Closed/Expired: Privacy Policy Snapshot Challenge

Privacy Policy Snapshot Challenge

The Privacy Policy Snapshot Challenge is a call for designers, developers, and health data privacy experts to create an online Model Privacy Notice (MPN) generator. The MPN is a voluntary, openly available resource designed to help health technology developers who collect digital health data clearly convey information about their privacy and security policies to their users. Similar to a nutrition facts label, the MPN provides a snapshot of a product’s existing privacy practices, encouraging transparency and helping consumers make informed choices when selecting products. The MPN does not mandate specific policies or substitute for more comprehensive or detailed privacy policies.

*Sign up for the informational and Q&A webinar on Thursday, January 12 at 2:00 pm ET*

In 2011, the Office of the National Coordinator for Health Information Technology (ONC) collaborated with the Federal Trade Commission (FTC) and released a Model Privacy Notice focused on personal health records (PHRs), which were the emerging technology at the time (view 2011 PHR MPN). The project’s goals were to increase consumers’ awareness of companies’ PHR data practices and empower consumers by providing them with an easy way to compare the data practices of two or more PHR companies. In the last five years, the health information technology market has changed significantly and there is now a larger variety of products such as mobile applications and wearable devices that collect digital health data.

ONC recognized a need to update the MPN to make it applicable to a broad range of consumer health technologies beyond PHRs. More and more individuals are obtaining access to their electronic health information and using consumer health technology to manage this information. As retail products that collect digital health data directly from consumers are used, such as exercise trackers, it is increasingly important for consumers to be aware of companies’ privacy and security policies and information sharing practices. Health technology developers can use the MPN to easily enter their information practices and produce a notice to allow consumers to quickly learn and understand privacy policies, compare company policies, and make informed decisions. Many consumer health technologies are offered by organizations that are not subject to the Health Insurance Portability and Accountability Act (HIPAA) privacy and security standards. This is detailed in the HHS report, Examining Oversight of the Privacy & Security of Health Data Collected by Entities Not Regulated by HIPAA, released in July 2016 by ONC’s Office of the Chief Privacy Officer with the cooperation of the HHS Office for Civil Rights (OCR) and the FTC.

The Privacy Policy Snapshot Challenge leverages updated content developed recently by ONC, with feedback from OCR, FTC, and other private and public stakeholders. The content also underwent informal consumer testing. The Privacy Policy Snapshot Challenge provides an award to the creators of the best MPN generator that produces a customizable MPN for health technology developers. The Challenge is a call for designers, developers, and health data privacy experts to create an online MPN generator that is easy for health technology developers to use in customizing a privacy notice that is compelling and understandable to consumers. Submissions will provide the code for an open source, web-based tool that allows health technology developers who collect digital health data to generate a customized privacy notice. The MPN generator must be able to produce privacy notices that adhere to the MPN content yet provide for customization by a health technology developer.


First Place$20,000.00
Second Place$10,000.00
Third Place$5,000.00
Deadline:- 10-04-2017