Don't expect any assurances of privacy if you use a mobile healthcare app to view patient records or your own information, according to a study published online on 20 March in BMJ.
Healthcare professionals "should be conscious of privacy risks in their own use of apps and, when recommending apps, explain the potential for loss of privacy as part of informed consent," wrote the authors led by Quinn Grundy, PhD, an assistant professor at the University of Toronto. The researchers also advocated that privacy regulators weigh the loss of privacy against benefits from the use of digital healthcare services.
Grundy and colleagues reviewed the 24 top-rated medicine-related apps for the Android mobile platform in the U.K., the U.S., Canada, and Australia. All of the apps are available to the public and provide information on dispensing, administering, prescribing, and using medicines.
Among the 24 apps analyzed, 19 (79%) shared user data outside of the app, the researchers found. Fifty-five unique entities, owned by 46 parent companies, received or processed app user data.
Of those 55 entities, 18 (33%) provided infrastructure-related services, such as cloud services, and 37 (67%) provided services related to the collection and analysis of user data; this included analytics or advertising, which would suggest a heightened risk to users' privacy.
Regulators should mandate that healthcare app developers disclose all data-sharing practices and allow users to choose what data they want shared and with whom, Grundy and colleagues recommended.