14 DAY TRIAL // Research carried out by UK and French scientists found that many of the mobile health apps approved by the UK NHS (National Health Service) are insecure and do not comply with the country's data protection laws.
Keeping up with the ages, healthcare, at least in developed countries, is allowing and providing patients with tools to monitor their health and well-being using their smartphones.
In the UK, the NHS is aiding its citizens by running a project called Health Apps Library, a database of officially-approved health monitoring applications.
For a mobile app to be listed in this database, it has to be submitted and go through a review process where its developers have to disclose any type of information they are logging, transmitting and storing via their app.
Despite this basic measure of protecting users against shady app developers, according to a recent research, most apps, even if they do declare what health data they log from users, don't handle it in a secure way.
Health monitoring apps don't encrypt data before sending it to online servers
Studying 79 random apps from the UK NHS Health Apps Library, the researchers found out that 70 of them transmitted patient data to online servers.
While this was not something new, since some phones cannot afford to store too much data in their small storage units, 23 of those apps were sending this data via an unencrypted communications channel.
Worse is that 4 of those apps, besides patient information, also included health-related data with their unprotected transmissions.
Furthermore, 26 of the apps did not have a privacy policy, and in the case of 38 of those 70 apps, even if they did have one, it did not specifically mention if app would be transmitting patient data to online servers.
The full research, conducted by researchers from the Imperial College London, UK, and Ecole Polytechnique CNRS, France, is available online.
