Researchers and doctors are increasingly using connected objects to track patients or collect information. The protection of this data has become a major issue.
 |
File produced in partnership with Science & Health the magazine  |
The use of information and communication technologies in the health sector poses a major problem: that of data security. Concerning health, they are said to be “sensitive” with regard to the law and therefore subject to special protection. In France, it is the National Commission for Informatics and Freedoms (Cnil) which oversees this, by ensuring the application of the 1978 Data Protection Act.
In a May 2014 study, the CNIL found that information on the use of personal data by publishers of connected objects and health applications was insufficient.
700 projects per year
In addition, the Data Protection Act requires that security cover “the fact that third parties cannot access the data, but also the integrity of the data”, states Délia Rahal-Lofksög, head of the health service at the CNIL . It is therefore for a publisher to ensure that in the event of a bug, hacking or other technical problem, the medical information provided will not be incorrect (diagnosis of hyperglycemia instead of hypoglycemia, for example). In order to strengthen and standardize this protection, a European regulation in the process of being adopted provides for privacy impact analyzes to be put in place by file managers in order to assess, for example, the consequences of a data hacking.
Finally, all research projects using personal data must first be the subject of a validation by the CNIL, which authorizes an average of 700 per year, including projects involving connected objects.
Bruno Scala
Science & Santé, the Inserm magazine
.
