Last Updated: June 2023Click To View (PDF)

This infographic provides a nonexhaustive list of third-party resources, frameworks and guidance organizations can consider when increasing protections for products and services that collect, use and/or sell digital health data.

The proliferation of mobile health applications has sparked a renewed interest in privacy protection. In the U.S., recent discussions focused on digital health data outside the scope of the Health Insurance Portability and Accountability Act. For more on this topic, see Privacy and digital health data: The femtech challenge. In addition to the risk of a data breach, health data and other relevant data, including geolocation, purchase history and search history, collected and generated through mobile apps may be shared with third party vendors, analytics companies and law enforcement. In 2021, only 47% of respondents to a U.S. consumer survey reported trusting online services, including apps, to protect their personal data. In the wake of Dobbs v. Jackson Women’s Health Organization, users are even more concerned about privacy protections for their digital data on mobile health apps and wearable tech.

The IAPP additionally hosts a "Health Privacy" topic page in the Resource Center.