[Medical Journal Article] Developers neglect privacy and security in health apps
Health applications are enjoying a boom. There are already some 100,000 on the market on iOS (Apple) and Android platforms, generating 4.5 billion dollars’ worth (around 3.3 billion euros) of business. In Spain, a third of smartphone users will have installed at least one health application this year, according to a report from The App Date.
However, as Borja Martínez, researcher in the Telemedicine and eHealth Group at the University of Valladolid, explains to SINC: “These applications do not handle information securely and this is especially serious in apps that use clinical or medical data that are particularly critical for the user”.
These applications don’t have secure data processing and this is especially serious in apps that use clinical or medical data
Martínez is the lead author of a study that reviews these problems and proposes a series of recommendations for developers to improve the handling of information that should be confidential. The work was published in January in the ‘Journal of Medical Systems’.
This young engineer points out that “the developers, in their haste to get their applications out before the rest, neglect certain aspects that should be considered, especially privacy and security of data handled. Today the majority of health apps do not offer the user sufficient measures to protect their data”.
In their opinion, “the main risk is that someone can hack into the personal medical information of another individual or, even worse, modify it”.
A clear example, warns the researcher, “would be an app that saves electronic medical histories. If a third party unconnected with the app were to access the stored information and change any patient details, such as take away an allergy to certain medication, it could put the life of this person at risk should the case arise”.
Also, “another significant problem is that health professionals and the patients themselves are not aware of the methods that apps use with regard to the privacy and security of their data. Many take it for granted that the application is secure and others couldn’t care less. I believe that greater collaboration between countries is necessary to create international laws which are in charge of monitoring these aspects,” he says.
What can be done? According to Borja Martínez, “many things [although] it all boils down to developers analysing the type of data that their apps are going to be dealing with and applying the necessary security and privacy methods”.
Each case is different, he states….
No comments yet.