How health execs are dealing with apps leaking sensitive information

Dangers continue to mount for clinicians who download commercial apps for work. A new report by security site Dark Reading warned that growing number of apps share user information with a variety of sources, often unbeknownst to the user.

We reported on this emerging phenomenon last year, but the leaks appear to be getting bigger, rather than smaller with time, according to the Dark Reading report.

Apps rarely attempt to access or share private health information, the report acknowledged. Often, the app is sharing the user's age, sex, job title and location with the vendor's business partners to allow the user access to libraries, storage sites, etc. But when physicians are using apps for professional purposes, that kind of identifying information can be problematic.

"Apps are asking for so much access to so many phone features that they're impinging the privacy of users--and potentially putting enterprise data at risk," report author Ericka Chickowski said.

However, apps do occasionally ask for access to more troubling phone features, like cameras, microphones, etc., according to Chris Eng, vice president of research for IT vendor Veracode.

The reason for all this information sharing is the way app-makers earn money on their creations. "Usually they're low-cost, or they're free and ad-supported. What that means is they're going to need to market efficiently to the people who are using these ad-supported apps, so one aspect is getting the individual's profile, finding out things like sex, age, where they live, and so on. All those things are hugely important for targeting advertising," Veracode CTO Chris Wysopal tells Dark Reading.

The issue of info-leaking is a potentially major problem for hospitals with a bring-your-own-device policy, John Halamka, CIO of Beth Israel Deaconness Medical Center in Boston told FierceMobileHealthcare. He recalled a recent conversation with a physician who, while stuck in a broken elevator for an hour, spent his time playing Angry Birds on his iPad. The problem: Before he started the game, he had been managing patient data and records on that same device, according to Halamka. Whether the game might have made the patient data vulnerable isn't clear, he said, but as a CIO, it certainly made him cringe.

One solution is to require clinicians to stay away from commercial apps, said Todd Richardson, CIO of Deaconess Hospital in Evansville, Ind.

"We haven't placed into use any mobile smartphone apps that would capture sensitive information, and risk it being shared or otherwise exploited," Richardson said. "If and when we do, they aren't likely to be applications ... from the Android Market or iTunes App store. Given the obvious sensitive nature of any of this data, they would be custom apps that we would have control of, and probably wouldn't be looking to make money on them by selling advertising on the splash screen."

Another option: Halamka recommended a mobile management software like MobileIron or FixMo's SafeZone, to help sandbox sensitive information, and possibly even track when and where user data is being siphoned off by apps or other software.

Whether it's done by individual hospitals or larger industry groups, more curation is needed to determine how each health app works, what permissions/access it requires of users. Ottawa Hospital CIO Dale Potter said he thinks that Apple has a good approach, so far. "Risk will always be present," he said. "But someone has scrutinized each application so that inappropriate requests or system resource uses would be challenged or disallowed."

To learn more:
- read the Dark Reading piece
- check out John Halamka's discussion of sandboxing