Are Health Apps Susceptible to Medical Data Breach?

MEDICAL DATA BREACH

The proliferation of smartphone usage and the adoption of internet based medical care   has helped provide Kenyan citizens with access to basic health care information and consultancy services though medical health apps. Now more than ever, a majority of Kenyans use these apps to address their various health issues.  Unfortunately using medical apps comes with a price, the risk of medical data breach.

Kenya, being one of the  most technologically advanced country in East Africa, has experienced a rapid accretion of mobile medical  apps .The apps  aim at  helping people manage their own health, gain access to useful medical information and promote overall healthy living. Medical Apps like MYDAWA, M-TIBA, M-DAKTARI, MATIBABU, and MEDAFFRICA among others have been influencing the healthcare industry across the country embracing new online solutions and transforming traditional models of healthcare. More medical apps are expected to achieve considerable growth in the not-too-distant future.

These medical health apps serve as efficient platforms of connecting patients, doctors, payers and governments. They also serve as virtual notebooks with which users can keep track of their medical progress. The consistent data tracking make it easier for users to set health oriented goals. It also helps them track their medical data as they try to deal with their various health issues.  The medical data gathered over time makes it possible for physicians and other healthcare professionals to coordinate health care issues past physical boundaries.

Unfortunately though, these new advancements in online based medical care have presented vulnerabilities to the sensitive electronic health records with the capability of crippling healthcare services. Due to internet connectivity, these health apps are highly at risk of medical data breach.

Many  medical app users’ have their health records, ID information, Mobile number, GPS  address and sometimes even  financial information available on their various medical apps. The Apps gather a wide range of personal data and use the processed information to assist the users with their various health issues. However, it would seem that as the propensity and portability of medical data on a mobile App continues to grow, so does the potential risk of medical data breach.

According to an article on science daily, 80% of the most used apps on Android smartphones do not comply with the standards intended to prevent the dissemination of their user’s data. Research studies have also found that most of the health apps in the market   have a slack privacy policy on patient data and share information with 3rd parties. These are the most likely medical apps to fall prey to cyber-attacks where the perpetrators get unrestricted access to privileged electronic health records.

The private health information acquired from  medical data breaches is now considered more valuable on the black-market than any other form of personal identifiable information. It is considered as the ‘Holy grail’ of data theft by hackers .This is because many healthcare databases serve as repositories for customer information more than any other industry or organization.  This information is very valuable for black-market merchants.

Health Apps can be especially vulnerable to a medical data breach when they use   HTTP connections in the transmission of patient information. HTTP connections provide a pathway for hackers to steal patient information to either anonymously buy medical equipment or sell the data on the black-market. Some of the medical information like X-Rays could also be sold to foreign individuals  unable to pass health exams to get passports and Visas.

As much as you may not have control over medical apps data privacy policies, there are some measures you can still take to protect your health apps from a medical data breach.

  • The first step you should take to protect your medical data from potential breaches by hackers is making sure you download medical apps from known and trusted sources. Consider checking out the ratings and reviews of a health app on the app store to find out whether it has a history of mismanaging user information or has a viable privacy policy. If lacks one, or the policy is skeptical, you shouldn’t download such a medical app.
  • You can also take control over the security and privacy of your health apps and minimize the impact of medical data breaches, is to opt out of the location tracking features or creating privacy zones whenever possible. Some medical apps feature an option to prevent location tracking or recording over a specific radius or a zone. While it may not prevent a medical data breach, it could limit the information available to the hackers.

Comments

comments