Mobile healthcare, telemedicine, telehealth, BYOD

Apps & Software News

mHealth Apps for Dementia Patients Aren’t Protecting Health Data

A new study by three Massachusetts health providers finds that mHealth apps for patients with dementia and their caregivers are more likely to be skipping privacy safeguards that having protocols in place.

Source: ThinkStock

By Eric Wicklund

- Despite the continued drumbeat for better safety and security, a majority of mHealth apps designed for patients with dementia and their caregivers aren’t protecting health information.

That’s the take-away from a recent study of 125 apps by researchers from three Massachusetts health systems, which found that more than half of the apps collecting user-generated data had no privacy policy.

"[N]o one using an app for a mental health-related reason should assume that privacy and security measures are in place,” Ipsit Vahia, MD, medical director of Geriatric Psychiatry Outpatient Services at McLean Hospital in Belmont, Mass., and lead author of the study, said in a recent press release issued by the hospital.

Vahia, who conducted the study with Lisa C. Rosenfeld, MD, a resident in the MGH/McLean Adult Psychiatry Residency Training Program, and John B. Torous, MD, of Beth Israel Deaconess Medical Center, said the research "represents a note of caution to researchers (and) clinicians, as well as patients and their families" using mHealth apps.

It also "also points to a role for professional organizations and advocacy groups in helping educate mobile health consumers on how to best make decisions about using this technology," he added.

Of the 125 apps tested, the study reported, only 33 of the 72 apps that collected personal information had privacy policies that could be accessed by the user. Many more, it said, had “a preponderance of missing information.”

“[T]he majority acknowledged collecting individual data for internal purposes, and most named instances in which user data would be shared with outside parties,” the study, published in the August issue of The American Journal of Geriatric Psychiatry, added.

It’s the latest indication that the mHealth industry is still trying to come to grips with app security, particularly in apps that are marketed directly to consumers. And it underscores federal and academic programs to develop mHealth app standards and efforts by groups like HIMSS and the American Medical Association to create protocols to vet and certify mobile health apps.

About a year ago, a survey conducted by the Future of Privacy Forum found that while 76 percent of the mHealth apps studied had a privacy policy – an 8 percent increase since 2012 – only 61 percent of the apps in the health and fitness field had such protections.

“Given that some health and fitness apps can access sensitive, physiological data collected by sensors on a mobile phone, wearable or other device, their below-average performance is both unexpected and troubling,” that report stated.

“While most apps do provide consumers with the most basic notices about how their personal data will be collected, used and shared, it’s also clear that a significant number do not,” the FPF report concluded. “Although a privacy policy is only a starting point for protecting individuals’ privacy, it is an important baseline standard all around the world. Now more than ever, it is important for consumers to take a moment to look for – and look through – an app’s privacy policy before downloading it to their devices.”

Vahia, whose team selected iPhone apps for their study by using the searches “health & fitness + dementia” and “medical + dementia,” said his study should serve as a wake-up call for both patients and their caregivers who may be diving into mHealth without fully researching the consequences

"n order for technology to realize its full potential in mental health, users need to feel confident about the security and privacy of the information that is collected," he said. Likewise, "clinicians should educate themselves and their patients about issues related to the data collected" before recommending an app.

Not doing so, he said, "could be akin to prescribing a medication without being aware of or disclosing risks and side effects."


Join 20,000 of your peers

Sign up for our free newsletter to keep reading our articles:

Get free access to webcasts, white papers and exclusive interviews.

  • mHealth Apps
  • Telehealth and Telemedecine
  • BYOD
  • Expert advice from peers
  • And More

Our privacy policy

no, thanks