Privacy and Medical Apps

Posted September 07, 2013 in Home, Patient Safety

When your private medical information is entered into an app, is it still private?

When your private medical information is entered into an app, is it still private?

This week there have been several stories about Medical Apps for smart phones and privacy, or rather the privacy that users of these apps give up. Many medical, health and fitness apps are free, and many of them provide value due to their ease of use, portability and ability to trend the information entered. However, if you didn’t read the user agreement, you might be surprised where all your personal information ends up.

The Intimacy of the Smart Phone

Smart Phones are high powered intimacy. I don’t mean that in an erotic sense, though there is likely an app for that too. I mean that a smart phone provides enormous volumes of storage and computing power in a small package. The bottom-of-the-line iPhone provides more computing power than the “super computers” which occupied an entire floor at Lawrence Livermore National Laboratory just a few decades ago. They are cute, and small, and go with us everywhere. We personalize them with covers, and they are connected. They serve as a personal electronic portal to the world. For all the intimacy they posses, they are not private, especially when we use apps.

Anatomy of an App

While it seems amazing that so much information is in a small phone, the truth is that most the information resides on someone else’s server. Even integrated processes, like Siri, send a digital recording of your voice to a computer for decryption, and storage for up to two years, before sending back the occasionally useful response.

Careful What You Enter

With third party apps, there is often less regulation. Apple has a reputation and product line to protect. An app company has a minimal investment in coding and servers, and makes its money by showing you ads, and selling your information. Consumers enter an enormous amount of data via their friendly and convenient smart phone. Examples include: Exercise Apps recording everything from how fast we run to the GPS coordinates of the routes we take; Diet Apps measuring what we eat and when we eat it; even Fertility Apps recording how often we have sex. More worrisome is that the GPS unit built into each phone can also record where each of these activities take place.

But Health Apps Help Too

For Diabetics, smart phone apps are great. No longer does one need to find pencil and paper to jot down diet, exercise, insulin use and glucose readings on paper. Neither does one need to remember to bring the journal to the doctor, it’s in your phone. Some apps will even send the data directly to your doc. Convenient, no doubt. The apps store the information for easy retrieval, can trend the data over time, help identify problem areas and facilitate better glucose control.

Who Gets Your Information?

When you come to my Walnut Creek Plastic Surgery office, you are protected by laws, which prohibit me, and my staff, from sharing your health information. The Health Insurance Portability and Accountability Act (HIPPA), which Congress passed in 1996, limits who can look at and receive your medical information. That means doctors, insurers and pharmacies must keep your records confidential, unless you explicitly give them permission to share them. On the other hand, the developers of health apps do not have the same obligations.

According to an article on HeraldOnline.com, “Often data was sent unencrypted … One app shared users’ locations and other personal information with 10 other companies within three seconds of being turned on.” More on this online. While the FDA proposed guidelines for apps that meet restrictive criteria in 2011, years later, nothing has been enacted.

What Can You Do?

So, what can you do to protect your health information? Number one, read the usually lengthy disclosure agreement that comes with your apps. It should explain exactly how much data is shared and with whom. This is no guarantee, especially if the app does not encrypt your data when it sends it, but it is a good start. The best advice is to only put information on your phone that you are comfortable sharing with the world.

Back-up your information. Have you ever lost your phone? If you don’t have it backed-up, you’ve also lost everything stored on your phone. Moreover, if you can’t erase it remotely, who ever has your phone also has everything on it.

Use paid apps. The apps that you pay for do not rely on ads and selling data for their primary source of income, and are less likely to over-share, but you still should check the user agreement.

It’s Not All Bad News

What some medical apps can do is amazing:

  • Measure heart rate and breathing rate through the smartphone’s camera
  • Measure pulmonary (lung) function using your phones built in microphone
  • Measure the electrical function of the heart, like an EKG, with a special cell phone case

When used responsibly, health care can be improved not just in Silicon Valley, but throughout the world, for relatively cheap. As phones become cheaper and faster, more and more people will have access. As laws and regulation catch up, privacy will improve, but this will take time, and it will never be as safe as paper and pencil under lock and key.

Dr. Mele on Body Beautiful on KRON4 this week

Dr. Joseph Mele appears on KRON4's Body Beautiful.

Dr. Joseph Mele appears on KRON4’s Body Beautiful.

If you want to share your Plastic Surgery Questions with the San Francisco Bay Area the week, be sure to tune into KRON4’s Body Beautiful on its new day. Dr. Mele will be appearing Wednesday, September 11th, at 11:00 AM. The show is broadcast live, so you can call in and get your plastic surgery questions answered on the air. If you can’t wait, drop us a note with the contact form in the margin, or give our plastic surgery office a call at (925) 943-6353.