scholarly journals Assessment of the Fairness of Privacy Policies of Mobile Health Apps: Scale Development and Evaluation in Cancer Apps

10.2196/17134 ◽  
2020 ◽  
Vol 8 (7) ◽  
pp. e17134
Author(s):  
Jaime Benjumea ◽  
Jorge Ropero ◽  
Octavio Rivera-Romero ◽  
Enrique Dorronzoro-Zubiete ◽  
Alejandro Carrasco
Keyword(s):  
Mobile Health ◽  
Mobile Apps ◽  
Privacy Policies ◽  
Sensitive Data ◽  
General Data Protection Regulation ◽  
Android Apps ◽  
Mobile Health Apps ◽  
General Data ◽  
Adjusted Scores ◽  
Mhealth Apps

Background Cancer patients are increasingly using mobile health (mHealth) apps to take control of their health. Many studies have explored their efficiency, content, usability, and adherence; however, these apps have created a new set of privacy challenges, as they store personal and sensitive data. Objective The purpose of this study was to refine and evaluate a scale based on the General Data Protection Regulation and assess the fairness of privacy policies of mHealth apps. Methods Based on the experience gained from our previous work, we redefined some of the items and scores of our privacy scale. Using the new version of our scale, we conducted a case study in which we analyzed the privacy policies of cancer Android apps. A systematic search of cancer mobile apps was performed in the Spanish version of the Google Play website. Results The redefinition of certain items reduced discrepancies between reviewers. Thus, use of the scale was made easier, not only for the reviewers but also for any other potential users of our scale. Assessment of the privacy policies revealed that 29% (9/31) of the apps included in the study did not have a privacy policy, 32% (10/31) had a score over 50 out of a maximum of 100 points, and 39% (12/31) scored fewer than 50 points. Conclusions In this paper, we present a scale for the assessment of mHealth apps that is an improved version of our previous scale with adjusted scores. The results showed a lack of fairness in the mHealth app privacy policies that we examined, and the scale provides developers with a tool to evaluate their privacy policies.

scholarly journals Assessment of the Fairness of Privacy Policies of Mobile Health Apps: Scale Development and Evaluation in Cancer Apps (Preprint)

2019 ◽  
Author(s):  
Jaime Benjumea ◽  
Jorge Ropero ◽  
Octavio Rivera-Romero ◽  
Enrique Dorronzoro-Zubiete ◽  
Alejandro Carrasco
Keyword(s):  
Mobile Health ◽  
Mobile Apps ◽  
Privacy Policies ◽  
Sensitive Data ◽  
General Data Protection Regulation ◽  
Android Apps ◽  
Mobile Health Apps ◽  
General Data ◽  
Adjusted Scores ◽  
Mhealth Apps

BACKGROUND Cancer patients are increasingly using mobile health (mHealth) apps to take control of their health. Many studies have explored their efficiency, content, usability, and adherence; however, these apps have created a new set of privacy challenges, as they store personal and sensitive data. OBJECTIVE The purpose of this study was to refine and evaluate a scale based on the General Data Protection Regulation and assess the fairness of privacy policies of mHealth apps. METHODS Based on the experience gained from our previous work, we redefined some of the items and scores of our privacy scale. Using the new version of our scale, we conducted a case study in which we analyzed the privacy policies of cancer Android apps. A systematic search of cancer mobile apps was performed in the Spanish version of the Google Play website. RESULTS The redefinition of certain items reduced discrepancies between reviewers. Thus, use of the scale was made easier, not only for the reviewers but also for any other potential users of our scale. Assessment of the privacy policies revealed that 29% (9/31) of the apps included in the study did not have a privacy policy, 32% (10/31) had a score over 50 out of a maximum of 100 points, and 39% (12/31) scored fewer than 50 points. CONCLUSIONS In this paper, we present a scale for the assessment of mHealth apps that is an improved version of our previous scale with adjusted scores. The results showed a lack of fairness in the mHealth app privacy policies that we examined, and the scale provides developers with a tool to evaluate their privacy policies.

