NT Mobile Menu

Search form


Smartphone Headache Diaries: Privacy Pros and Cons

Smartphone Headache Diaries: Privacy Pros and Cons

©Art4All/ Shutterstock


Mr. Stieglitz is an attorney who represents clients regarding technology matters. Dr, Minen is Chief of Headache Research at NYU Langone Medical Center in New York.

Patient: Doctor, I don’t think I need migraine preventive medication.

Doctor: You told me that you have three severe attacks each month and I’m concerned about the amount of ibuprofen you’re taking for more mild to moderate headaches. How often are you actually taking the medication?

Patient: I‘m not sure because I don’t keep track. But I don’t want to take a daily medication.

Doctor: I know that you’re worried about adverse effects of migraine preventive medication but I’m concerned about the frequency of your headaches and the amount of pain medication you’re taking each month. Download a smartphone application to document your headaches and medication over the next month. We’ll review the results at your next visit.

Patient: That sounds fine, doctor. Which smartphone application should I use?

Doctor: Some patients like [X] and others like [Z]. Why don’t you look into both of them and choose the one you like.

In headache medicine, the treatment plan frequently includes daily headache diaries. Historically, doctors have recommended paper diaries as the most common approach. However, studies show that electronic diaries have more reliability than traditional paper diaries, and their instant availability means that people with migraine can enter data whenever and wherever they have their phone.1 Over 100 commercial headache applications (apps) are currently available.2

Physicians may advise the use of smartphone apps that allow migraine patients to record the severity and frequency of headaches, remind patients about medication use, and more. However, before recommending that patients use a particular app, doctors should consider whether patients understand the privacy implications of using the app, and whether the app could make use of recorded patient data that differs from the patient’s privacy expectations.

In the US, privacy law protections generally depend on the business sector collecting or holding the information rather than whether the information itself is considered private. (The sector-based approach of the US differs from many other countries that apply privacy protections to personally identifiable information regardless of the business sector involved.)

For the medical sector, the Health Insurance Portability and Accountability Act (HIPAA) requires “covered entities,” (including health care providers, health plans, and health care clearinghouses) to ensure that patients’ protected health information (PHI) is only disclosed for specific permissible uses, such as treatment, payment, and health care operations. HIPAA also applies by extension to “business associates” who receive PHI from a covered entity to provide necessary functions, such as billing and information technology. Covered entities must use a contract to ensure that business associates comply with HIPAA.

For the vignette above, the patients’ disclosure directly to the doctor of headache frequency and severity, along with medication history, receives strong privacy protection under HIPAA and may only be disclosed by the doctor for permitted purposes. For example, HIPAA generally prevents a doctor from selling information about a patient’s headaches to third parties for the purpose of marketing products to the patient (see, eg, 45 CFR § 164.508).


Loading comments...

By clicking Accept, you agree to become a member of the UBM Medica Community.