ABSTRACT
Since the Cambridge Analytica scandal, governments are increasingly concerned about the way in which citizens' personal data are collected, processed and used during election campaigns To develop the appropriate tools for monitoring and controlling this new mode of "data-driven campaigning" (DDC) regulators require a clear understanding of the practices involved. This paper provides a first step toward that goal by proposing a new organizational and process-centred operational definition of DDC from which we derive a set of empirical indicators. The indicators are applied to the policy environment of a leading government in this domain - the European Union (EU) - to generate a descriptive "heat map" of current regulatory activity toward DDC. Based on the results of this exercise, we argue that regulation is likely to intensify on existing practices and extend to cover current "cold spots". Drawing on models of internet governance, we argue that this expansion is likely to occur in one of two ways. A "kaleidoscopic" approach, in which current legislation extends to absorb DDC practices and a more "designed" approach that involves more active intervention by elites, and ultimately the generation of a new regulatory regime.
ABSTRACT
Large datasets in paediatric oncology are inherently rare. Therefore, it is paramount to fully exploit all available data, which are distributed over several resources, including biomaterials, images, clinical trials, and registries. With privacy-preserving record linkage (PPRL), personalised or pseudonymised datasets can be merged, without disclosing the patients' identities. Although PPRL is implemented in various settings, use case descriptions are currently fragmented and incomplete. The present paper provides a comprehensive overview of current and future use cases for PPRL in paediatric oncology. We analysed the literature, projects, and trial protocols, identified use cases along a hypothetical patient journey, and discussed use cases with paediatric oncology experts. To structure PPRL use cases, we defined six key dimensions: distributed personalised records, pseudonymisation, distributed pseudonymised records, record linkage, linked data, and data analysis. Selected use cases were described (a) per dimension and (b) on a multi-dimensional level. While focusing on paediatric oncology, most aspects are also applicable to other (particularly rare) diseases. We conclude that PPRL is a key concept in paediatric oncology. Therefore, PPRL strategies should already be considered when starting research projects, to avoid distributed data silos, to maximise the knowledge derived from collected data, and, ultimately, to improve outcomes for children with cancer.
ABSTRACT
BACKGROUND: In Europe, within the scope of the General Data Protection Regulation, more and more digital infrastructures are created to allow for large-scale access to patients' health data and their use for research. When the research is performed on the basis of patient consent, traditional study-specific consent appears too cumbersome for many researchers. Alternative models of consent are currently being discussed and introduced in different contexts. OBJECTIVE: This study explores stakeholder perspectives on ethical, legal, and practical concerns regarding models of consent for health data research at German university medical centers. METHODS: Semistructured focus group interviews were conducted with medical researchers at German university medical centers, health IT specialists, data protection officers, and patient representatives. The interviews were analyzed using a software-supported structuring qualitative content analysis. RESULTS: Stakeholders regarded broad consent to be only marginally less laborious to implement and manage than tiered consent. Patient representatives favored specific consent, with tiered consent as a possible alternative. All stakeholders lamented that information material was difficult to understand. Oral information and videos were mentioned as a means of improvement. Patient representatives doubted that researchers had a sufficient degree of data security expertise to act as sole information providers. They were afraid of undue pressure if obtaining health data research consent were part of medical appointments. IT specialists and other stakeholders regarded the withdrawal of consent to be a major challenge and called for digital consent management solutions. On the one hand, the transfer of health data to non-European countries and for-profit organizations is seen as a necessity for research. On the other hand, there are data security concerns with regard to these actors. Research without consent is legally possible under certain conditions but deemed problematic by all stakeholder groups, albeit for differing reasons and to different degrees. CONCLUSIONS: More efforts should be made to determine which options of choice should be included in health data research consent. Digital tools could improve patient information and facilitate consent management. A unified and strict regulation for research without consent is required at the national and European Union level. Obtaining consent for health data research should be independent of medical appointments, and additional personnel should be trained in data security to provide information on health data research.
Subject(s)
Informed Consent , Qualitative Research , Humans , Informed Consent/ethics , Informed Consent/legislation & jurisprudence , Focus Groups , Germany , Interviews as Topic , Computer SecurityABSTRACT
Initiatives to share assets in the life science sector through dedicated partnerships had and still have a multitude of different aspects in the past few decades. The range goes from industry partners, small and big companies, in bilateral agreements with academic institutions up to large privately and publicly funded consortia. In general, the term public-private partnership (PPP) is used when at least one public (non-profit, academic, and/or government) part and one or more private for-profit partners are involved. A Public-Private Partnership is often driven by a public body, i.e. a ministry or a public agency. Their synergism has been described 10 years ago (Dearing, Science 315(19):344-347, 2007; Casty and Wieman, Ther Innov Regul Sci 47(3):375-383, 2013; Stevens et al., Biotechnol Law Rep 34(4):153-165, 2015). So why view this synergism again today? It will be shown that the situation in life science has changed: novel partners acting digital, data expertise being involved on many levels and novel partnering models arising. Success and challenges will be described in this chapter.
