Health apps pose privacy risks, but experts offer this advice
Like ordering a ride or food delivery on your smartphone, keeping track of your heart rate, blood pressure or weight is just a few taps away thanks to thousands of free or inexpensive health apps.
But with each click, you may be unwittingly handing over your health data to a third party.
As health apps skyrocket in popularity, experts and medical organizations have begun warning consumers of the hidden dangers. In May, the American Medical Association called on lawmakers and the health care industry to install “regulatory guardrails” to protect all types of patient privacy in the digital age.
Until that happens, health app users are largely unprotected from having their data passed along to tech giants and marketing companies that might target them with ads, said Mohammed Abdullah, senior author of a new study about privacy issues and apps.
The study, being presented at the American Heart Association’s virtual Hypertension Scientific Sessions that begins Thursday, examined 35 diabetes mobile apps and found that all of them gave data to a third party, even in cases where the app’s privacy policy said it wouldn’t. The research is considered preliminary until published in a peer-reviewed journal.
“Right now, there are no limitations on what companies can do with this data,” said Abdullah, a medical student at the University of Texas Medical Branch in Galveston. “As technology and health care become further intertwined and companies spend billions of dollars on health care-related apps, it’s becoming more and more important to make sure we have checks and balances in place.”
That’s because the data on health apps, he said, is not safeguarded by HIPAA, the 1996 law that protects health information gathered by doctors and health systems.
“Right now, it’s like the Wild West, with zero protection,” said Dr. David Grande, author of a study about health privacy in the digital age published in July in JAMA Network Open. “Health privacy concerns are growing at an astronomical pace, but we still have a very antiquated view of them.”
For example, Grande said many Americans are unaware that once their health data is collected, it’s available online forever. In Europe, “right to be forgotten” online privacy laws offer consumers some protection. But in the U.S., digital health info is “immortal,” he said.
“People don’t understand all the digital footprints they’re leaving behind each time they interact with heath apps, and frankly, it’s very hard to understand. Who on earth would want to read a long, complicated privacy agreement?” said Grande, policy director at the University of Pennsylvania’s Leonard Davis Institute of Health Economics in Philadelphia.
As arduous as that task might seem, Abdullah urges people to take five minutes to read the agreements and find out what might happen to their data once they click “agree.”
“You have to weigh the risks and benefits,” he said. “The app might help patients track their blood sugar, but is it worth using if you know your data might possibly be shared?”
For consumers concerned with privacy, one red flag is the presence of ads on the health app.
“If you open the app and find ad services, you can be sure your data is being sent off to a third party in some way, shape or form,” Abdullah said.
Another tip is to check the app’s automatic settings and make changes that will protect privacy, like turning off your location. But that, too, has a drawback, Grande said. “In some cases, turning off privacy settings makes an app harder to use.”
Like many internet-based services, health apps are usually free to download, with app-makers earning money through advertising or selling data to third parties, he said.
However, that business model could change if lawmakers start enacting stricter guidelines and consumers become more willing to pay for health apps.
Source: Read Full Article