This initiative aims at promoting privacy engineering through the demonstration of a mHealth application implementing the “privacy by design and by default” principles, in order to create best practices that may constitute a reference for privacy-friendly development of mobile apps.

The challenge to solve

The sector of mHealth has rapidly expanded in recent years. Undoubtedly, mHealth apps may lead to benefits in the life of individuals, lowering the cost of healthcare, empowering the control of patients over own healthcare, granting an immediate access to medical care and information online and providing new insights for medical research through the use of large amount of personal data.

At the same time, processing such data at large scale and over connected devices may reduce users’ control over their personal information and risks being misused and adversely affect users’ interests and fundamental rights. This is magnified by the mobile apps ecosystem, which so far has not given evidence of effective protection of personal data and integration of the principles of privacy by design and by default.

Filling this gap is of utmost importance and urgent. Healthcare providers and developers should therefore accept this challenge and consider the protection of privacy and personal data as a priority, especially after the adoption of the General Data Protection Regulation (GDPR) in the EU.

Contestants are challenged to develop a useful and user-friendly mHealth application at the forefront of the implementation of the data protection by design and by default principle, as required under the GDPR.

The contest is now open to any legal entity (including natural persons) or group of legal entities established in an EU Member State.

Prizes

Two applications will be awarded prizes.

The application ranking as first in the selection will be awarded EUR 20 000.

The application ranking as second in the selection will be awarded EUR 10 000.

Both winners will have the opportunity to present their projects at the 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC), which will take place in Brussels the last week of October 2018.

Timetable

Opening for submissions: 30 April 2018

Deadline for submissions: 29 June 2018 at 17.00 Central European Summer Time (CEST)

Evaluation period: July-September 2018

Possible project demonstration: September 2018

Award decision: end of September 2018

Prize Award ceremony: side event at the International Conference of Privacy and Data Protection Commissioners 2018, last week of October 2018, in Brussels

Rules and submissions

The rules and conditions for participation, including the eligibility and award criteria, are detailed in the Rules of Contest. Applications should be submitted using the online entry form by 29 June 2018 at 17.00 Central European Summer Time (CEST).

Rules of Contest

Submit here

Source and Contact:
European Data Protection SupervisorThe EU's independent data protection authority

> More information
> For questions about the contest, please email: privacy-prize@edps.europa.eu.