ABSTRACT
As the use of Artificial Intelligence (AI) technologies in healthcare is expanding, patients in the European Union (EU) are increasingly subjected to automated medical decision-making. This development poses challenges to the protection of patients' rights. A specific patients' right not to be subject to automated medical decision-making is not considered part of the traditional portfolio of patients' rights. The EU AI Act also does not contain such a right. The General Data Protection Regulation (GDPR) does, however, provide for the right 'not to be subject to a decision based solely on automated processing' in Article 22. At the same time, this provision has been severely critiqued in legal scholarship because of its lack of practical effectiveness. However, in December 2023, the Court of Justice of the EU first provided an interpretation of this right in C-634/21 (SCHUFA)-although in the context of credit scoring. Against this background, this article provides a critical analysis of the application of Article 22 GDPR to the medical context. The objective is to evaluate whether Article 22 GDPR may provide patients with the right to refuse automated medical decision-making. It proposes a health-conformant reading to strengthen patients' rights in the EU.
Subject(s)
Artificial Intelligence , European Union , Patient Rights , Humans , Artificial Intelligence/legislation & jurisprudence , Patient Rights/legislation & jurisprudence , Computer Security/legislation & jurisprudence , Decision Making , Clinical Decision-MakingABSTRACT
INTRODUCTION: In German and international research networks different approaches concerning patient consent are applied. So far it is time-consuming to find out to what extent data from these networks can be used for a specific research project. To make the contents of the consents queryable, we aimed for a permission-based approach (Opt-In) that can map both the permission and the withdrawal of consent contents as well as make it queryable beyond project boundaries. MATERIALS AND METHODS: The current state of research was analysed in terms of approach and reusability. Selected process models for defining consent policies were abstracted in a next step. On this basis, a standardised semantic terminology for the description of consent policies was developed and initially agreed with experts. In a final step, the resulting code was evaluated with regards to different aspects of applicability. RESULTS: A first and extendable version for a Semantic Consent Code (SCC) based on 3-axis (CLASS, ACTION, PURPOSE) was developed, consolidated und published. The added value achieved by the SCC was illustrated using the example of real consents from large national research associations (Medical Informatics Initiative and NUM NAPKON/NUKLEUS). The applicability of the SCC was successfully evaluated in terms of the manual semantic mapping of consents by briefly trained personnel and the automated interpretability of consent policies according to the SCC (and vice versa). In addition, a concept for the use of the SCC to simplify consent queries in heterogeneous research scenarios was presented. CONCLUSIONS: The Semantic Consent Code has already successfully undergone initial evaluations. As the published 3-axis code SCC is an essential preliminary work to standardising initially diverse consent texts and contents and can iteratively be extended in multiple ways in terms of content and technical additions. It should be extended in cooperation with the potential user community.
Subject(s)
Biomedical Research , Documentation , Informed Consent , Semantics , Informed Consent/standards , Humans , Biomedical Research/standards , Documentation/standards , GermanyABSTRACT
BACKGROUND: Art. 50 of the proposal for a Regulation on the European Health Data Space (EHDS) states that "health data access bodies shall provide access to electronic health data only through a secure processing environment, with technical and organizational measures and security and interoperability requirements". OBJECTIVE: To identify specific security measures that nodes participating in health data spaces shall implement based on the results of the IMPaCT-Data project, whose goal is to facilitate the exchange of electronic health records (EHR) between public entities based in Spain and the secondary use of this information for precision medicine research in compliance with the General Data Protection Regulation (GDPR). DATA AND METHODS: This article presents an analysis of 24 out of a list of 72 security measures identified in the Spanish National Security Scheme (ENS) and adopted by members of the federated data infrastructure developed during the IMPaCT-Data project. RESULTS: The IMPaCT-Data case helps clarify roles and responsibilities of entities willing to participate in the EHDS by reconciling technical system notions with the legal terminology. Most relevant security measures for Data Space Gatekeepers, Enablers and Prosumers are identified and explained. CONCLUSION: The EHDS can only be viable as long as the fiduciary duty of care of public health authorities is preserved; this implies that the secondary use of personal data shall contribute to the public interest and/or to protect the vital interests of the data subjects. This condition can only be met if all nodes participating in a health data space adopt the appropriate organizational and technical security measures necessary to fulfill their role.
Subject(s)
Computer Security , Electronic Health Records , Precision Medicine , Precision Medicine/methods , Humans , Spain , Europe , ConfidentialityABSTRACT
Biomedical data are generated and collected from various sources, including medical imaging, laboratory tests and genome sequencing. Sharing these data for research can help address unmet health needs, contribute to scientific breakthroughs, accelerate the development of more effective treatments and inform public health policy. Due to the potential sensitivity of such data, however, privacy concerns have led to policies that restrict data sharing. In addition, sharing sensitive data requires a secure and robust infrastructure with appropriate storage solutions. Here, we examine and compare the centralized and federated data sharing models through the prism of five large-scale and real-world use cases of strategic significance within the European data sharing landscape: the French Health Data Hub, the BBMRI-ERIC Colorectal Cancer Cohort, the federated European Genome-phenome Archive, the Observational Medical Outcomes Partnership/OHDSI network and the EBRAINS Medical Informatics Platform. Our analysis indicates that centralized models facilitate data linkage, harmonization and interoperability, while federated models facilitate scaling up and legal compliance, as the data typically reside on the data generator's premises, allowing for better control of how data are shared. This comparative study thus offers guidance on the selection of the most appropriate sharing strategy for sensitive datasets and provides key insights for informed decision-making in data sharing efforts.
Subject(s)
Biological Science Disciplines , Information Dissemination , Humans , Medical Informatics/methodsABSTRACT
Background/Objectives: This study aimed to investigate whether day-long recordings with Language Environment Analysis (LENA) can be utilized in a hospital-based Auditory Verbal Therapy (AVT) program in Denmark for children with hearing loss and to conduct a pilot validation in the Danish language. Methods and materials: A license for the LENA system (LENA SP) was purchased, and trials were offered to three families enrolled in the AVT program. Each family made two day-long recordings with 3-4 months in between and received feedback during the therapy sessions. From 18 × 10-min clips randomly pulled out of the recordings, a comparison of adult word counts (AWC) between the LENA algorithm counts and the counts made by two human transcribers was made and used for the pilot validation. Results: LENA proved to be valuable as a guiding tool for Danish parents. Pilot validation showed good correlations and an acceptable limit of agreement (LoA). Conclusions: LENA holds the potential for Danish validation and use in AVT/clinical practice. When used in clinical practice, parents must be informed of the biases and limitations, and possible ethical issues must be considered. Because of the GDPR rules, there is a need to discuss the possibility of implementing this tool clinically in Denmark and the EU.
ABSTRACT
Introduction: Sharing microbiome data among researchers fosters new innovations and reduces cost for research. Practically, this means that the (meta)data will have to be standardized, transparent and readily available for researchers. The microbiome data and associated metadata will then be described with regards to composition and origin, in order to maximize the possibilities for application in various contexts of research. Here, we propose a set of tools and protocols to develop a real-time FAIR (Findable. Accessible, Interoperable and Reusable) compliant database for the handling and storage of human microbiome and host-associated data. Methods: The conflicts arising from privacy laws with respect to metadata, possible human genome sequences in the metagenome shotgun data and FAIR implementations are discussed. Alternate pathways for achieving compliance in such conflicts are analyzed. Sample traceable and sensitive microbiome data, such as DNA sequences or geolocalized metadata are identified, and the role of the GDPR (General Data Protection Regulation) data regulations are considered. For the construction of the database, procedures have been realized to make data FAIR compliant, while preserving privacy of the participants providing the data. Results and discussion: An open-source development platform, Supabase, was used to implement the microbiome database. Researchers can deploy this real-time database to access, upload, download and interact with human microbiome data in a FAIR complaint manner. In addition, a large language model (LLM) powered by ChatGPT is developed and deployed to enable knowledge dissemination and non-expert usage of the database.
