Edinburgh Research Explorer

On the Privacy, Security and Safety of Blood Pressure and Diabetes Apps

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Original languageEnglish
Title of host publicationICT Systems Security and Privacy Protection
Subtitle of host publication30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26-28, 2015, Proceedings
EditorsHannes Federrath, Dieter Gollmann
PublisherSpringer International Publishing
Pages571-584
Number of pages14
ISBN (Electronic)978-3-319-18467-8
ISBN (Print)978-3-319-18466-1
DOIs
StatePublished - 2015

Publication series

NameIFIP Advances in Information and Communication Technology
PublisherSpringer International Publishing
Volume455

Abstract

Mobile health (mHealth) apps are an ideal tool for monitoring and tracking long-term health conditions. In this paper, we examine whether mHealth apps succeed in ensuring the privacy, security, and safety of the health data entrusted to them. We investigate 154 apps from Android app stores using both automatic code and metadata analysis and a manual analysis of functionality and data leakage. Our study focuses on hypertension and diabetes, two common health conditions that require careful tracking of personal health data.

We find that many apps do not provide privacy policies or safe communications, are implemented in an insecure fashion, fail basic input validation tests and often have overall low code quality which suggests additional security and safety risks. We conclude with recommendations for App Stores, App developers, and end users.

Download statistics

No data available

ID: 19928108