These digital health tools might invisibly swipe your private info.

These digital health tools might invisibly swipe your private info.

Fitness Apps Routinely Access and Share User Data

In the era of smartphones, health-tracking apps are becoming increasingly popular. From symptom checking to diet management, numerous apps are taking over our phones, as reported by Medportal. However, these apps, due to their handling of sensitive data, raise concerns about privacy.

It's a known issue that these apps store and often share personal information with little consideration for data protection standards. Scientists from Macquarie University studied 15,000 health-related apps and discovered that a staggering 88% had access to users' personal data, potentially ready to share it. A startling finding, indeed.

Moreover, two-thirds of the apps use cookies or other identification methods, while a third obtain the email address, and a quarter collect the mobile phone number, which could facilitate geolocation tracking.

While only 4% of apps actually transfer users' data (mostly including name and location), it is still a significant figure, according to the scientists.

Muhammad Iqram, co-author of the study, explains, "Much of this information is collected and used for tracking and profiling without the user's explicit or implicit consent. Essentially, it's a form of data mining."

The majority of data collection (87.5%) is facilitated by third-party service providers, with 23% of the data transfers taking place through insecure communication channels. Notably, major corporations like Google, Yahoo!, and Facebook were found to be among the chief recipients of users' personal data.

The lack of data security agreements in 28% of the apps contradicts Google's privacy policy, though concerns seem to be relatively scarce, with only 1.3% of users expressing worries.

To safeguard their data, users can carefully review app settings and only grant necessary permissions. Stricter control over app operations is advocated by the scientists.

It's worth noting that users are generally more comfortable sharing their health data with healthcare providers (52.82%) than public and private research institutions (25.48%), indicating selective data sharing preferences among users [3]. Healthcare data breaches, affecting hundreds of millions of individuals, serve as evidence of the risks associated with digital health platforms [4].

Major corporations involved in the receiving of shared data include large healthcare organizations, insurance companies, and technology firms involved in electronic health record (EHR) platforms and app ecosystems. The U.S. market for EHR apps, which facilitate data exchange, is substantial and rapidly growing [5]. These apps must adhere to federal mandates like the 21st Century Cures Act and ONC regulations, which promote interoperability and data sharing through application programming interfaces (APIs) [5].

Historically, significant data recipients have been prominent tech firms like Google, Apple, Amazon, and Microsoft, alongside large healthcare insurers and providers, like Anthem, Kaiser Permanente, and Change Healthcare, all of which have experienced major data breaches [4]. These trends emphasize the need for increased transparency, consent management, and security measures to protect users' sensitive health information [1][4].

1. In the health-and-wellness sector, privacy concerns are often raised due to fitness apps' habitual access and sharing of user data.
2. A study by scientists from Macquarie University found that a whopping 88% of health-related apps have access to personal user data.
3. One alarming discovery was that two-thirds of these apps employ cookies or other identification methods, while a third collect email addresses and a quarter gather mobile phone numbers.
4. Although only 4% of apps transfer users' data, this is still a significant figure, raising questions about data security.
5. Muhammad Iqram, a co-author of the study, explained that much of this data is collected and used for tracking and profiling without proper consent, amounting to data mining.
6. To protect their personal data, users are advised to review app settings cautiously and only grant necessary permissions, while stronger control over app operations is recommended by the scientists.

Read also: