9 Privacy
SPARK always collects data in a secure way before automatically processing and harmonizing it for you. Professionals and participants can view their data in the frontend user interface. Participants will always retain ownership when contributing their data to your study or clinic and may always download and view their own data. Cognitive tests and survey instruments collect high quality metadata that can measure attention, focus, memory performance, and more.
9.1 Data collection
A participant signs up with an anonymous account by requesting a two-word passphrase. The identity of the participant is thus unknown to SPARK. By default, a professional can see the data of its participants, but any other access must be explicitly granted. The professionals are able to view aggregate reports that contain no identifying information about the participants.
SPARK collects data in the following ways:
- SPARK receives data about participants whenever they interact with the SPARK app, such as when a participant launches the application, clicks on, views or otherwise interacts with a feature. This may include date and time of the request, the feature requested, and completion status of the request.
- SPARK receives data from the mobile phone a participant uses to launch the SPARK app.
- SPARK receives data about a participants answers to surveys and cognitive tests.
- If a participant opts in, SPARK receives geospatial data that can tell where a participant is nearby when the participant interacts with the app.
- If the participant opts in, SPARK receives data about their step count and other information provided by Apple Health Kit or Google Fit.
9.2 Data security
The industry encryption standards AES-256 and TLSv1.3 facilitate secure storage and transmission of data in a HIPAA, COPPA, and GDPR-compliant manner.
9.3 Activity event processing
The following data is processed and saved when a participant completes an activity:
- Activity related data (in temporal slice format, e.g. answer to a survey)
- Timestamp of the execution of the activity
- Reference to the activity identifier
- Reference to the participant identifier
- Duration of the execution of the activity
Activity event data can be traced back to a participant, but no further information about the participant is known as the participant signed up with an anonymous account.
Survey question types range from multiple-choice, open questions, likert, numerical, etc. Recording activity (i.e. voice recording) data is saved base64 encoded.