EDPS-IPEN Privacy by Design contest for mobile Health (mHealth) applications


The European Data Protection Supervisor (EDPS), in partnership with the Data Protection Authorities of Austria, Ireland and Schleswig-Holstein and supported by the Internet Privacy Engineering Network (IPEN), is pleased to announce the launch of the EDPS-IPEN Privacy by Design contest for mobile Health (mHealth) applications.

This initiative aims at promoting privacy engineering through the demonstration of a mHealth application implementing the “privacy by design and by default” principles, in order to create best practices that may constitute a reference for privacy-friendly development of mobile apps.

The challenge to solve

The sector of mHealth has rapidly expanded in recent years. Undoubtedly, mHealth apps may lead to benefits in the life of individuals, lowering the cost of healthcare, empowering the control of patients over own healthcare, granting an immediate access to medical care and information online and providing new insights for medical research through the use of large amount of personal data.

At the same time, processing such data at large scale and over connected devices may reduce users’ control over their personal information and risks being misused and adversely affect users’ interests and fundamental rights. This is magnified by the mobile apps ecosystem, which so far has not given evidence of effective protection of personal data and integration of the principles of privacy by design and by default.

Filling this gap is of utmost importance and urgent. Healthcare providers and developers should therefore accept this challenge and consider the protection of privacy and personal data as a priority, especially after the adoption of the General Data Protection Regulation (GDPR) in the EU.

Contestants are challenged to develop a useful and user-friendly mHealth application at the forefront of the implementation of the data protection by design and by default principle, as required under the GDPR.

The contest is now open to any legal entity (including natural persons) or group of legal entities established in an EU Member State.


Two applications will be awarded prizes.

The application ranking as first in the selection will be awarded EUR 20 000.

The application ranking as second in the selection will be awarded EUR 10 000.

Both winners will have the opportunity to present their projects at the 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC), which will take place in Brussels the last week of October 2018.


Opening for submissions: 30 April 2018

Deadline for submissions: 3 August 2018 at 17.00 Central European Summer Time (CEST)

Evaluation period: September 2018

Possible project demonstration: September-October 2018

Award decision: end of September-mid October 2018

Prize Award ceremony: side event at the International Conference of Privacy and Data Protection Commissioners 2018, last week of October 2018, in Brussels

Rules and submissions

The rules and conditions for participation, including the eligibility and award criteria, are detailed in the Rules of Contest. Applications should be submitted using the online entry form by 3 August 2018 at 17.00 Central European Summer Time (CEST).


For questions about the contest, please email: privacy-prize@edps.europa.eu.

Article Source: https://edps.europa.eu/data-protection/our-work/ipen/edps-ipen-privacy-design-contest-mobile-health-mhealth-applications_en

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No GA727816.

© Copyright 2018 PULSE project – All Rights Reserved