scholarly journals Privacy Assessment in Mobile Health Apps: Scoping Review (Preprint)

2020 ◽  
Author(s):  
Jaime Benjumea ◽  
Jorge Ropero ◽  
Octavio Rivera-Romero ◽  
Enrique Dorronzoro-Zubiete ◽  
Alejandro Carrasco
Keyword(s):  
Mobile Health ◽  
Scoping Review ◽  
Evaluation Criteria ◽  
Large Set ◽  
Scoring Method ◽  
Sensitive Data ◽  
Privacy And Security ◽  
Mobile Health Apps ◽  
Legal Frameworks ◽  
Mhealth Apps

BACKGROUND Privacy has always been a concern, especially in the health domain. The proliferation of mobile health (mHealth) apps has led to a large amount of sensitive data being generated. Some authors have performed privacy assessments of mHealth apps. They have evaluated diverse privacy components; however, different authors have used different criteria for their assessments. OBJECTIVE This scoping review aims to understand how privacy is assessed for mHealth apps, focusing on the components, scales, criteria, and scoring methods used. A simple taxonomy to categorize the privacy assessments of mHealth apps based on component evaluation is also proposed. METHODS We followed the methodology defined by Arksey and O’Malley to conduct a scoping review. Included studies were categorized based on the privacy component, which was assessed using the proposed taxonomy. RESULTS The database searches retrieved a total of 710 citations—24 of them met the defined selection criteria, and data were extracted from them. Even though the inclusion criteria considered articles published since 2009, all the studies that were ultimately included were published from 2014 onward. Although 12 papers out of 24 (50%) analyzed only privacy, 8 (33%) analyzed both privacy and security. Moreover, 4 papers (17%) analyzed full apps, with privacy being just part of the assessment. The evaluation criteria used by authors were heterogeneous and were based on their experience, the literature, and/or existing legal frameworks. Regarding the set of items used for the assessments, each article defined a different one. Items included app permissions, analysis of the destination, analysis of the content of communications, study of the privacy policy, use of remote storage, and existence of a password to access the app, among many others. Most of the included studies provided a scoring method that enables the comparison of privacy among apps. CONCLUSIONS The privacy assessment of mHealth apps is a complex task, as the criteria used by different authors for their evaluations are very heterogeneous. Although some studies about privacy assessment have been conducted, a very large set of items to evaluate privacy has been used up until now. In-app information and privacy policies are primarily utilized by the scientific community to extract privacy information from mHealth apps. The creation of a scale based on more objective criteria is a desirable step forward for privacy assessment in the future.

scholarly journals Privacy Assessment in Mobile Health Apps: Scoping Review

10.2196/18868 ◽  
2020 ◽  
Vol 8 (7) ◽  
pp. e18868 ◽  
Author(s):  
Jaime Benjumea ◽  
Jorge Ropero ◽  
Octavio Rivera-Romero ◽  
Enrique Dorronzoro-Zubiete ◽  
Alejandro Carrasco
Keyword(s):  
Mobile Health ◽  
Scoping Review ◽  
Evaluation Criteria ◽  
Large Set ◽  
Scoring Method ◽  
Sensitive Data ◽  
Privacy And Security ◽  
Mobile Health Apps ◽  
Legal Frameworks ◽  
Mhealth Apps

