Why hackers love health apps

Most health apps don't have good privacy or security safeguards.

WASHINGTON—That handy health app on your phone—the one with access to your medical history, your doctor’s name, even your home address—may be vulnerable to hackers. Technology experts discussed the risks at a House hearing July 14 with the Energy and Commerce subcommittee.

The fast growth of information technologies in the health care sector has outpaced the industry’s efforts to safeguard them. A report by IMS Health, a research and service provider for health care professionals, showed that more than 165,000 mobile health (or mHealth) apps were available in 2013. Many of the apps offer access to users’ electronic health records from doctors or hospitals.

Hackers particularly love the kind of medical information stored in health apps because it’s harder to change. A stolen credit card number can be cancelled, but medical histories, and the home addresses and Social Security numbers that often go into medical records—these things are hard to change and can therefore be sold for a higher price on the black market.

Few privacy policies and no regulation

Health apps are popular, but not very private. One-fifth of mobile devices in the United States have a health app installed. A study in the March issue of the Journal of the American Medical Association in March, however, showed that of 271 apps studied, 81 percent did not have privacy policies. Of the 19 percent (41 apps) that did have privacy policies, only four specified that they would seek permission before sharing data with third parties.

The act of selling of data collected by the apps isn’t regulated. Health apps also are not subject to privacy and security regulations in the Health Insurance Portability and Accountability Act (HIPAA).

Nicolas Terry, Indiana University Maurer School of Law Professor and a health care technologies regulation expert, called for Federal regulatory agencies to step in and create patient-information protections for the apps. “The most disruptive mobile health apps are those that are patient-facing,” Terry explained, referring to apps where information is directly available to users. Such a direct app-patient relationship lacks any professional buffer between the user and the information, he said. As a result, traditional regulation of safety, quality, and confidentiality suffer.

“Patient privacy should be well addressed. The selling of this information should be more transparent,” said Diane Johnson, director of the Strategic Regulatory at Johnson & Johnson, a multinational medical products and services provider that offers a number of mHealth apps. Johnson and others stressed that for mHealth app users, it’s a case of buyer beware.

Here's one ray of hope: Data saved in individual devices may be safer than data saved to clouds, said Bettina Experton, president of Humetrix, a health app developer based in Del Mar, California. Users’ information is “highly secure in personal devices,” Experton said. “Your phone can store securely when it’s encrypted. It’s in your hands and under your control.”

Join the PC World newsletter!

Error: Please check your email address.

Tags dataprivacy policiesinfosecappshealthmHealthPrivasechealth appsprivacysecurity in health

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Xuanyan Ouyang

PC World (US online)
Show Comments

Father’s Day Gift Guide

Most Popular Reviews

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?