Subject(s)
Microbiota , Humans , Microbiota/genetics , Databases, Factual , Metadata , Metagenome , Information Dissemination , Computational Biology/methods , Metagenomics/methods , Databases, GeneticABSTRACT
Background: The ORCHESTRA project, funded by the European Commission, aims to create a pan-European cohort built on existing and new large-scale population cohorts to help rapidly advance the knowledge related to the prevention of the SARS-CoV-2 infection and the management of COVID-19 and its long-term sequelae. The integration and analysis of the very heterogeneous health data pose the challenge of building an innovative technological infrastructure as the foundation of a dedicated framework for data management that should address the regulatory requirements such as the General Data Protection Regulation (GDPR). Methods: The three participating Supercomputing European Centres (CINECA - Italy, CINES - France and HLRS - Germany) designed and deployed a dedicated infrastructure to fulfil the functional requirements for data management to ensure sensitive biomedical data confidentiality/privacy, integrity, and security. Besides the technological issues, many methodological aspects have been considered: Berlin Institute of Health (BIH), Charité provided its expertise both for data protection, information security, and data harmonisation/standardisation. Results: The resulting infrastructure is based on a multi-layer approach that integrates several security measures to ensure data protection. A centralised Data Collection Platform has been established in the Italian National Hub while, for the use cases in which data sharing is not possible due to privacy restrictions, a distributed approach for Federated Analysis has been considered. A Data Portal is available as a centralised point of access for non-sensitive data and results, according to findability, accessibility, interoperability, and reusability (FAIR) data principles. This technological infrastructure has been used to support significative data exchange between population cohorts and to publish important scientific results related to SARS-CoV-2. Conclusions: Considering the increasing demand for data usage in accordance with the requirements of the GDPR regulations, the experience gained in the project and the infrastructure released for the ORCHESTRA project can act as a model to manage future public health threats. Other projects could benefit from the results achieved by ORCHESTRA by building upon the available standardisation of variables, design of the architecture, and process used for GDPR compliance.
ABSTRACT
The digital health space is growing rapidly, and so is the interest in sharing anonymized health data. However, data anonymization techniques have yet to see much coverage in the medical literature. The purpose of this article is, therefore, to provide a practical framework for anonymization with a focus on the unique properties of data from digital health applications. Literature trends, as well as common anonymization techniques, were synthesized into a framework that considers the opportunities and challenges of digital health data. A rationale for each design decision is provided, and the advantages and disadvantages are discussed. We propose a framework based on storing data separately, anonymizing the data where the identified data is located, only exporting selected data, minimizing static attributes, ensuring k-anonymity of users and their static attributes, and preventing defined metrics from acting as quasi-identifiers by using aggregation, rounding, and capping. Data anonymization requires a pragmatic approach that preserves the utility of the data while minimizing reidentification risk. The proposed framework should be modified according to the characteristics of the respective data set.
ABSTRACT
This paper discusses a landmark ruling by the Chilean Supreme Court of August 9, 2023 dealing with the right to mental privacy, originated with an action for constitutional protection filed on behalf of Guido Girardi Lavin against Emotiv Inc., a North American company based in San Francisco, California that is commercializing the device "Insight." This wireless device functions as a headset with sensors that collect information about the brain's electrical activity (i.e., neurodata). The discussion revolves around whether neurodata can be considered personal data and whether they could be classified into a special category. The application of the present legislation on data (the most obsolete, such as the Chilean law, and the most recent EU law) does not seem adequate to protect neurodata. The use of neurodata raises ethical and legal concerns that are not fully addressed by current regulations on personal data protection. Despite not being necessarily considered personal data, neurodata represent the most intimate aspects of human personality and should be protected in light of potential new risks. The unique characteristics of neurodata, including their interpretive nature and potential for revealing thoughts and intentions, pose challenges for regulation. Current data protection laws do not differentiate between different types of data based on their informational content, which is relevant for protecting individual rights. The development of new technologies involving neurodata requires particular attention and careful consideration to prevent possible harm to human dignity. The regulation of neurodata must account for their specific characteristics and the potential risks they pose to privacy, confidentiality, and individual rights. The answer lies in the reconfiguration of human rights known as "neurorights" that goes beyond the protection of personal data.
