An article published in the BMC Medicine journal earlier this month (Unaddressed privacy risks in accredited health and wellness apps: a cross-sectional systematic assessment) reports that 89% of health apps certified as trustworthy by the NHS Health Apps Library “transmitted information to online services” and none “encrypted personal information stored locally.”
Researchers from Imperial College London found that:
- 66% of apps sending identifying information over the Internet did not use encryption.
- Four apps sent both identifying information and health information without encryption.
- Two apps appeared to place users at risk of data theft because of security problems.
It is currently estimated that 1.5 billion smartphone users have a health app – a number that is set to treble in the next three years. The Guardian reports that “Earlier this month, the health secretary, Jeremy Hunt, said his ambition was to get 15% of NHS patients routinely reading and adding to their online medical records using smartphones apps within the next 12 months.”
Kit Huckvale, a PhD student at Imperial College London who co-wrote the study, told the BBC that the NHS needed to put more investment into apps:
“[This] study is a signal and an opportunity to address this because the NHS would like to see strategic investment in apps to support people in the future.”
NHS England responded:
“We were made aware of some issues with some of the featured apps and took action to either remove them or contact the developers to insist they were updated. A new, more thorough NHS endorsement model for apps has begun piloting this month.”