize Nienaber McKay from the University of Pretoria and Abertay University in Scotland, adequate legal protection is needed to ensure this is done in a responsible and ethical manner that respects an individual’s rights and privacy.

The study was published recently in the South African Journal of Science.

“In cases of urgent medical care, real-time location is shared with health-care professionals through smartphones or smartwatches, and in cases of remote health monitoring via digital applications that transmit data to them to bridge the barrier of access to treatment,” the researchers said.

“As personal information collected through health and fitness apps can be used by health-care professionals to provide services to individuals, so can digitally collected health data and even medical insurance data be used in medical research.

“However, the collection, storage and sharing of personal information on cellphones elicits various legal questions relating to the protection of privacy, consent, unlawful data processing, liability and the accountability of stakeholders such as health insurance providers, hospital groups and national departments of health,” they said.

They added that health data was more sensitive than other forms of personal data, which makes this an enticing prospect for cybercriminals.

Because apps are interlinked, eg, a fitness app that provides the possibility of sharing data on social media apps, the risk of a data breach or unauthorised use of the personal data increases.

“No wonder, this type of data receives special attention in data protection legislation such as the EU’s General Data Protection Regulation and our own Protection of Personal Information Act (Popia). Health information qualifies as ‘special personal information’ in terms of section 26(1) (a) of Popia, and therefore it qualifies for special protection,” they said.

But these measures do not adequately address the various ethical and legal issues related to mobility and location data in health care, the researchers said. They called for a comprehensive legal framework that includes data protection regulations, ethical guidelines and oversight mechanisms.