ABSTRACT
This paper contributes to the exploration of the potential application of duties related to the diligent anticipation of the (imminent) harms and (potential) benefits to humans that scientific innovation engenders to health-related contexts. In particular, it addresses the intersection between the human right to science and health-related data processing, which plays a key role in the production, translation and implementation of biomedical knowledge. The first part of the paper provides a brief recap of the interpretation of the right to science based on Art. 15 (1) (b) of the United Nations International Covenant on Economic, Social and Cultural Rights (hereafter ICESCR or Covenant) and the resulting obligations for States in the context of health and related data processing. The second part of the paper defines the relevance of the ICESCR for EU Member States and the European Union. In the third part, theses are put forward on how the human right to science and the obligations under Art. 15 (1) (b) ICESCR influence the interpretation and application of the General Data Protection Regulation as secondary EU law. By examining the justifications for using the right to science to interpret EU data protection law and by providing interpretation and application guidance on the main data protection principles in the area of health-related data processing, taking this right into account, the aim is to shape the EU data governance framework to meet the requirements of this human right. In doing so, the paper aims to close the gaps in the interpretation and application of the main rules of EU data protection law. Such standardization in the health-related context can contribute to a coherent interpretation and application of existing rules by referring to this emerging human right. Against this background, the paper identifies governance measures that the EU legislator could take to guide the processing of health-related data in line with the requirements of the right to science.
ABSTRACT
With the increasing prevalence of artificial intelligence (AI) and other digital technologies in healthcare, the ethical debate surrounding their adoption is becoming more prominent. Here I consider the issue of gaining informed patient consent to AI-enhanced care from the vantage point of the United Kingdom's National Health Service setting. I build my discussion around two claims from the World Health Organization: that healthcare services should not be denied to individuals who refuse AI-enhanced care and that there is no precedence to seeking patient consent to AI-enhanced care. I discus U.K. law relating to patient consent and the General Data Protection Regulation to show that current standards relating to patient consent are adequate for AI-enhanced care. I then suggest that in the future it may not be possible to guarantee patient access to non-AI-enhanced healthcare, in a similar way to how we do not offer patients manual alternatives to automated healthcare processes. Throughout my discussion I focus on the issues of patient choice and veracity in the patient-clinician relationship. Finally, I suggest that the best way to protect patients from potential harms associated with the introduction of AI to patient care is not via an overly burdensome patient consent process but via evaluation and regulation of AI technologies.
ABSTRACT
The potential benefits of digital health technologies in population-based health research depend mainly on whether and to what extent these technologies can be based on the processing of personal health data. However, there needs to be more certainty in the application and interpretation of the relevant legal regulations on the processing of research data using digital health technologies. Research practice primarily uses consent as a legitimation basis for data processing, although the information model of the German and European legislator, with its ambitious requirements for voluntary and informed consent, is unrealistic and needs to be revised. Even the concepts of broad consent, dynamic consent, and meta consent, which represent alternatives to the classic consent solution, cannot remedy all the deficits of the consent model.In order to guarantee the informational self-determination of the persons concerned and, at the same time, keep an eye on the interests of research in the public health sector, data protection for research purposes must be further developed. Solutions should not only be tailored to consent behavior but must also consider the legitimization of research data processing without consent or aim to remove the personal reference of the data irretrievably. To date, the law has only fulfilled its task of striking an appropriate balance between the interests of all stakeholders to a limited extent. However, improvement is in sight, especially given current regulatory initiatives and new legal solutions. This discussion article illustrates the ambivalent role of law: on the one hand, health data protection law is often perceived as an obstacle to innovation, but on the other hand, law can pave the way for digital health technologies if further developed.
Subject(s)
Informed Consent , Public Health , Germany , Computer SecurityABSTRACT
The General Data Protection Regulation (GDPR) of the European Union, which became applicable in 2018, contains a new accountability principle. Under this principle, controllers (ie parties determining the purposes and the means of the processing of personal data) are responsible for ensuring and demonstrating the overall compliance with the GDPR. However, interpretive uncertainties of the GDPR mean that controllers must exercise considerable judgement in designing and implementing an appropriate compliance strategy, making GDPR compliance both complex and resource-intensive. In this article, we provide conceptual clarity around GDPR compliance with respect to one core aspect of the law: the determination and relevance of the purpose of personal data processing. We derive from the GDPR's text concrete requirements for purpose specification, which we subsequently apply to the area of secondary use of personal data for scientific research. We offer guidance for correctly specifying purposes of data processing under different research scenarios. To illustrate the practical necessity of purpose specification for GDPR compliance, we then show how our proposed approach can enable controllers to meet their compliance obligations, using the example of the overarching GDPR principle of lawfulness to highlight the relevance of purpose specification for the identification of a suitable legal basis.
