At eHealth Week in Amsterdam on 8 and 9 June, two sessions - one on the Privacy Code of Conduct and one on mHealth assessment guidelines - focussed on the quality and privacy of mobile health (mHealth) apps. The presentations are now available as is a public survey on the guidelines.

data privacy

Privacy Code of Conduct for mHealth apps

The session "Privacy Code of Conduct for mHealth Apps" on 8 June was very well-attended. Representatives from the European Commission presented the final draft of the Code and explained the new provisions of the General Data Protection Regulation, especially those relevant for Codes of Conduct.

The panel included an app developer, a patient organisation representative and a member of the drafting team who all shared their expectations for the Code of Conduct as well as their practical experiences in the field. In order to be successful, the Code has to be communicated well and in an accessible manner to app developers and the governance should involve all relevant stakeholders.

The Code of Conduct has been developed by an industry drafting team, facilitated by the European Commission, and contains practical guidelines for app developers on how to take data protection principles into account when developing mHealth apps. It has been submitted on 7 June, timely for eHealth Week, to the Article 29 Working Party (an advisory group made up of all 28 national data protection authorities) for their review. Once it is approved by the 29 Working Party, it can be signed and used by developers of mHealth apps across the EU.


  • Pēteris Zilgalvis, European Commission, DG Connect (presentation slides)
  • Michele Voznick, European Commission, DG JUST
  • Ragnhild Varmedal, University Hospital of North Norway
  • Alexander Whalen, DigitalEurope
  • Francesco Florindi, European Cancer Patient Coalition

Towards a common approach in assessing validity and reliability of mHealth apps

A European Commission working group is working on guidelines (expected to be finalised by the end of this year) that can help different stakeholders, in particular end-users, to assess the data validity and reliability of an mHealth app.

On 9 June at eHealth Week, the latest draft of these guidelines was presented by Andrew Ruck & Charles Lowe from Consard Ltd (presentation slides).

Presentations were also given by Carmen Laplaza Santos from DG Connect and Erik Hansson from DG GROW (both European Commission), focussing on activities at European level under way in relation to mHealth.

The discussion afterwards focussed on a number of 'open issues': the scope of the guidelines, the way they would need to mesh with other legislation and guidance, users' perspectives and users' needs from the guidelines and which form they should take.

Have your say

The outcome of the session is being used to further develop the guidelines reflecting the views of all relevant stakeholders; You can still have your say through a Survey Monkey questionnaire. The deadline for responding is 31 August 2016. 

Related documents: