Background Mobile health has become a major vehicle of support for people living with diabetes. Accordingly, the availability of mobile apps for diabetes has been steadily increasing. Most of the previous reviews of diabetes apps have focused on the apps’ features and their alignment with clinical guidelines. However, there is a lack of knowledge on the actual compliance of diabetes apps with privacy and data security guidelines. Objective The aim of this study was to assess the levels of privacy of mobile apps for diabetes to contribute to the raising of awareness of privacy issues for app users, developers, and governmental data protection regulators. Methods We developed a semiautomatic app search module capable of retrieving Android apps’ privacy-related information, particularly the dangerous permissions required by apps, with the aim of analyzing privacy aspects related to diabetes apps. Following the research selection criteria, the original 882 apps were narrowed down to 497 apps that were included in the analysis. Results Approximately 60% of the analyzed diabetes apps requested potentially dangerous permissions, which pose a significant risk to users’ data privacy. In addition, 28.4% (141/497) of the apps did not provide a website for their privacy policy. Moreover, it was found that 40.0% (199/497) of the apps contained advertising, and some apps that claimed not to contain advertisements actually did. Ninety-five percent of the apps were free, and those belonging to the “medical” and “health and fitness” categories were the most popular. However, app users do not always realize that the free apps’ business model is largely based on advertising and, consequently, on sharing or selling their private data, either directly or indirectly, to unknown third parties. Conclusions The aforementioned findings confirm the necessity of educating patients and health care providers and raising their awareness regarding the privacy aspects of diabetes apps. Therefore, this research recommends properly and comprehensively training users, ensuring that governments and regulatory bodies enforce strict data protection laws, devising much tougher security policies and protocols in Android and in the Google Play Store, and implicating and supervising all stakeholders in the apps’ development process.
BACKGROUND Mobile health has become a major channel for the support of people living with diabetes. Accordingly, the availability of diabetes mobile apps has been steadily increasing. Most of the previous reviews of diabetes apps have focused on the apps’ features and their alignment with clinical guidelines. However, there is a lack of knowledge on the actual compliance of diabetes apps with privacy and data security aspects. OBJECTIVE The aim of this study was to assess the level of privacy of diabetes mobile applications to contribute to raising the awareness of final users, developers and data-protection governmental regulators towards privacy issues. METHODS A web scraper capable of retrieving Android apps’ privacy-related information, particularly the dangerous permissions required by the apps, was developed with the aim of analyzing privacy aspects related to diabetes apps. Following the research selection criteria, the original 882 apps were narrowed down to 497 apps, which were finally included in the analysis. RESULTS 60% of diabetes apps may request dangerous permissions, which poses a significant risk for the users’ data privacy. In addition, 30% of the apps do not return their privacy policy website. Moreover, it was found that 40% of apps contain advertising, and that some apps that declared not to contain it actually had ads. 95.4% of the apps were free of cost, and those belonging to the Medical and Health and Fitness categories were the most popular. However, final users do not always realize that the free-apps’ business model is largely based on advertising, and consequently, on sharing or selling their private data, either directly or indirectly, to unknown third-parties. CONCLUSIONS The aforementioned findings unquestionably confirm the necessity to educate users and raise their awareness regarding diabetes apps privacy aspects. For this purpose, this research recommends properly and comprehensively training users, ensuring that governments and regulatory bodies enforce strict data protection laws, devising much tougher security policies and protocols in Android and in the Google Play Store, and the implication and supervision of all stakeholders in the apps’ development process.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.