A Proposal for a Robust Validated Weighted General Data Protection Regulation-based Scale to Assess the Quality of Privacy Policies of Mobile Health Applications: an eDelphi Study

Healthcare services are undergoing a digital transformation in which the Participatory Health Informatics field has a key role. Within this field, studies aimed to assess the quality of digital tools, including mHealth apps, are conducted. Privacy is one dimension of the quality of a mHealth app. Pr...

Descripción completa

Detalles Bibliográficos
Autores: Benjumea Mondéjar, Jaime, Ropero Rodríguez, Jorge, Dorronzoro Zubiete, Enrique, Rivera-Romero, Octavio, Carrasco Muñoz, Alejandro
Tipo de recurso: artículo
Estado:Versión aceptada para publicación
Fecha de publicación:2023
País:España
Institución:Universidad de Sevilla (US)
Repositorio:idUS. Depósito de Investigación de la Universidad de Sevilla
OAI Identifier:oai:idus.us.es:11441/150807
Acceso en línea:https://hdl.handle.net/11441/150807
https://doi.org/10.1055/a-2155-2021
Access Level:acceso abierto
Palabra clave:Participatory health informatics
mHealth apps
Privacy policies
Assessment scale
GDPR
Descripción
Sumario:Healthcare services are undergoing a digital transformation in which the Participatory Health Informatics field has a key role. Within this field, studies aimed to assess the quality of digital tools, including mHealth apps, are conducted. Privacy is one dimension of the quality of a mHealth app. Privacy consists of several components, including organizational, technical and legal safeguards. Within legal safeguards, giving transparent information to the users on how their data is handled is crucial. This information is usually disclosed to users through the privacy policy document. Assessing the quality of a privacy policy is a complex task and several scales supporting this process have been proposed in the literature. However, these scales are heterogeneous and even not very objective. In our previous study, we proposed a checklist of items guiding the assessment of the quality of a mHealth app privacy policy, based on the General Data Protection Regulation. Objective: To refine the robustness of our General Data Protection Regulation-based privacy scale to assess the quality of a mHealth app privacy policy, to identify new items, and to assign weights for every item in the scale. Methods: A two-round modified eDelphi study was conducted involving a privacy expert panel. Results: After the Delphi process, all the items in the scale were considered „important“ or „very important“ (4 and 5 in a 5-point Likert scale, respectively) by most of the experts. One of the original items was suggested to be reworded, while 8 tentative items were suggested. Only 2 of them were finally added after Round 2. 11 of the 16 items in the scale were considered „very important“ (weight of 1), while the other 5 were considered „important“ (weight of 0.5). Conclusions: The Benjumea privacy scale is a new robust tool to assess the quality of a mHealth app privacy policy, providing a deeper and complementary analysis to other scales that assesses the general quality. Also, this robust scale provides a guideline for the development of high-quality privacy policies of mHealth apps.