Background Privacy has always been a concern, especially in the health domain. The proliferation of mobile health (mHealth) apps has led to a large amount of sensitive data being generated. Some authors have performed privacy assessments of mHealth apps. They have evaluated diverse privacy components; however, different authors have used different criteria for their assessments. Objective This scoping review aims to understand how privacy is assessed for mHealth apps, focusing on the components, scales, criteria, and scoring methods used. A simple taxonomy to categorize the privacy assessments of mHealth apps based on component evaluation is also proposed. Methods We followed the methodology defined by Arksey and O’Malley to conduct a scoping review. Included studies were categorized based on the privacy component, which was assessed using the proposed taxonomy. Results The database searches retrieved a total of 710 citations—24 of them met the defined selection criteria, and data were extracted from them. Even though the inclusion criteria considered articles published since 2009, all the studies that were ultimately included were published from 2014 onward. Although 12 papers out of 24 (50%) analyzed only privacy, 8 (33%) analyzed both privacy and security. Moreover, 4 papers (17%) analyzed full apps, with privacy being just part of the assessment. The evaluation criteria used by authors were heterogeneous and were based on their experience, the literature, and/or existing legal frameworks. Regarding the set of items used for the assessments, each article defined a different one. Items included app permissions, analysis of the destination, analysis of the content of communications, study of the privacy policy, use of remote storage, and existence of a password to access the app, among many others. Most of the included studies provided a scoring method that enables the comparison of privacy among apps. Conclusions The privacy assessment of mHealth apps is a complex task, as the criteria used by different authors for their evaluations are very heterogeneous. Although some studies about privacy assessment have been conducted, a very large set of items to evaluate privacy has been used up until now. In-app information and privacy policies are primarily utilized by the scientific community to extract privacy information from mHealth apps. The creation of a scale based on more objective criteria is a desirable step forward for privacy assessment in the future.

Context and End-User Privacy Policies in Web Service-Based Applications

2021 ◽  
pp. 1459-1475
Author(s):  
Georgia M. Kapitsaki
Keyword(s):  
Vital Role ◽  
User Preferences ◽  
Future Research ◽  
User Privacy ◽  
Privacy Policies ◽  
Sensitive Data ◽  
General Data Protection Regulation ◽  
General Data ◽  
Service Data ◽  
Restful Services

Privacy protection plays a vital role in pervasive and web environments, where users contact applications and services that may require access to their sensitive data. The current legislation, such as the recent European General Data Protection Regulation, is putting more emphasis on user protection and on placing users in the center of privacy choices. SOAP (simple object access protocol)-based and RESTful services may require access to sensitive data for their proper functioning, but users should be able to express their preferences on what should and should not be accessed. In this chapter, the above issues are discussed and a solution is presented for reconciling user preferences expressed in privacy policies and the service data needs tailored to SOAP-based services. A use example is provided and the main open issues providing directions for future research are discussed.

Context and End-User Privacy Policies in Web Service-Based Applications

2019 ◽  
pp. 194-215
Author(s):  
Georgia M. Kapitsaki
Keyword(s):  
Vital Role ◽  
User Preferences ◽  
Future Research ◽  
User Privacy ◽  
Privacy Policies ◽  
Sensitive Data ◽  
General Data Protection Regulation ◽  
General Data ◽  
Service Data ◽  
Restful Services

Privacy protection plays a vital role in pervasive and web environments, where users contact applications and services that may require access to their sensitive data. The current legislation, such as the recent European General Data Protection Regulation, is putting more emphasis on user protection and on placing users in the center of privacy choices. SOAP (simple object access protocol)-based and RESTful services may require access to sensitive data for their proper functioning, but users should be able to express their preferences on what should and should not be accessed. In this chapter, the above issues are discussed and a solution is presented for reconciling user preferences expressed in privacy policies and the service data needs tailored to SOAP-based services. A use example is provided and the main open issues providing directions for future research are discussed.

scholarly journals A first look at Android applications in Google Play related to COVID-19

2021 ◽  
Vol 26 (4) ◽  
Author(s):  
Jordan Samhi ◽  
Kevin Allix ◽  
Tegawendé F. Bissyandé ◽  
Jacques Klein
Keyword(s):  
Mobile Apps ◽  
Contact Tracing ◽  
Location Tracking ◽  
Response Effort ◽  
Sensitive Data ◽  
Android Apps ◽  
Digital World ◽  
Public Health Organizations ◽  
Android Applications ◽  
Google Play

