About Careers MedBlog Contact us

Are Your “Go To” Health Apps Sharing Your Data With Someone?

by Rishika Gupta on March 21, 2019 at 8:47 PM
Font : A-A+

 Are Your “Go To” Health Apps Sharing Your Data With Someone?

Sharing data with third parties has become a routine when it comes to using your favorite health apps, but are you sure who they share it with. The results of this study have been found to be concerning as most (19 out of 24; 79%) of the sampled apps shared user data outside of the app.

Developers should allow users to choose precisely what data are shared and with whom, say researchers.


Sharing of user data by popular mobile health applications (apps) is routine, yet far from transparent, warn experts in a study published in The BMJ today.

They say regulators should emphasize the accountabilities of those who control and process user data, and health app developers should disclose all data sharing practices and allow users to choose precisely what data are shared and with whom.

App developers routinely, and legally, share user data. But evidence suggests that many health apps fail to provide privacy assurances around data sharing practices and pose an unprecedented risk to consumers' privacy, given their ability to collect sensitive and personal health information.

So researchers led by Assistant Professor Quinn Grundy at the University of Toronto set out to investigate whether and how user data are shared by popular medicines related mobile apps and to characterize privacy risks to app users, both clinicians and consumers.

They identified 24 top rated medicines related apps for the Android mobile platform in the United Kingdom, the United States, Canada, and Australia.

All apps were available to the public, provided information about medicines dispensing, administration, prescribing, or use, and were interactive.

First, they downloaded each app onto a smartphone and used four dummy user profiles to simulate real-world use.

They ran each app 14 times and found baseline traffic relating to 28 different types of user data. They then altered one source of user information and ran the app again to detect any privacy leaks (sensitive information sent to a remote server, outside of the app). Companies receiving sensitive user data were then identified by their IP address, and their websites and privacy policies were analyzed.

Most (19 out of 24; 79%) of the sampled apps shared user data outside of the app.

A total of 55 unique entities, owned by 46 parent companies, received or processed app user data, including developers and parent companies (first parties) and service providers (third parties).

Of these, 18 (33%) provided infrastructure-related services such as cloud services and 37 (67%) provided services related to the collection and analysis of user data, including analytics or advertising, suggesting heightened privacy risks.

Network analysis revealed that first and third parties received an average of three unique transmissions of user data. Both Amazon.com and Alphabet (the parent company of Google) received the highest volume of user data (24 unique transmissions), followed by Microsoft (14).

Third parties also advertised the ability to share user data with 216 "fourth parties" including multinational technology companies, digital advertising companies, telecommunications corporations, and a consumer credit reporting agency.

Only three of these fourth parties could be characterized predominantly as belonging to the health sector.

Several companies, including Alphabet, Facebook, and Oracle, occupied central positions within the network with the ability to aggregate and re-identify user data.

The researchers point to some limitations that may have influenced the results. For example, it is unknown whether iOS apps share user data and whether these apps share user data more or less than other health apps, or apps in general.

Nevertheless, they say their findings suggest that health professionals "should be conscious of privacy risks in their own use of apps and, when recommending apps, explain the potential for loss of privacy as part of informed consent."

Privacy regulators should also consider that loss of privacy is not a fair cost for the use of digital health services; they conclude.

Source: Eurekalert


Recommended Reading

Latest Medical Gadgets

Tiny Video Capsule: A New Hope for Endoscopy
The magnetically controlled capsule endoscopy shows promising results in treating issues related to stomach.
Affordable Smartphone Attachment Enables Convenient Blood Pressure Monitoring
Scientists have developed an affordable, user-friendly clip that utilizes a smartphone's camera and flash to measure blood pressure at the user's fingertip.
 Developing Wireless Patch System to Detect Sleep Apnea at Home
Recent progress in the development of wearable devices has presented alternative ways for sleep monitoring at home, which could be useful in sleep apnea detection.
Non-Invasive Brain Imaging: A Tool to Help Paralysis Patients
Researchers develop non-invasive brain imaging techniques to help people with disabilities.
 Apple Watch New Feature Helps US Women to Get Medical Help
Heart rate notifications and the ECG app on Apple Watch give patients and their clinicians' important information about their heart health.
View All
This site uses cookies to deliver our services.By using our site, you acknowledge that you have read and understand our Cookie Policy, Privacy Policy, and our Terms of Use  Ok, Got it. Close

Are Your “Go To” Health Apps Sharing Your Data With Someone? Personalised Printable Document (PDF)

Please complete this form and we'll send you a personalised information that is requested

You may use this for your own reference or forward it to your friends.

Please use the information prudently. If you are not a medical doctor please remember to consult your healthcare provider as this information is not a substitute for professional advice.

Name *

Email Address *

Country *

Areas of Interests