Privacy and Medical Apps

Epilepsy News From: Wednesday, April 20, 2016

Medical applications (apps) for smartphones have grown significantly in popularity in recent years. These apps can be a powerful tool for self-management of health concerns ranging from diet and exercise to specific diseases. For people with epilepsy, available apps can help provide a seizure diary, help track seizure triggers, and provide medication reminders along with many other features. Because these apps collect and transmit sensitive personal health information, it is important for users to understand what safeguards are in place to protect their privacy.

How safe are apps?

A study published in Journal of the American Medical Association suggests that medical information collected on many apps is not protected (Blenner SR et al, 2015). In an analysis of over 200 diabetes apps, the authors found that 81% had no privacy policy. Even those with a stated policy may not fully protect personal data. For example, almost half with privacy policies still shared the collected data with third parties. Shared data included very specific details such as blood sugar readings and medication use.

Similar concerns were raised in a study from the United Kingdom examining apps for a broad range of health topics recommended for clinical quality by their national health service (Huckvale K et al, 2015). That study found that 89% of the apps transmitted data to third parties, usually without any encryption. While 67% of the apps had a privacy policy, many were inadequate or lacked detail as to what information was protected.

How can you protect your personal health information when using an app?

No mechanism is perfect, but the following measures may help protect your privacy:

  • Verify that the app has a privacy policy.
  • Read the privacy policy to understand what is or is not protected.
    • Is your personal information shared with or sold to third parties? If yes, for what purpose (e.g., research, advertising, etc.)?
    • If the data pertains to a child, is parental consent required?
    • Can you opt out of data sharing?
    • Are cookies (tracking codes) used?
    • Is there a procedure for your data to be deleted?

References

Blenner SR, Kollmer M, Rouse AJ, Daneshvar N, Williams C, Andrews LB. Privacy policies of android diabetes apps and sharing of health information. JAMA (2016) 315: 1051-2.

Huckvale K, Prieto JT, Tilney M, Benghozi P, Car J. Unaddressed privacy risks in accredited health and wellness apps: a cross-sectional systematic assessment. BMC Med (2015) 13: 214-26.

Back

Authored by

Katherine Noe MD, PhD

Reviewed Date

Wednesday, April 20, 2016

Sign Up for Emails

Stay up to date with the latest epilepsy news, stories from the community, and more.

Subscribe