Online Program

Monitoring health on the go: The privacy implications of diabetes apps

Tuesday, November 3, 2015

Sarah Blenner, JD, MPH, IIT Chicago-Kent College of Law, Chicago, IL
Lori Andrews, JD, IIT Chicago-Kent College of Law, Chicago, IL
Melanie Koellmer, PhD, IIT Chicago-Kent College of Law, Chicago, IL
Nadia Daneshvar, MPH, IIT Chicago-Kent College of Law, Chicago, IL
Adam Rouse, JD, LLM, IIT Chicago-Kent College of Law, Chicago, IL
Fifty-six percent of American adults own a smartphone.  One-fifth of smartphone owners have health apps.  Twenty-two percent of smartphone owners who act as caregivers and 10% of smartphone owners over 65 use apps to manage health.  While data from health apps can promote individual and public health, the collection, storage, and transmittal of personal and health information raise privacy concerns. 

At the Institute for Science, Law and Technology at IIT Chicago-Kent College of Law, we undertook a study of medical apps to learn what health data was being collected and shared.  We collected data on over 200 diabetes apps, categorized functions, and analyzed privacy policies and permissions.  We also analyzed the digital trails created by 65 of these apps.  The study revealed that 86% of the apps placed cookies (tracking mechanisms that collect data) on the device.  Eighty-three percent shared information with data aggregators.

Consumers might mistakenly believe that apps with privacy policies keep health information private, but that generally is not the case.  Precautions need to be implemented to protect health and personal data from apps.

Learning Areas:

Chronic disease management and prevention
Ethics, professional and legal requirements
Other professions or practice related to public health
Public health or related laws, regulations, standards, or guidelines

Learning Objectives:
Describe a study of over 200 medical apps, which analyzed how well the apps protect the privacy of the users’ sensitive health information and other types of information. Assess the extent to which users can find out before downloading medical apps what third parties can gain access to their information. List the types of information, including health information, that mobile apps may collect, store, analyze, and share. Discuss the benefits and risks of mobile health applications. Evaluate the functions, privacy policies, and permissions of over 200 diabetes apps available in the Google Play Store and their implications for the aging population. Evaluate the need for policies to protect people whose information may be on mobile health apps, such as caregivers and patients.

Keyword(s): Diabetes, Technology

Presenting author's disclosure statement:

Qualified on the content I am responsible for because: I am the Director of the Center for Diabetes Research and Policy at IIT Chicago-Kent College of Law. I have advocated for individuals with diabetes in schools, daycares, and prisons and worked to implement diabetes-related policies for four years. I help facilitate interdisciplinary projects, such as an analysis of the policy implications of mobile health apps. I received my JD from Chicago-Kent, MPH from UIC, and BA with high honors from Emory University.
Any relevant financial relationships? No

I agree to comply with the American Public Health Association Conflict of Interest and Commercial Support Guidelines, and to disclose to the participants any off-label or experimental uses of a commercial product or service discussed in my presentation.

Back to: 4001.0: Chronic Illness Roundtable