AbstractDue to the convenience of access-on-demand to information and business solutions, mobile apps have become an important asset in the digital world. In the context of the COVID-19 pandemic, app developers have joined the response effort in various ways by releasing apps that target different user bases (e.g., all citizens or journalists), offer different services (e.g., location tracking or diagnostic-aid), provide generic or specialized information, etc. While many apps have raised some concerns by spreading misinformation or even malware, the literature does not yet provide a clear landscape of the different apps that were developed. In this study, we focus on the Android ecosystem and investigate Covid-related Android apps. In a best-effort scenario, we attempt to systematically identify all relevant apps and study their characteristics with the objective to provide a first taxonomy of Covid-related apps, broadening the relevance beyond the implementation of contact tracing. Overall, our study yields a number of empirical insights that contribute to enlarge the knowledge on Covid-related apps: (1) Developer communities contributed rapidly to the COVID-19, with dedicated apps released as early as January 2020; (2) Covid-related apps deliver digital tools to users (e.g., health diaries), serve to broadcast information to users (e.g., spread statistics), and collect data from users (e.g., for tracing); (3) Covid-related apps are less complex than standard apps; (4) they generally do not seem to leak sensitive data; (5) in the majority of cases, Covid-related apps are released by entities with past experience on the market, mostly official government entities or public health organizations.

scholarly journals Mobile Health Apps for Medical Emergencies: Systematic Review

10.2196/18513 ◽  
2020 ◽  
Vol 8 (12) ◽  
pp. e18513
Author(s):  
Alejandro Plaza Roncero ◽  
Gonçalo Marques ◽  
Beatriz Sainz-De-Abajo ◽  
Francisco Martín-Rodríguez ◽  
Carlos del Pozo Vegas ◽  
...  
Keyword(s):  
Health Care ◽  
Mobile Health ◽  
Mobile Apps ◽  
Current Status ◽  
Health Technologies ◽  
Health Apps ◽  
App Store ◽  
Mobile Health Apps ◽  
Medical Emergencies ◽  
Google Play

Background Mobile health apps are used to improve the quality of health care. These apps are changing the current scenario in health care, and their numbers are increasing. Objective We wanted to perform an analysis of the current status of mobile health technologies and apps for medical emergencies. We aimed to synthesize the existing body of knowledge to provide relevant insights for this topic. Moreover, we wanted to identify common threads and gaps to support new challenging, interesting, and relevant research directions. Methods We reviewed the main relevant papers and apps available in the literature. The Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) methodology was used in this review. The search criteria were adopted using systematic methods to select papers and apps. On one hand, a bibliographic review was carried out in different search databases to collect papers related to each application in the health emergency field using defined criteria. On the other hand, a review of mobile apps in two virtual storage platforms (Google Play Store and Apple App Store) was carried out. The Google Play Store and Apple App Store are related to the Android and iOS operating systems, respectively. Results In the literature review, 28 papers in the field of medical emergency were included. These studies were collected and selected according to established criteria. Moreover, we proposed a taxonomy using six groups of applications. In total, 324 mobile apps were found, with 192 identified in the Google Play Store and 132 identified in the Apple App Store. Conclusions We found that all apps in the Google Play Store were free, and 73 apps in the Apple App Store were paid, with the price ranging from US $0.89 to US $5.99. Moreover, 39% (11/28) of the included studies were related to warning systems for emergency services and 21% (6/28) were associated with disaster management apps.

scholarly journals The Privacy Policy Landscape After the GDPR

2020 ◽  
Vol 2020 (1) ◽  
pp. 47-64 ◽  
Author(s):  
Thomas Linden ◽  
Rishabh Khandelwal ◽  
Hamza Harkous ◽  
Kassem Fawaz
Keyword(s):  
English Language ◽  
User Study ◽  
Privacy Policies ◽  
General Data Protection Regulation ◽  
Data Practices ◽  
Before And After ◽  
Compliance Requirements ◽  
General Data ◽  
Transitional Phase ◽  
The Eu

