How can we develop secure and reliable health apps?

The head of the mHealth Office of the TIC Salut Social Foundation, Carme Pratdepadua, led a webinar on developing secure and reliable health apps, aimed at startups and research centres. The seminar was held as part of the cycle Breakfasts and Learn of the TECSAM network, on 10th April 10, and can be viewed at this link.

Before getting into the practical tips, Ms. Pratdepadua made an introduction on the state of health apps in Catalonia and Europe, stressing institutional efforts in recent years to promote the use and development of quality digital assets that improve people’s health. These include, for example, initiatives such as the Mobile Apps Certification Service of the TIC Salut Social Foundation, the new best practices guide for app development and the digital asset radar that the Foundation’s mHealth team is developing with the Citizenship Area of CatSalut, and the European project Label2Enable which promotes the ISO/TS 82304-2 evaluation framework of healthcare applications in Europe.

Tips and relevant resources

To date, there is no single clear regulation that ensures the quality of apps regardless of their developer. However, there is consensus on certain aspects that any entity developing digital assets must consider in order to offer a secure, quality product that provides trust and solutions to the public.

Below we detail the main resources that Ms. Pratdepadua offered in the online seminar:

• Guide to best practices in app development, drawn up in 2021 by the TIC Salut Social Foundation and based on the guidelines of the Generalitat of Catalonia and the Department of Health. Although in the coming months it will be replaced by the new edition, it is still a useful resource for the development of robust, secure, reliable, easy-to-use Apps that preserve data privacy and are accessible to the public at large. The different aspects it considers include ethics, the user experience and accessibility, interoperability, privacy and security, reliability and scientific rigour, and trust and transparency.
• Privacy by design and privacy by default. Developer’s Guide, published by the Catalan Data Protection Authority in February 2023. This document aims to facilitate compliance with the Data Protection Regulation from the beginning of product and service development, addressing issues such as the minimisation of data collected, the legal basis of data collection and processing, transparency, data use, maintenance and conservation, and measures to protect personal data.
• W3C Accessibility Standards, published by the World Wide Web Consortium (W3C). This international reference guide establishes the ground rules that websites and digital solutions should follow for optimal accessibility and usability. Among the different tips, it is recommended to have a short waiting time (never more than 5 seconds), ensure universal and inclusive access through intuitive use and appropriate design, that the content is labelled and that it is compatible with the voice assistants, vibration and screen readers, etc. Another relevant resource from this entity is the Web Accessibility Evaluation Tools List, where we can find tools to evaluate how accessible websites are.
• The Clear Communication Guide, promoted in February 2024 by the Generalitat of Catalonia. Clear communication is aimed at the entire population, regardless of age, level of literacy, location, financial means, etc., and ensures that the information that citizens receive is clear and can be easily understood. The document includes a series of writing rules that facilitate the understanding of text, as well as models for a comprehensible structure and an appropriate graphic design.
• Decision support tool to choose the type of app development, written in 2021 by the TIC Salut Social Foundation, based on the article ‘Decision Point for Selecting Your Mobile App Architecture’ from Garner Research. This is an Excel file that allows you to calculate what is the best development environment that can be adapted to the needs of the project to create a digital solution for the entity. To get the result, the tool requires the input of priorities on issues such as portability, maintainability, access to device functions, or the use of native skills, among others, and the result is a summary table with the existing development environments which are most suitable for the project you want to create.
• App Self-Assessment Test, created by the TIC Salut Social Foundation. This is an online questionnaire of 31 questions divided into 5 thematic blocks: usability, technological area, accessibility, security and privacy area, and functional area. The test allows entities promoting Apps to know the degree of maturity of their solution and if it is ready to start a certification process.
• Directory of Digital Assets, promoted by the TIC Salut Social Foundation. Its objective is to publicise Digital Health and Social Assets relevant to Catalonia. To do this, in addition to collecting health and wellness mobile applications that have successfully passed the Foundation’s certification process, the Directory includes health and social digital assets recommended by health or social centres, or identified in reference frameworks that assess its quality, including mobile applications and WebApps or web pages.

For more information, don’t miss the webinar.