A BMJ study has found “serious problems with privacy” in mobile health apps.
The BMJ published an in-depth analysis of over 20,000 health-related mobile apps on June 15 and found that there are issues with privacy and inconsistent privacy practices.
There are 2.8 million apps on Google Play and 1.96 million on the Apple Store, approximately 99, 366 belong to medical and health fitness apps which include the management of health conditions, symptom checking and calorie counters to name a few.
App developers legally share user data, however, the BMJ has found that inadequate privacy disclosures have been found for many mHealth apps, which have stopped users from making informed choices around the data.
Researchers at Macquarie University in Australia explored this further and identified more than 15,000 free health apps in the Google Play store and compared privacy practices with a random sample of more than 8,000 non-health apps.
The researchers found about two thirds could collect advert identifiers or cookies, one third could collect a user’s email address and around a quarter could identify the mobile phone site the user was connected to, allowing the user’s geolocation to be provided.
The team at the university found that only 4% of the mHealth apps transmitted user’s data but the researchers say this figure is substantial and should be reduced.
In addition to these figures, the researchers found that 87.5 per cent of data collected and 56 per cent of user data transmissions were on behalf of third-party services.
Through the study, the team found that 28 per cent of the health apps did not offer text on privacy policies.
The research is observational findings and there are some limitations to the investigation, for example, some aspects of the apps may not have been triggered during testing.
But the researchers say the study presents a broad assessment of health apps compared with any other study, they state, “This analysis found serious problems with privacy and inconsistent privacy practices in mHealth apps. Clinicians should be aware of these and articulate them to patients when determining the benefits and risks of mHealth apps.”
Researchers have pointed out that app users can make it difficult to be tracked by disabling advert identifiers, adjusting app permissions and using advert blockers.
But they warn: “we must also advocate for greater scrutiny, regulation, and accountability on the part of key players behind the scenes – the app stores, digital advertisers, and data brokers – to address whether these data should exist and how they should be used, and to ensure accountability for harms that arise.”