![](https://thelimbic.com/wordpress/wp-content/uploads/2021/06/EF_VjTpU0AEO6bQ.jpeg)
Dr Muhammad Ikram
Cybersecurity experts says clinicians should help make patients aware of the data privacy risks when they use smartphone health apps developed for medical and health uses.
Their report, published in the BMJ, reveals that the vast majority (88%) of medical and health apps – mHealth apps – can access and potentially share personal data with third parties.
The collection of personal data by apps is not transparent and secure, and often exceeds what is publicly disclosed by app developers , the report said. And regulatory measures are often absent or vague and difficult to enforce.
Co-lead author Dr Muhammad Ikram , a lecturer in cybersecurity at Macquarie University, NSW, told the limbic that the rapid growth in popularity of health and fitness apps has come without much scrutiny of user privacy or regulatory control.
“This is really a very nascent phase for people looking into this ecosystem and the implications for privacy. This is the very first study to analyse these applications at scale,”
“In our report we suggest that patients should be informed about the privacy practices of these applications so they can make a conscious decision about the benefits and the risks of the service being offered,” he said.
In the absence of industry controls, the report recommends that clinicians should help patients guard against privacy risks before they install and use apps that can harvest sensitive information.
“Clinicians should understand the main privacy aspects of mHealth apps in their specialist area, along with their key functionalities, and be able to articulate these to patients in lay language,” the report says.
“Clinicians should resort to checking the permissions requested by the apps to access sensitive resources such as cameras, microphones, or locations; examine the app’s privacy policy; or review the app’s privacy behaviour,” the authors suggested
Data harvesting pervasive
Using a variety of data capture and analysis tools, the researchers did a privacy audit of more than 8,000 medical apps and 13,000 health and fitness apps for Android phones available on the Google Play store in Australia.