Tuesday, 13 October 2015

Health Application Security Lacking, Study Finds

As more healthcare organizations implement mobile devices, health application security is essential. However, if a recent research study is any indication, mobile applications have room for improvement when it comes to privacy and security features.

Sixty-six percent of apps sending identifying information over the Internet did not use encryption, according to the recent study published in BMC Medicine, while 20 percent did not have a privacy policy.

“Privacy badging of websites has been found to lead to modest benefits in the extent to which information uses and security arrangements are openly disclosed,” the report’s authors explained. “However, the privacy assurances offered by app programs are largely untested. In late 2013, one service had to suspend its approval program after some apps were found to be transmitting personal information without encryption.”

For the study, researchers reviewed 79 different mHealth apps, available on Android and iOS platforms. The apps covered numerous health and wellness areas, including smoking cessation features, weight loss assistance, and self-care for long-term medical conditions. Researchers then analyzed the apps over a six-month period during. During that time, patient data was fabricated and inputted. From there, the data was tracked to check for security features and results were compared to associated privacy policies.

While no app collected or transmitted information that a policy explicitly stated it would not, 78 percent of information-transmitting apps with a policy did not describe the nature of personal information included in transmissions, according to the study. For the full article click here 



from health IT caucus http://ift.tt/1Ovh8J9
via IFTTT

No comments:

Post a Comment