Your health app could be leaking medical data

That nifty new health app you downloaded to your phone to keep track of your meds might be sharing your information with unrelated companies, some of which have nothing to do with healthcare, a new study finds.


“The key finding from our study is that health related data is widely shared with companies that have nothing to do with health,” said study leader Quinn Grundy, an assistant professor at the University of Toronto .

“The consumer has no way to know exactly what is happening with their data and what consequences there might be.”

“This is a breach of privacy that could affect our lives in big ways,” Grundy said.

Grundy’s team tested 24 top-rated publicly available medication apps designed to work on Android phones in the UK, the US, Canada and Australia . The interactive apps provided information about medication dispensing, administration or use.

After downloading each app, the researchers ran each one 14 times to observe its “nor mal” network traffic related to 28 types of user data, including Android ID, user’s birthday, email, and precise location.

Then they altered one source of user information and ran the app again to detect leaks of sensitive information sent to a remote server outside the app. Companies receiving sensitive user data were then identified by their IP addresses, allowing the researchers to scrutinize their websites and privacy policies.

Nineteen of the 24 apps shared data, the authors report in ‘The BMJ’. REUTERS