ABSTRACT
BACKGROUND: Individuals with diabetes rely on medical equipment (eg, continuous glucose monitoring (CGM), hybrid closed-loop systems) and mobile applications to manage their condition, providing valuable data to health care providers. Data sharing from this equipment is regulated via Terms of Service (ToS) and Privacy Policy documents. The introduction of the Medical Devices Regulation (MDR) and In Vitro Diagnostic Medical Devices Regulation (IVDR) in the European Union has established updated rules for medical devices, including software. OBJECTIVE: This study examines how data sharing is regulated by the ToS and Privacy Policy documents of approved diabetes medical equipment and associated software. It focuses on the equipment approved by the Norwegian Regional Health Authorities. METHODS: A document analysis was conducted on the ToS and Privacy Policy documents of diabetes medical equipment and software applications approved in Norway. RESULTS: The analysis identified 11 medical equipment and 12 software applications used for diabetes data transfer and analysis in Norway. Only 3 medical equipment (OmniPod Dash, Accu-Chek Insight, and Accu-Chek Solo) were registered in the European Database on Medical Devices (EUDAMED) database, whereas none of their respective software applications were registered. Compliance with General Data Protection Regulation (GDPR) security requirements varied, with some software relying on adequacy decisions (8/12), whereas others did not (4/12). CONCLUSIONS: The study highlights the dominance of non-European Economic Area (EEA) companies in medical device technology development. It also identifies the lack of registration for medical equipment and software in the EUDAMED database, which is currently not mandatory. These findings underscore the need for further attention to ensure regulatory compliance and improve data-sharing practices in the context of diabetes management.
ABSTRACT
Dynamic consent management allows a data subject to dynamically govern her consent to access her data. Clearly, security and privacy guarantees are vital for the adoption of dynamic consent management systems. In particular, specific data protection guarantees can be required to comply with rules and laws (e.g., the General Data Protection Regulation (GDPR)). Since the primary instantiation of the dynamic consent management systems in the existing literature is towards developing sustainable e-healthcare services, in this paper, we study data protection issues in dynamic consent management systems, identifying crucial security and privacy properties and discussing severe limitations of systems described in the state of the art. We have presented the precise definitions of security and privacy properties that are essential to confirm the robustness of the dynamic consent management systems against diverse adversaries. Finally, under those precise formal definitions of security and privacy, we have proposed the implications of state-of-the-art tools and technologies such as differential privacy, blockchain technologies, zero-knowledge proofs, and cryptographic procedures that can be used to build dynamic consent management systems that are secure and private by design.
ABSTRACT
BACKGROUND: Since the COVID-19 pandemic, there has been a boost in the digital transformation of the human society, where wearable devices such as a smartwatch can already measure vital signs in a continuous and naturalistic way; however, the security and privacy of personal data is a challenge to expanding the use of these data by health professionals in clinical follow-up for decision-making. Similar to the European General Data Protection Regulation, in Brazil, the Lei Geral de Proteção de Dados established rules and guidelines for the processing of personal data, including those used for patient care, such as those captured by smartwatches. Thus, in any telemonitoring scenario, there is a need to comply with rules and regulations, making this issue a challenge to overcome. OBJECTIVE: This study aimed to build a digital solution model for capturing data from wearable devices and making them available in a safe and agile manner for clinical and research use, following current laws. METHODS: A functional model was built following the Brazilian Lei Geral de Proteção de Dados (2018), where data captured by smartwatches can be transmitted anonymously over the Internet of Things and be identified later within the hospital. A total of 80 volunteers were selected for a 24-week follow-up clinical trial divided into 2 groups, one group with a previous diagnosis of COVID-19 and a control group without a previous diagnosis of COVID-19, to measure the synchronization rate of the platform with the devices and the accuracy and precision of the smartwatch in out-of-hospital conditions to simulate remote monitoring at home. RESULTS: In a 35-week clinical trial, >11.2 million records were collected with no system downtime; 66% of continuous beats per minute were synchronized within 24 hours (79% within 2 days and 91% within a week). In the limit of agreement analysis, the mean differences in oxygen saturation, diastolic blood pressure, systolic blood pressure, and heart rate were -1.280% (SD 5.679%), -1.399 (SD 19.112) mm Hg, -1.536 (SD 24.244) mm Hg, and 0.566 (SD 3.114) beats per minute, respectively. Furthermore, there was no difference in the 2 study groups in terms of data analysis (neither using the smartwatch nor the gold-standard devices), but it is worth mentioning that all volunteers in the COVID-19 group were already cured of the infection and were highly functional in their daily work life. CONCLUSIONS: On the basis of the results obtained, considering the validation conditions of accuracy and precision and simulating an extrahospital use environment, the functional model built in this study is capable of capturing data from the smartwatch and anonymously providing it to health care services, where they can be treated according to the legislation and be used to support clinical decisions during remote monitoring.