How Secure Is Your Mobile Health?

Abstract

Research suggests that the interactions between a patient and a health professional through an mHealth app (a mobile health application), can improve the efficiency and quality of healthcare. However, the risk of disclosure of personal or health related data can be higher when using such devices, as there is a lack of specific security standards or guidelines for their deployment. Also, there are commonly no controls to comprehensively verify and minimize security and privacy vulnerabilities that may exist in those apps before they are released in the “wild”. To make matters worse, the medical record has a significantly higher financial value (on the black market) compared with other personal records (e.g., credit card or bank account details), which obviously increases the motivation for unauthorised accesses and misuse. In order to mitigate these problems, socio-technical security as well as privacy and legal aspects need to be taken into account when developing mHealth apps. In this work, essential recommendations regarding the previously itemized are provided as a means to guide both developers and users alike, into more secure, private and usable mHealth apps.