Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
110 tokens/sec
GPT-4o
56 tokens/sec
Gemini 2.5 Pro Pro
44 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

A Qualitative Analysis Framework for mHealth Privacy Practices (2405.17971v1)

Published 28 May 2024 in cs.CY

Abstract: Mobile Health (mHealth) applications have become a crucial part of health monitoring and management. However, the proliferation of these applications has also raised concerns over the privacy and security of Personally Identifiable Information and Protected Health Information. Addressing these concerns, this paper introduces a novel framework for the qualitative evaluation of privacy practices in mHealth apps, particularly focusing on the handling and transmission of sensitive user data. Our investigation encompasses an analysis of 152 leading mHealth apps on the Android platform, leveraging the proposed framework to provide a multifaceted view of their data processing activities. Despite stringent regulations like the General Data Protection Regulation in the European Union and the Health Insurance Portability and Accountability Act in the United States, our findings indicate persistent issues with negligence and misuse of sensitive user information. We uncover significant instances of health information leakage to third-party trackers and a widespread neglect of privacy-by-design and transparency principles. Our research underscores the critical need for stricter enforcement of data protection laws and sets a foundation for future efforts aimed at enhancing user privacy within the mHealth ecosystem.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (33)
  1. Consumer attitudes and perceptions on mhealth privacy and security: Findings from a mixed-methods study. Journal of Health Communication, 20(6):673–679, 2015. PMID: 25868685.
  2. Privacy in mobile technology for personal healthcare. ACM Comput. Surv., 45(1), dec 2012.
  3. Steven Black. hosts. https://github.com/StevenBlack/hosts, 2023. GitHub repository.
  4. Privacy policies of android diabetes apps and sharing of health information. Jama, 315(10):1051–1052, 2016.
  5. Federal Trade Commission. Ftc finalizes order with flo health, 2021. Accessed: 2024-03-01.
  6. Heimdall: Illuminating the hidden depths of third-party tracking in android applications. In 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pages 676–682. IEEE, 2020.
  7. Exploring the far side of mobile health: information security and privacy of mobile health apps on ios and android. JMIR mHealth and uHealth, 3(1):e3672, 2015.
  8. Exodus. Exodus privacy, 2023. Accessed: 2024-03-30.
  9. Lesley Fair. Ftc says premom shared users’ highly sensitive reproductive health data: Can it get more personal than that?, 2023. Accessed: 2024-03-15.
  10. Federal trade commission act. 15 U.S.C. §§ 41-58, 1914. Available at: https://www.ftc.gov/enforcement/statutes/federal-trade-commission-act.
  11. Regulation (eu) 2016/679 of the european parliament and of the council of 27 april 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/ec (general data protection regulation). Official Journal of the European Union, 2016. Available at: https://eur-lex.europa.eu/eli/reg/2016/679/oj.
  12. Data sharing practices of medicines related apps and the mobile ecosystem: traffic, content, and network analysis. The BMJ, 364, 2019.
  13. Health insurance portability and accountability act of 1996. Pub.L. 104–191, 110 Stat. 1936, 1996. Available at: https://www.govinfo.gov/content/pkg/PLAW-104publ191/pdf/PLAW-104publ191.pdf.
  14. Unaddressed privacy risks in accredited health and wellness apps: a cross-sectional systematic assessment. BMC medicine, 13:1–13, 2015.
  15. Global Market Insights. mhealth market - by platform (mobile apps, wearable devices), by application (communication and training, education and awareness, diagnostics and treatment, remote data collection, remote monitoring), by end-use & forecast, 2023-2032, 2022. Accessed: 2024-03-15.
  16. On the privacy, security and safety of blood pressure and diabetes apps. In Hannes Federrath and Dieter Gollmann, editors, ICT Systems Security and Privacy Protection, pages 571–584, Cham, 2015. Springer International Publishing.
  17. Period-tracking apps are monetizing women’s extremely personal data. Bloomberg.com, January 2019.
  18. Exploring privacy practices of female mhealth apps in a post-roe world. In ACM Conference on Human Factors in Computing Systems (CHI). ACM, 2024.
  19. Reviewing the data security and privacy policies of mobile apps for depression. Internet interventions, 15:110–115, 2019.
  20. The smartphone in medicine: a review of current and potential use among physicians and students. Journal of medical Internet research, 14(5):e1994, 2012.
  21. Security and privacy analysis of mobile health applications: The alarming state of practice. IEEE Access, 6:9390–9403, 2018.
  22. A taxonomy of mhealth apps – security and privacy concerns. In 2015 48th Hawaii International Conference on System Sciences, pages 3187–3196, 2015.
  23. Demo: Recon: Revealing and controlling pii leaks in mobile network traffic. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services Companion, MobiSys ’16 Companion, page 117, New York, NY, USA, 2016. Association for Computing Machinery.
  24. Comparing privacy label disclosures of apps published in both the app store and google play stores. In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 150–157, 2023.
  25. Roe v. wade. 410 U.S. 113, 1973. U.S. Supreme Court.
  26. Data security and privacy in apps for dementia: an analysis of existing privacy policies. The American Journal of Geriatric Psychiatry, 25(8):873–877, 2017.
  27. Allysan Scatterday. This is no ovary-action: Femtech apps need stronger regulations to protect data and advance public health goals. NCJL & Tech., 23:636, 2021.
  28. Data privacy concerns using mhealth apps and smart speakers: Comparative interview study among mature adults. JMIR Form Res, 6(6):e28025, Jun 2022.
  29. Security challenges in a mobile healthcare environment. In Proceedings of the IWWST, volume 5. Citeseer, 2005.
  30. Availability and quality of mobile health app privacy policies. Journal of the American Medical Informatics Association : JAMIA, 22 e1:e28–33, 2015.
  31. Mobile health and privacy: Cross sectional study. BMJ, 373:n1248, 06 2021.
  32. Rina Torchinsky. How period tracking apps and data privacy fit into a post-Roe v. Wade climate. NPR, June 2022.
  33. Mary Ziegler. The end of roe v. wade. The American Journal of Bioethics, 22(8):16–21, August 2022.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (3)
  1. Thomas Cory (4 papers)
  2. Wolf Rieder (3 papers)
  3. Thu-My Huynh (1 paper)

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets