How safe is your personal, medical data?

Pri­va­cy is a hot top­ic that has been gain­ing momen­tum for the past few years. With the rise of social media and mobile devices, more and more peo­ple are becom­ing aware of their pri­va­cy rights, and how to pro­tect them. The human rights law rec­og­nizes the right to pri­va­cy as a fun­da­men­tal human right and is enshrined in the Uni­ver­sal Dec­la­ra­tion of Human Rights (UDHR). This right is also rec­og­nized in oth­er inter­na­tion­al and region­al human rights instru­ments.

It’s typ­i­cal for new appli­ca­tions to request spe­cif­ic per­mis­sions when you first install them. These apps fre­quent­ly want access to per­son­al data like your con­tacts, loca­tion, or even phone cam­era. They could require this infor­ma­tion to make the app func­tion, but they might also share your per­son­al infor­ma­tion with oth­er com­pa­nies. Health apps, in par­tic­u­lar, col­lect sen­si­tive infor­ma­tion such as med­ical his­to­ry and oth­er health records. 

So how do you know your health data is safe after agree­ing to the terms and con­di­tions?

Data pri­va­cy is com­mon­ly under­stood as the right to con­trol your own per­son­al data, includ­ing its collection,use, and stor­age. You have the  right to be informed about how your per­son­al data is processed, and its pur­pose and intend­ed recip­i­ents. In today’s dig­i­tal world, the con­cept of data pri­va­cy has become more com­plex due to rapid tech­no­log­i­cal advance­ments and the evo­lu­tion of the Inter­net as an ecosys­tem. Law­mak­ers are try­ing to keep up with these evolv­ing tech­nolo­gies while still pro­tect­ing their cit­i­zens’ right to data pri­va­cy. Kenya, for instance, has the Data Pro­tec­tion Act which came into effect on 25 Novem­ber 2019. This law also out­lines the respon­si­bil­i­ties of a data con­troller and proces­sor, as well as penal­ties for vio­lat­ing its pro­vi­sions.

Intel­liSOFT Con­sult­ing Ltd is a com­pa­ny in the health IT space, col­lect­ing health data. Sen­si­tive to how our work impacts an individual’s pri­va­cy, we have tak­en a proac­tive approach to data pri­va­cy, from our bespoke prod­ucts to the indus­try. We have put in safe­guards to ensure that per­son­al data col­lect­ed by soft­ware we devel­op is safe. These include hav­ing process­es to ensure only autho­rized per­son­nel access our sys­tems. We also have a pri­va­cy pol­i­cy out­lin­ing how we use your data.

A pri­va­cy pol­i­cy is a legal doc­u­ment that pro­vides infor­ma­tion about how a tech­nol­o­gy or oth­er prod­uct or ser­vice will use your per­son­al infor­ma­tion. A pri­va­cy pol­i­cy helps you under­stand and make informed deci­sions about what per­son­al data will be col­lect­ed, for what pur­pos­es it will be used, with whom it might be shared, and under what cir­cum­stances, if any, it may be dis­closed to third par­ties. It also explains how the data sub­ject can access, cor­rect, or request the dele­tion of their per­son­al infor­ma­tion.

We also ensure that there is clear con­sent from our data sub­jects and fre­quent­ly sen­si­tize our staff on how to han­dle sen­si­tive per­son­al data while also ensur­ing they meet the DPA require­ments.

Data pri­va­cy is a right, but it’s also an oblig­a­tion. It is the respon­si­bil­i­ty of com­pa­nies to ful­ly respect the pri­va­cy of their cus­tomers and users, as well as com­ply with rel­e­vant laws. Data pri­va­cy also gives users more con­trol over their data, and requires com­pa­nies to be account­able and trans­par­ent about how they use that data.