Kolasa Katarzyna, Mazzi Francesca, Leszczuk-Czubkowska Ewa, Zrubka Zsombor, Péntek Márta
Division of Health Economics and Healthcare Management, Kozminski University, Warsaw, Poland.
Queen Mary University of London, London, United Kingdom.
JMIR Mhealth Uhealth. 2021 Jun 10;9(6):e23250. doi: 10.2196/23250.
During the COVID-19 pandemic, contact tracing apps have received a lot of public attention. The ongoing debate highlights the challenges of the adoption of data-driven innovation. We reflect on how to ensure an appropriate level of protection of individual data and how to maximize public health benefits that can be derived from the collected data.
The aim of the study was to analyze available COVID-19 contact tracing apps and verify to what extent public health interests and data privacy standards can be fulfilled simultaneously in the process of the adoption of digital health technologies.
A systematic review of PubMed and MEDLINE databases, as well as grey literature, was performed to identify available contact tracing apps. Two checklists were developed to evaluate (1) the apps' compliance with data privacy standards and (2) their fulfillment of public health interests. Based on both checklists, a scorecard with a selected set of minimum requirements was created with the goal of estimating whether the balance between the objective of data privacy and public health interests can be achieved in order to ensure the broad adoption of digital technologies.
Overall, 21 contact tracing apps were reviewed. In total, 11 criteria were defined to assess the usefulness of each digital technology for public health interests. The most frequently installed features related to contact alerting and governmental accountability. The least frequently installed feature was the availability of a system of medical or organizational support. Only 1 app out of 21 (5%) provided a threshold for the population coverage needed for the digital solution to be effective. In total, 12 criteria were used to assess the compliance of contact tracing apps with data privacy regulations. Explicit user consent, voluntary use, and anonymization techniques were among the most frequently fulfilled criteria. The least often implemented criteria were provisions of information about personal data breaches and data gathered from children. The balance between standards of data protection and public health benefits was achieved best by the COVIDSafe app and worst by the Alipay Health Code app.
Contact tracing apps with high levels of compliance with standards of data privacy tend to fulfill public health interests to a limited extent. Simultaneously, digital technologies with a lower level of data privacy protection allow for the collection of more data. Overall, this review shows that a consistent number of apps appear to comply with standards of data privacy, while their usefulness from a public health perspective can still be maximized.
在新冠疫情期间,接触者追踪应用受到了公众的广泛关注。正在进行的辩论凸显了采用数据驱动型创新所面临的挑战。我们思考如何确保对个人数据进行适当程度的保护,以及如何最大限度地提高从收集的数据中获得的公共卫生效益。
本研究的目的是分析现有的新冠接触者追踪应用,并验证在采用数字健康技术的过程中,公共卫生利益和数据隐私标准能在多大程度上同时得到满足。
对PubMed和MEDLINE数据库以及灰色文献进行系统综述,以识别现有的接触者追踪应用。制定了两份清单来评估:(1)应用程序对数据隐私标准的遵守情况;(2)它们对公共卫生利益的满足情况。基于这两份清单,创建了一个带有一组选定最低要求的记分卡,目的是估计是否能够实现数据隐私目标与公共卫生利益之间的平衡,以确保数字技术的广泛采用。
总体而言,共审查了21款接触者追踪应用。总共定义了11条标准来评估每种数字技术对公共卫生利益的有用性。最常安装的功能与接触警报和政府问责制有关。安装频率最低的功能是医疗或组织支持系统的可用性。21款应用中只有1款(5%)提供了数字解决方案有效所需达到的人口覆盖率阈值。总共使用了12条标准来评估接触者追踪应用对数据隐私法规的遵守情况。明确的用户同意、自愿使用和匿名技术是最常满足的标准。最不常实施的标准是关于个人数据泄露和从儿童那里收集的数据的信息披露。COVIDSafe应用在数据保护标准和公共卫生效益之间的平衡方面做得最好,而支付宝健康码应用做得最差。
高度符合数据隐私标准的接触者追踪应用在满足公共卫生利益方面往往较为有限。同时,数据隐私保护水平较低的数字技术能够收集更多数据。总体而言,本次综述表明,有相当数量的应用似乎符合数据隐私标准,但其从公共卫生角度的有用性仍可最大化。
