smart health connected health and wellness devices are constantly collecting data. Given the need to exploit them and the risks of cyber attacks, it is necessary to take stock of the challenge of sharing this sensitive information.

Today, smart health connected health devices or dedicated to
well-being designed in French and international startups flourish
on the market. Whether electrocardiograms, sphygmomanometers,
weighing scales or even blood glucose meters, these devices collect
health data often via the Internet of Things (IoT). Then arises the
question of the best solution for storing and using this information
sensitive. In France, if the storage of this type of data is external, in the
cloud, it must be done at an "authorized hosting provider" and
is subject to the General Data Protection Regulations (GDPR).
Legislation, data security and the use that can be made of it,
what are the issues and uses that flow from this crucial point?

Personal data: the right to share and to live
private

Since May 2018, the RGPD in Europe has further strengthened the
protection of health data by defining and including in legislation
the notion of privacy by design, "respect for private life from
design ". This raises the question of storing data
collected by the smart health connected devices and the obligation for their designers
to ensure security. While it is well known that mutuals,
Insurance or Occupational Medicine are still
the impossibility of being able to access this so-called sensitive information, the
users can choose to share certain information
with other organizations. Personal data relating to the
mental and physical health of a person available under the
Shared Medical Record (DMP) allow for example to health staff
improve the management of patients. The data that is stored on
the devices of well-being and medical follow-up are not taken into account
in specific cases but could perfectly complement the files with
the data recorded on a daily basis in the case of
charge, subject of course to the consent of the persons being followed.

Pooling gives full value to the data

Big data and recent advances in artificial intelligence
are a major vector of medical progress, especially in the field of development
IoT technologies. But still it is necessary to be able to access easily and
safely to all of this data! In systems
hospitals and health organizations, application silos and
data are very present. The digitization projects have paradoxically
increased these silos, especially by the proliferation of formats, interfaces, but
also against the growing danger of cyberattacks. These impose the
set up of firewall compelling the circulation of data. In fact,
immense possibilities offered by the sharing of information, even once
anonymized in accordance with the guidelines of the RGPD, are reduced or even annihilated.

The choice of the cloud: the points of vigilance

The cloud offers almost infinite storage capabilities and
cost-controlled, it seems ideally suited to receive the massive flow of
data collected both via health and well-being devices and via
health facilities. On the devices themselves, storage remains
necessarily limited when they are not smart health connected. Cloud side however,
it should be remembered that in case of failure and in the absence of redundancy, a break
even temporary access to data represents a potential danger to
patients who use them daily.

This is for example the case of type 2 diabetics who
practice self-monitoring glycemic. The devices of well-being
allow to limit the number of bites (sometimes 4 / day): depending
results, the patient or the medical staff can better measure the
amount of insulin required at a time T of the treatment. It is in these cases
precise that the level of service must be guaranteed and double storage (cloud
and devices) is recommended as well as the security and
redundancy.

Conclusion

To summarize, the conditions for the data of
well-being and health are used wisely, based on three
criteria:

• agreement, accountability and good information
  patients regarding the use of the data they agree to share,
• maximum anonymization of the stored data,
• guaranteeing access and securing data from
  health and well-being collected and stored in the cloud.

These conditions will be met once a unified standard
and readable on IoT standards and cloud security and standardization
for data sharing will be established at European level. So
the mass analysis of health data will allow the discovery and implementation of
more efficient treatments and therapies for such pathologies
than hypertension or diabetes.