Health applications are supposed to protect your private medical data under existing federal regulations, but a recent study uncovered some loopholes in health apps that are even approved by the National Health Service.
There has been an increasing interest among hackers in patient data over the last couple of years, which explains the increasing incident of cyber attacks that target health information of patients.
The study, conducted by the Imperial College London, reveals a number of health apps contain vulnerabilities that could potentially expose patient data to hackers. These pieces of information range from a patient’s medical condition to smoking habits, among other health data. If lost to the wrong guy, these bits of data could put a shame on your name and many other consequences.
The irony of it all is that the insecure apps have been granted permission by the NHS, which has the duty of validating the security of mobile apps that track and contain health data.
It is revealed in the study that more than 30 percent of health apps available to patients could send names, passwords and birth data to anyone via the Internet with no encryption at all.
When these data fall into the hands of hackers, a patient’s email address and even bank accounts would also be exposed to hacking. A specific instance of this vulnerability is when a particular app was found transmitting data without encryption in place. The danger is when an attacker intercepts the transmission and steal the data in transit.
There are at least four apps found to contain this vulnerability. The researchers tried to assuage fear by saying there is only a slim chance for attackers to steal health data. But as I’ve mentioned above, there has been a steady increase in health-related hacking incidents. Before anything is too late, health app developers must implement full encryption of data.
Eighty of these apps reside in the Health Apps Library, the NHS’ archive of apps the service claims to be pre-screened for security requirements in compliance with federal rules. The goal is to provide patient access to NHS and help improve clinical results using advanced technology.
Health apps are also used by health workers to provide remote medical advice to patients. These pieces of advice range from instructions on proper sleep and exercise. There are a great variety of information contained in these apps, which are logged by the patients themselves based on the metrics of their drinking and eating pattern to workouts.
The NHS vowed to address the issue and said it has begun working on the reported vulnerabilities.