Unchecked data collection could prove problematic for users – Gloria Spittel

Over the years, healthcare applications for handheld devices have grown in number. It is possible to find a healthcare app for just about any function from reminding users to take their medications on time to tracking sleeping habits, menstrual cycles, calorie consumption and other important physiological information.

Combined with tech wearables, these apps collect extensive information about us.

These apps are certainly useful and can in some instances – i.e. if connected to the necessary supporting infrastructure – play a vital role in alerting first responders and primary caregivers.

It is not a stretch of the imagination to see how beneficial healthcare apps that monitor and provide alerts about the physiological condition of terminally or chronically ill or feeble patients could be. Indeed, the data collected may inform immediate interventions resulting in better care for the individual while also complementing broader studies.

Healthcare apps are not confined to those that track and monitor physiological signs and data points; they also include those deployed by the medical community to assist in healthcare planning and extending its reach to communities – whether they are marginalised, oppressed, unwilling or unable to obtain the healthcare needed for a plethora of reasons.

For example, apps that help individuals living in communities where certain illnesses are stigmatised may find comfort in reaching out anonymously to receive advice, check symptoms and follow up on the best courses of action.

Of course, in some communities, these apps model informal and formal networks offering advice and care to those who cannot easily access the necessary help. Such applications can also be deployed in the event of emergencies such as the numerous tracking apps used during the COVID-19 pandemic.

A highly contagious virus, tracking apps deployed in numerous countries help trace, isolate and assist in curtailing the spread of the disease in communities through these actions.

Of course, this tracking of individuals can be achieved without apps; but in a dynamic situation such as the quick spread of highly infectious diseases, it could take too much time and lead to inaccuracy or loss of data if done manually.

Yet, COVID-19 tracking and other healthcare apps – both connected to wearables and not – have a common concern and feature.

The feature is that they all collect data and the concern is what they do with it. Privacy concerns may take a backseat to the convenience and absolute necessity of using apps where no alternative to healthcare exists; but it is a concern that affects all users – especially those with reduced agency.

So what? What is it about the privacy of healthcare data that should be of concern to a user? After all, the data collected may comprise anonymised and randomised numbers and patterns that cannot be linked to an identity.

If this was the universal truth about healthcare apps, discussions would have progressed on how to ensure they improve the level of data protection or how they can be emulated in countries that do not have privacy legislature as overarching infrastructure protecting user rights.

Privacy concerns regarding data collection have many areas of consideration of which its collection, access and commercialisation are at least three major domains of worry.

Most apps will be able to explicitly state what is being collected and it may not appear that data linked to your identity is collected. However, the way an app is developed or the ecosystem in which it runs may enable it to pick up identifying details such as email or IP addresses.

Or worse, apps could be hacked to gather data they have no interest in collecting. As such, healthcare apps that record any data should have strong security protocols that aim to prevent hacks and other unauthorised access, and
multi-level authentication for user access.

However, what happens with the data collected is also problematic.

In many instances, data is sold to third parties. The commodification and commercialisation of data is an issue with far-reaching implications from the less sinister advertisements based on collected data, to setting premium models for health insurance companies and intrusive decisions about employability based on medical histories if it falls into the wrong hands.

It is a dire picture but the way in which apps operate is hardly transparent, which in turn impacts what data is collected and how it will be used.

However hard consumers try, they will not have a grasp of the consequences. It is worse in countries without active legal frameworks that protect privacy rights and medical records or even strong consumer rights.

What can be done?

Short of not using healthcare apps, users should choose reputed app providers and check for privacy concerns. No app will be foolproof even though it may claim to be – so the best way forward is to tread carefully.