The excitement around mHealth has led to a proliferation of programs, especially in the developing world. But how can countries ensure data integrity and privacy are a part of this new tech?
Mobile health (mHealth) technologies—a critical component of digital health—can improve access to health services and help deliver the necessary data for decision making. The technology also has the potential to lower health costs by streamlining processes and reducing redundancies. At least, those are the ideas behind the growing proliferation of mHealth programs.
But are mHealth programs fulfilling their potential, and are developing countries ready to fully implement them? That’s the question Sam Wambugu set out to answer.
Wambugu leads the health informatics portfolio for MEASURE Evaluation, a project to strengthen health systems in developing countries that’s funded by the U.S. Agency for International Development (USAID). In 2016, he led an effort in Tanzania and Kenya to examine the ways mHealth technologies were being used and to assist in recommending best practices for low- and middle-income countries.
“mHealth is great innovation but, so far, it’s a mixed bag. It’s a mixed bag because well-meaning innovators have a free hand to create mHealth programs. Since there are no national guidelines, these innovations can hinder instead of helping the health systems,” Wambugu says. “Implementation is sporadic. Without enough training for users or maintenance of the device, or even a clear idea of exactly what they want to improve.”
How we investigated
Wambugu’s research focused on Tanzania and Kenya, both of which are implementing mHealth programs. The two countries have an open data policy and use DHIS 2 software for aggregating health data.
He first conducted a survey of peer-reviewed literature on the subject to gather existing insights regarding mHealth implementation in Tanzania and Kenya and other developing countries. Then, directed by implementers, he selected six mHealth programs in each subject country for conducting interviews with stakeholders.
The literature review documented both the strengths and weaknesses of mHealth programs. The positive finding was a rapid scale-up of mHealth, with the hope that it would save money, improve program coverage, and enhance quality of care in the long run.
But weaknesses were significant. Patients worried that their personal information was not kept private and secure; workers often didn’t know how to type and transmit data; connectivity issues meant data might take several days to reach district offices; and weak or lacking maintenance protocols for the devices compromised security and quality of data.
Wambugu conducted interviews at clinics, offices of community-based interventions, and district health offices where data were reported in a mix of rural and urban areas. He spoke with community health workers, program managers, health coordinators at district offices who monitor data quality and completeness, national eHealth managers in the capital cities, and one software developer in Kenya.
What we learned
The research acknowledges that mHealth fills an important gap in scaling existing health programs and enables much faster data collection and transmission from the origin to the point of use. But, there has been little assessment of data quality, privacy, security, and confidentiality. Health programs may not be paying enough attention to the devices to make certain they are secure, password-protected, anti-virus loaded, and well maintained.
In Tanzania, one program he found had a plan for some of these concerns. It provided 700 health workers with mobile devices to improve quality of care—complete with standards for data quality, job aids and other tools, and advice on interaction with patients. Among stakeholders he spoke to in Kenya, no such infrastructure existed along with the devices and, although Kenya has standards and guidelines for mHealth, they are not always followed.
What we recommended
Wambugu, together with his project team at MEASURE Evaluation, came away with a raft of recommendations. Among them included the need for program teams to take into account health worker and community customs when planning a mHealth initiative. Some health workers are uncomfortable typing data, for example. Others are concerned that they cannot review the data they submit.
Another finding the team highlighted is that mHealth programs should focus on local context and user needs, continuously monitoring and adjusting both.
“Don’t start with the engineers,” he says. “Start with asking how to improve health care for people, including safeguarding their privacy and security. Or, we could reverse the gains that we have the potential to make because they won’t trust the system.”
Most importantly, a country must establish a framework for using mHealth that takes into account the realities on the ground and builds consistency and interoperability—rolling out before this could create chaos. “And don’t forget to involve the community and take their opinions into account,” says Wambugu. “Help them along this journey and routinely evaluate the program to be certain it’s actually adding value.”
What we did with the findings
With these learnings, the health informatics team at MEASURE Evaluation developed normative data security and privacy guidelines in 2018 for use by countries in their digital health systems. In 2019, the team supported Uganda in adapting them for its national data security and privacy guidelines. Other countries can also apply this resource as they expand their digital health footprint and make the most of mHealth.