Wearables and Mobile Health Applications (mHealth)

Maintaining privacy and confidentiality of participant information is complicated and currently not strongly regulated.

Wearables include:

• glasses
• cameras
• health monitors that record, transmit, or synchronize with other applications

Mobile Health Applications is a broad topic.

• HHS Resources for Mobile Health Apps Developers
  The US Department of Health & Human Services (HHS) provides this guidance related to mHealth.
• Health App Use Scenarios and HIPAA (PDF)
  The HHS describes use cases and compliance including cases when the participant collects and provides the information from the device or the application.

WVU Guidance

• Approvals
  Any device WVU researchers provide to a participant must be approved using the Human Subject Data Protection process, further HIPAA compliance assessment may be required.  Delays may occur, please plan accordingly. 
• Data Collection
  If the data is collected by a third-party vendor, the participant's identifying information must be coded when the device is configured at WVU unless WVU has a Business Associates Agreement (BAA) with the vendor.
• Data Transmission
  If the data is collected and sent by a third-party vendor must be sent to WVU using generic email addresses provided by WVU ITS unless WVU has a Business Associates Agreement (BAA) with the vendor.
• Mobile Health Applications used or developed by WVU researchers require HIPAA assessment by the WVU Information Security Office. Delays may occur, please plan accordingly.

• Compliance Challenges in a Longitudinal COVID-19 Cohort Using Wearables for Continuous Monitoring: Observational Study
• 3 Reasons Why Wearables Bring New Complications for HIPAA Compliance
• Privacy Data Ethics of Wearable Digital Health Technology
• Request a Consultation