AbstractThe EU General Data Protection Regulation (GDPR) is one of the most demanding and comprehensive privacy regulations of all time. A year after it went into effect, we study its impact on the landscape of privacy policies online. We conduct the first longitudinal, in-depth, and at-scale assessment of privacy policies before and after the GDPR. We gauge the complete consumption cycle of these policies, from the first user impressions until the compliance assessment. We create a diverse corpus of two sets of 6,278 unique English-language privacy policies from inside and outside the EU, covering their pre-GDPR and the post-GDPR versions. The results of our tests and analyses suggest that the GDPR has been a catalyst for a major overhaul of the privacy policies inside and outside the EU. This overhaul of the policies, manifesting in extensive textual changes, especially for the EU-based websites, comes at mixed benefits to the users.While the privacy policies have become considerably longer, our user study with 470 participants on Amazon MTurk indicates a significant improvement in the visual representation of privacy policies from the users’ perspective for the EU websites. We further develop a new workflow for the automated assessment of requirements in privacy policies. Using this workflow, we show that privacy policies cover more data practices and are more consistent with seven compliance requirements post the GDPR. We also assess how transparent the organizations are with their privacy practices by performing specificity analysis. In this analysis, we find evidence for positive changes triggered by the GDPR, with the specificity level improving on average. Still, we find the landscape of privacy policies to be in a transitional phase; many policies still do not meet several key GDPR requirements or their improved coverage comes with reduced specificity.

Nick Noguez and Michael Gonzalez Discuss their Research Project: Are Social Features in Mobile Health Apps Effective in Engaging Users? A Content Analysis of Smoking Cessation Mobile Apps

2019 ◽  
Vol 4 ◽  
Author(s):  
Nick Noguez And Michael Gonzalez
Keyword(s):  
Smoking Cessation ◽  
Content Analysis ◽  
Mobile Health ◽  
Social Engagement ◽  
Rating Scale ◽  
Mobile Apps ◽  
Mobile App ◽  
Health Apps ◽  
Social Features ◽  
Mobile Health Apps

  Despite the ubiquity of smartphone ownership and the increasing integration of social engagement features in smoking cessation apps to engage users, thesocial engagement features that exist in current smoking cessation apps and how effective these social features are in engaging users remain unclear. To fill the gap in the literature, a content analysis of free and paid smoking cessation mobile apps isconducted to examine a) the presence of socialengagement features(e.g., social support, social announcement, social referencing) and non-social engagement features (e.g., personal environmental changes, goal setting), and b) their relationship with user ratingsand engagement scores (e.g., Mobile App rating scale [MARS]). The findings will not only extend the mobile health apps engagement typology,but also inform smoking cessation mobile apps design.

scholarly journals Availability and quality of mobile health app privacy policies

2014 ◽  
Vol 22 (e1) ◽  
pp. e28-e33 ◽  
Author(s):  
Ali Sunyaev ◽  
Tobias Dehling ◽  
Patrick L Taylor ◽  
Kenneth D Mandl
Keyword(s):  
Mobile Health ◽  
Grade Level ◽  
Information Privacy ◽  
College Level ◽  
Privacy Policies ◽  
Informed Decisions ◽  
Reading Grade Level ◽  
Mhealth Apps

Abstract Mobile health (mHealth) customers shopping for applications (apps) should be aware of app privacy practices so they can make informed decisions about purchase and use. We sought to assess the availability, scope, and transparency of mHealth app privacy policies on iOS and Android. Over 35 000 mHealth apps are available for iOS and Android. Of the 600 most commonly used apps, only 183 (30.5%) had privacy policies. Average policy length was 1755 (SD 1301) words with a reading grade level of 16 (SD 2.9). Two thirds (66.1%) of privacy policies did not specifically address the app itself. Our findings show that currently mHealth developers often fail to provide app privacy policies. The privacy policies that are available do not make information privacy practices transparent to users, require college-level literacy, and are often not focused on the app itself. Further research is warranted to address why privacy policies are often absent, opaque, or irrelevant, and to find a remedy.

Sign in / Sign up

Export Citation Format

Share Document