Health News for Senior Citizens
Health News for Seniors
Smartphone diabetes apps regularly share your personal info
Study in JAMA finds few have privacy policies
March 9, 2016 - In the transmission analysis that included 65 smartphone apps, sensitive health information from diabetes apps (e.g., insulin and blood glucose levels) was routinely collected and shared with third parties, according to a new study.
The researchers found 86 percent of apps placing tracking cookies and 76 percent without privacy policies. Of the 19 apps with privacy policies that shared data with third parties, 11 apps disclosed this fact, whereas 8 apps did not.
In a study publisdhed in the March 8 issue of JAMA, Sarah R. Blenner, J.D., M.P.H., of the Illinois Institute of Technology Chicago-Kent College of Law, Chicago, and colleagues examined the privacy policies of Android diabetes apps and the sharing of health information.
One-fifth of smartphone owners had health apps in 2012. Health apps can transmit sensitive medical data, including disease status and medication compliance.
The researchers found that privacy risks and the relationship between privacy disclosures and practices of health apps had not been well studied before.
For their study, the researchers identified all Android diabetes apps by searching Google Play using the term diabetes, and collected and analyzed privacy policies and permissions.
The authors installed a random subset of apps to determine whether data were transmitted to third parties, defined as any website not directly under the developer’s control, such as data aggregators or advertising networks.
Most of the 211 diabetes apps (81 percent) in the study did not have privacy policies. Only 4 policies said they would ask users for permission to share data.
“This study demonstrated that diabetes apps shared information with third parties, posing privacy risks because there are no federal legal protections against the sale or disclosure of data from medical apps to third parties,” the authors write.
“The sharing of sensitive health information by apps is generally not prohibited by the Health Insurance Portability and Accountability Act.