Background: Digital technologies, especially contact tracing apps, have been crucial in monitoring and tracing the transmission of COVID-19 worldwide. China developed health code apps as an emergency response to the pandemic with plans to use them for broader public health services. However, potential problems within privacy policies may compromise personal information (PI) protection.
Objective: We aimed to evaluate the compliance of the privacy policies of 30 health code apps in the mainland of China with the Personal Information Protection Law (PIPL) and related specifications.
Methods: We reviewed and assessed the privacy policies of 30 health code apps between August 26 and September 6, 2023. We used a 3-level indicator scale based on the information life cycle as provided in the PIPL and related specifications. The scale comprised 7 level-1 indicators, 26 level-2 indicators, and 71 level-3 indicators.
Results: The mean compliance score of the 30 health code apps was 59.9% (SD 22.6%). A total of 13 (43.3%) apps scored below this average, and 6 apps scored below 40%. Level-1 indicator scores included the following: general attributes (mean 85.6%, SD 23.3%); PI collection and use (mean 66.2%, SD 22.7%); PI storage and protection (mean 63.3%, SD 30.8%); PI sharing, transfer, disclosure, and transmission (mean 57.2%, SD 27.3%); PI deletion (mean 52.2%, SD 29.4%); individual rights (mean 59.3%, SD 25.7%); and PI processor duties (mean 43.7%, SD 23.8%). Sensitive PI protection compliance (mean 51.4%, SD 26.0%) lagged behind general PI protection (mean 83.3%, SD 24.3%), with only 1 app requiring separate consent for sensitive PI processing. Additionally, 46.7% (n=14) of the apps needed separate consent for subcontracting activities, while fewer disclosed PI recipient information (n=13, 43.3%), safety precautions (n=11, 36.7%), and rules of PI transfer during specific events (n=10, 33.3%). Most privacy policies specified the PI retention period (n=23, 76.7%) and postperiod deletion or anonymization (n=22, 73.3%), but only 6.7% (n=2) were committed to prompt third-party PI deletion. Most apps delineated various individual rights: the right to inquire (n=25, 83.3%), correct (n=24, 80%), and delete PI (n=24, 80%); cancel their account (n=21, 70%); withdraw consent (n=20, 60%); and request privacy policy explanations (n=24, 80%). Only a fraction addressed the rights to obtain copies (n=4, 13.3%) or refuse advertisement of automated decision-making (n=1, 3.3%). The mean compliance rate of PI processor duties was only 43.7% (SD 23.8%), with significant deficiencies in impact assessments (mean 5.0%, SD 19.8%), PI protection officer appointment (mean 6.7%, SD 24.9%), regular compliance audits (mean 6.7%, SD 24.9%), and complaint management (mean 37.8%, SD 39.2%).
Conclusions: Our analysis revealed both strengths and significant shortcomings in the compliance of privacy policies of health code apps with the PIPL and related specifications considering the information life cycle. As China contemplates the future extended use of health code apps, it should articulate the legitimacy of the apps' normalization and ensure that users provide informed consent. Meanwhile, China should raise the compliance level of relevant privacy policies and fortify its enforcement mechanisms.
Download full-text PDF |
Source |
|---|---|
| http://www.ncbi.nlm.nih.gov/pmc/articles/PMC10686616 | PMC |
| http://dx.doi.org/10.2196/48714 | DOI Listing |
Publication Analysis
Top Keywords
Similar Publications
Computational Modeling Reveals a Catch-and-Guide Interaction Between Kinesin-1 and Tubulin C-Terminal Tails.
Traffic
January 2025
Center for Complex Biological Systems, University of California, Irvine, Irvine, California, USA.
The delivery of intracellular cargoes by kinesins is modulated at scales ranging from the geometry of the microtubule networks down to interactions with individual tubulins and their code. The complexity of the tubulin code and the difficulty in directly observing motor-tubulin interactions have hindered progress in pinpointing the precise mechanisms by which kinesin's function is modulated. As one such example, past experiments show that cleaving tubulin C-terminal tails (CTTs) lowers kinesin-1's processivity and velocity on microtubules, but how these CTTs intertwine with kinesin's processive cycle remains unclear.
View Article and Find Full Text PDFRoles of non-coding RNAs and exosomal non-coding RNAs, particularly microRNAs, long non-coding RNAs, and circular RNAs, in pathogenic mechanisms behind chronic pain: A review.
Int J Biol Macromol
March 2025
Department of Rheumatism and Immunology, The Fourth Hospital of Hebei Medical University, Shijiazhuang, Hebei 050000, China.
Chronic pain is a significant public health concern that diminishes patients' quality of life and imposes considerable socioeconomic costs. Effective pharmacological treatments for ongoing pain are limited. Recent studies have indicated that various models of chronic pain-such as neuropathic pain, inflammatory pain, and pain associated with cancer-have abnormal levels of long noncoding RNAs (lncRNAs).
View Article and Find Full Text PDFIsotope-coded hydrazide tags for MALDI-MS based quantitative glycomics.
Talanta
March 2025
The Key Laboratory for Biomedical Photonics of MOE at Wuhan National Laboratory for Optoelectronics, Hubei Bioinformatics & Molecular Imaging Key Laboratory, Systems Biology Theme, Department of Biomedical Engineering, College of Life Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China. Electronic address:
The detection of glycosylation alterations is essential for elucidating the roles of glycan functions in biological processes and identifying potential disease biomarkers. Stable isotopic chemical labeling, coupled with mass spectrometry (MS), represents a powerful approach in quantitative glycomics. In this study, we synthesized a novel isotopic hydrazide pair, 2,6-Dimethyl-4-chinolincarbohydrazid (DMQCH) and its deuterium isomer DMQCH-d, via an efficient and cost-effective method, and applied it for the first time in MALDI-MS-based quantitative glycomics.
View Article and Find Full Text PDFAbdominal myosteatosis is associated with lower processing speed in a multiethnic cohort of older adults.
Arch Gerontol Geriatr
March 2025
Department of Epidemiology, School of Public Health, University of Pittsburgh, Pittsburgh, PA, USA. Electronic address:
Background: Prior research linking myosteatosis with cognition in older adults has been conducted in relatively homogenous populations with narrow age ranges. We evaluated if abdominal myosteatosis was associated with processing speed in a multiethnic cohort of middle aged and older adults.
Methods: The sample included 1,268 adults (46-86 years-old, mean 63±9 years, 53 % female, 41 % White, 20 % Black, 14 % Chinese, and 25 % Hispanic), a subset from the Multi-Ethnic Study of Atherosclerosis.
A qualitative study exploring electronic health record optimisation activities in English hospitals.
Int J Med Inform
March 2025
Professor of Social Research on Technology, Institute for the Study of Science, Technology and Innovation, The University of Edinburgh, Edinburgh, UK.
Background: Hospitals increasingly implement complex electronic health record (EHR) systems to improve quality, safety and efficiency. Whilst many aspects surrounding implementation and adoption processes have been researched, the benefits of such enterprise-wide systems may take decades to materialise. Existing work on optimisation processes has focused on technological, workflow and organisational aspects of optimisation within individual clinical settings, mostly in the United States of America.
View Article and Find Full Text PDFWant AI Summaries of new PubMed Abstracts delivered to your In-box?
Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!