Privacy Policy for smartNTx

Zurück

Type of data collection

The “smartNTx” app, henceforth called “App” is used to collect health, behavioural and environmental data from kidney transplant patients in the context of a scientific research study, named “smartNTx+”. The research study is a collaboration between the following institutions:

  • Hahn-Schickard
  • Deutsches Forschungszentrum für Künstliche Intelligenz (DFKI)
  • Universitätsklinikum Erlangen
  • Charité Berlin
  • Universitätsklinikum Essen

The collection and processing of the data obtained in the App is pseudonymous and encrypted by Hahn-Schickard. The pseudonymous data is sent encrypted by the App to a secure Bexome gateway. From the gateway, another encrypted connection is used to transfer data to hospital-internal research servers within the hospitals’ firewalls. Each university hospital only receives the pseudonymous patient data for which it is responsible. The pseudonymous data will be stored on the respective clinical server for at least 10 years.

Pseudomisation is performed using an participant identification number (PID) without specifying the name of the study participants. Pseudonymous means that the data cannot be used to identify a participant, without an additional coding list that links PIDs to the participant names. Coding lists exist that link the respective name to the PID. The coding lists are only accessible to the clinical study managers of the respective hospitals, i.e. only the clinical study managers can assign the collected data to the respective patient name. Hahn-Schickard and DFKI have no access to the coding lists. The coding lists will be destroyed after completion of the evaluation. As long as the coding lists exist, patients can request deletion of all collected data. However, once the coding lists are deleted, the data can no longer be identified. Therefore, the request for deletion of data can only be implemented as long as the coding lists exist.

Data access is secured and personalised. Only designated clinical managers, hospital-internal IT staff and researchers from the research centers associated with the smartNTx study are granted access to the pseudonymous patient data. The designated clinical staff only have access to the pseudomised patient data in their own servers. Only researchers of Hahn Schickard and DFKI involved in the study have access to the servers of all university hospitals via separate, secure and personalized accesses.

The research study had been assessed and approved by a Medical-Ethical Committee according to the rules of good scientific practice. Study participants will fully informed about the data collection, transfer, and storage. Each study participant must sign the study-related consent form before participating. 

Usage of Google Fit, Health Connect and Apple Health for the data collection

The App collects data using Google Fit, Health Connect and Apple Health, depending on the smartphone platform and version used by the participant. Furthermore, the App is used to record health-related data samples from sensors of smartwatch and smartphone of the study participant, as well as participant interaction with in-app.

The App takes the following data from Google Fit / Health Connect / Apple Health:

BexomeFlutter HealthIOS-AppleHealthAndroid Google Fit / Health Connect
Fit/stepsSTEPSstepCountTYPE_STEP_COUNT_CADENCE
Bloodpressure/heart-rate + Fit/heartrateHEART_RATEheartRateTYPE_HEART_RATE_BPM
Fit/moveMOVE_MINUTESappleMoveTimeTYPE_MOVE_MINUTES
Fit/caloriesACTIVE_ENERGY_BURNEDactiveEnergyBurnedTYPE_CALORIES_EXPENDED
Balance/weightWEIGHTbodyMassTYPE_WEIGHT
Bloodpressure/diastolicBLOOD_PRESSURE_DIASTOLICbloodPressureDiastolicFIELD_BLOOD_PRESSURE_DIASTOLIC
Bloodpressure/systolicBLOOD_PRESSURE_SYSTOLICbloodPressureSystolicFIELD_BLOOD_PRESSURE_SYSTOLIC
Temperature/valueBODY_TEMPERATUREbodyTemperatureTYPE_BODY_TEMPERATURE
Balance/body_mass_indexBODY_MASS_INDEXbodyMassIndex
Balance/body_fat_percentageBODY_FAT_PERCENTAGEbodyFatPersentageTYPE_BODY_FAT_PERCENTAGE
Fit/distanceDISTANCE_WALKING_RUNNINGdistanceWalkingRunning
Fit/activityELECTRODERMAL_ACTIVITYelectrodermalActivity
Fit/low_intensityLOW_HEART_RATE_EVENTlowHeartRateEvent
Fit/high_intensityHIGH_HEART_RATE_EVENThighHeartRateEvent
Fit/hours_sleepSLEEP_IN_BEDsleepAnalysis
Fit/awakeSLEEP_AWAKEsleepAnalysis
Fit/asleepSLEEP_ASLEEPsleepAnalysis
Fit/outofbedSLEEP_OUT_OF_BEDsleepAnalysis
Fit/lightsleepSLEEP_LIGHTsleepAnalysis
Fit/deepsleepSLEEP_DEEPsleepAnalysis
Fit/REMSLEEP_REMsleepAnalysis
Bloodpreasure/resting_heart_rateRESTING_HEART_RATErestingHeartRate
BASAL_ENERGY_BURNEDBasalMetabolicRateRecord
BLOOD_GLUCOSEBloodGlucoseRecord
BodyWaterMassRecord
BoneMassRecord
BIKINGCyclingPedalingCadenceRecord
EXERCISE_TIMEExerciseSessionRecord
FloorsClimbedRecord
HEART_RATE_VARIABILITY_SDNNHeartRateVariabilityRmssdRecord
HydrationRecord
LeanBodyMassRecord
NUTRITIONNutritionRecord
BLOOD_OXYGENOxygenSaturationRecord
PowerRecord
RESPIRATORY_RATERespiratoryRateRecord
SpeedRecord
STEPSStepsCadenceRecord
Vo2MaxRecord

How the application accesses Google and Apple user data:

The application uses the Flutter Health Package to access the GoogleFit and Health Connect Data on android or the Apple Heath data on iOS.

How the application stores Google and Apple user data:

The GoogleFit and Health Connect respectively AppleHealth user data is saved pseudonymously in the user’s phone and securely transferred through a Bexome Gateway of Hahn Schickard to the research server at the participant-associated hospital. The data access and storage are restricted as described above in Type of data collection.

How the application shares Google or Apple user data:

The application does not make any Google or Apple user data publicly accessible. The data stored on the clinical servers of the respective hospitals is only processed by selected persons who belong to the research institutions participating in the study.

Additional data collected through Bexome

  • location
  • acceleration
  • bluetooth communication with Beurer Medical Devices

Privacy and confidentiality

All data collected in studies with the Bexome app are published fully anonymised and kept confidential in accordance with the European Union (EU) General Data Protection Regulation (GDPR). Subsequent use of data is subject to standard data use policies that protect the complete anonymity of participating individuals. In all cases, the use of data is subject to the General Data Protection Regulation. Employees of the research institutes or hospitals who are not involved in the studies do not have access to the raw data or protocols. This precaution is intended to prevent any negative impact from individual comments made by study participants. As with any publication or online activity, the risk of a breach of confidentiality always exists. In accordance with the GDPR, researchers will inform participants if a data confidentiality breach has been identified.

Responsible for the research study

  • Prof. Dr. Oliver Amft and Dr. Mario Cypko
    • Hahn-Schickard-Gesellschaft für angewandte Forschung e.V.
      – IES Lab Freiburg

Data Protection Officer of Hahn-Schickard

  • Ralf Heimburger
    • Datenschutz Südwest
    • Achauerstraße 8
    • 78647 Trossingen
    • Phone number: +49 07425 9400050
    • [email protected]