Better privacy and security is needed for the true benefits of smartphone-based health technology to be realized, especially in light of increasing consumer interest and tool advancements.
Solving such challenges will require a collaborative effort, lead author of the study, David Kotz, the Champion International Professor in the Department of Computer Science at Dartmouth College, told FierceMobileHealthcare in an email.
“The application developer should consider privacy from the ground up, designing the application (device, app, cloud, etc) with privacy in mind but any party using the data collected by such applications must protect the privacy of the patients/subjects/individuals whose data they have collected and are using,” Kotz said. He added that providers need to adhere to regulatory rules such as HIPAA and HITECH.
“For researchers, the responsibility is typically covered by their IRB in the research protocols; but for others, I believe it is their ethical responsibility to handle the data in ways that respect the privacy of those people whose data has been collected,” he said. Kotz said he devised a 10-point privacy framework for mHealth.
Security and user privacy have long been cited as prime obstacles to mHealth adoption. Last month the Health and Human Services Department's Office for Civil Rights issued an email alert regarding how third-party software applications can put healthcare organizations at risk for security vulnerabilities.
Kotz said vulnerabilities don’t fall in just one bucket; though he added that the weakest link is the practice of bolting security on at the end of app development. Users must play a role as well, he said.