Study finds “serious problems with privacy” in mobile health apps

Patients should be informed about potential privacy risks before installation and use

An in-depth analysis of more than 20,000 health-related mobile applications (mHealth apps) published by The BMJ today finds “serious problems with privacy and inconsistent privacy practices.”

The researchers say the collection of personal user information is “a pervasive practice” and that patients “should be informed on the privacy practices of these apps and the associated privacy risks before installation and use.”

Of the 2.8 million apps on Google Play and the 1.96 million apps on Apple Store, an estimated 99,366 belong to the medical and health and fitness categories (known collectively as mobile health or mHealth apps).

They include the management of health conditions and symptom checking to step and calorie counters and menstruation trackers and often contain sensitive health information.

App developers routinely, and legally, share user data, but inadequate privacy disclosures have been repeatedly found for many mHealth apps, preventing users from making informed choices around the data.

To explore this further, researchers at Macquarie University in Australia identified more than 15,000 free mHealth apps in the Google Play store and compared their privacy practices with a random sample of more than 8,000 non-health apps.

They found that while mHealth apps collected fewer user data than other types of mobile apps, 88% could access and potentially share personal data.

For example, about two thirds could collect advert identifiers or cookies, one third could collect a user’s email address, and about a quarter could identify the mobile phone tower to which a user’s device is connected, potentially providing information on the user’s geolocation.

Only 4% of mHealth apps actually transmitted data (mostly user’s name and location information). However, the researchers say this percentage is substantial and should be taken as a lower bound for the real data transmissions performed by the apps.

What’s more, 87.5% of data collection operations and 56% of user data transmissions were on behalf of third party services, such as external advertisers, analytics, and tracking providers, and 23% of user data transmissions occurred on insecure communication channels.

The top 50 third parties were responsible for most (68%) of the data collection operations, which most commonly were a small number of tech corporations, including Google, Facebook, and Yahoo!

The researchers also found that 28% (5,903) of the mHealth apps did not offer any privacy policy text, and at least 25% (15,480) of user data transmissions violated what was stated in the privacy policies. Yet only 1.3% (3,609) of user reviews raised concerns about privacy.

These are observational findings and the researchers point to some limitations. For instance, some parts of the apps might not have been triggered during testing, and restricting the analysis to free apps might have introduced bias. 

However, they say their study presents a broad assessment of mHealth apps compared with previous studies, and they conclude: “This analysis found serious problems with privacy and inconsistent privacy practices in mHealth apps. Clinicians should be aware of these and articulate them to patients when determining the benefits and risks of mHealth apps.”

They point out that consumers can make it more difficult to be tracked by disabling advert identifiers, adjusting app permissions, and using advert blockers, but say “we must also advocate for greater scrutiny, regulation, and accountability on the part of key players behind the scenes - the app stores, digital advertisers, and data brokers - to address whether these data should exist and how they should be used, and to ensure accountability for harms that arise.”

Tags : #MobileHealthAppa #GooglePlaystore #AppleStore #TheBMJ

About the Author


Team Medicircle

Related Stories

Loading Please wait...

-Advertisements-




Trending Now

Exploring the Link Between Covid-19 Vaccination and Sudden Cardiac Arrests: ICMR StudyNovember 22, 2023
Powering the Future: China's Biodegradable Wireless System for Bioelectronic InnovationNovember 22, 2023
IMS BHU Pioneers Advanced Cardiac Care: Unveiling Cutting-Edge Technologies for Precise DiagnosisNovember 18, 2023
Inito's $6 Million Boost: Transforming Women's Health with AI-Backed Fertility MonitoringNovember 18, 2023
Madras High Court Advocates for Equality: PG Medical Students to Receive Incentive Marks for COVID-19 DutyNovember 18, 2023
Next-Gen Healthcare: CarePods and AI Redefine the Patient ExperienceNovember 17, 2023
Air Quality Crisis: Alarming Rise in Premature Births Linked to Air Quality in Begusarai, BiharNovember 17, 2023
Limerick Contest-2023: A Celebration of Wit and PoetryNovember 17, 2023
IIIT-Hyderabad among top 100 institutions for 5G Use Case LabNovember 17, 2023
Powerful, motivating and inspiring talks marked TEDx Hyderabad Women 2023 which was held with the theme "Two Steps ForwardNovember 17, 2023
Speaking the Diagnosis: How AI in Voice Analysis Is Revolutionizing Diabetes DetectionNovember 17, 2023
FDA Approves Zepbound: A New Medication for Weight Loss by Eli LillyNovember 17, 2023
CoverSelf Raises $8.2 Million in Seed Funding to Revolutionize Healthcare Claims with Innovative Fintech PlatformNovember 16, 2023
From Miracle to Medic: The Extraordinary Journey of India's First Paediatric Liver Transplant RecipientNovember 16, 2023
Combatting Chikungunya: Valneva's Chikungunya Vaccine Cleared by USFDA, Eyes India LaunchNovember 16, 2023
Global Corporate Summit 2023 with the theme Unlocking Opportunities in a Dynamic World heldNovember 16, 2023
2nd IHub-Data Mobility Summit heldNovember 16, 2023
Revolutionary AI-powered technology detects multiple abdominal pathologies simultaneouslyNovember 16, 2023
1 Out of 3 Stroke Patients Suffer Long-Term Health Complications, Says NeurologistNovember 16, 2023
Amrita Hospital, Kochi, Launches App for People with Swallowing DifficultiesNovember 15, 2023