Security, scale or functionality – pick two. This computer science principle coined by the late Professor Anderson is particularly relevant to the FemTech industry. Anderson’s Rule states that for a system to provide high functionality and security, its access may need to be limited (small scale); alternatively, offering high functionality on a larger scale, may require an acceptance of risk, e.g. of inadvertent or deliberate disclosure of information. In real life systems - including FemTech - a balance must be struck. It is no surprise, then, that the regulatory landscape for FemTech is complex and fragmented. Different jurisdictions approach the question of health/medical data in diverse ways and apply different laws and standards to the protection of personal data. All these rules are ultimately intended to mitigate the risks to personal data posed by large databases of sensitive personal information while facilitating the benefits. In part two of our series, we examine the UK, EU and US regulatory privacy landscapes and enforcement priorities and how they apply to the FemTech sector. For more, read our previous article "What is femtech and how can it meet the privacy needs of its users?".

In part one of our series "FemTech: how this growing industry can build trust, protect privacy and redress healthcare inequity… one app at a time", we take an introductory look at the industry, and offer some commercially-minded approaches to address users’ privacy needs.