Some clinically-accredited health apps may be failing to meet data protection regulations, new research suggests
Some clinically-accredited health apps may be failing to meet data protection regulations, new research suggests.
The international researchers, led by Imperial College London, reviewed 79 apps that were listed on the UK NHS Health Apps Library (a curated list of apps for patient and public use) for six months. The apps covered health areas such as weight loss, alcohol harm reduction, smoking cessation and long-term condition self-care.
Responding to the results Kit Huckvale, study author, said: “Our study suggests that the privacy of users of accredited apps may have been unnecessarily put at risk, and challenges claims of trustworthiness offered by the current national accreditation scheme being run through the NHS.”
At the moment, to be listed in the Health Apps Library, developers are required to declare any data transmissions and register with the UK’s Information Commissioner’s Office – the body that enforces the Data Protection Act.
Huckvale added: “It is known that apps available through general marketplaces had poor and variable privacy practices, for example, failing to disclose personal data collected and sent to a third party. However, it was assumed that accredited apps – those that had been badged as trustworthy by organisational programs such as the UK’s NHS Health Apps Library – would be free of such issues.”