Study Finds Women’s Health Applications Are Not Secure

The global market for mobile applications is seeing a continuous rise in the phenomena known as women’s mobile health (mHealth). The mHealth applications provide services for women’s health and bodily functions. The demand for mHealth applications is extensive as the applications offer women privacy regarding their health. Within the sociocultural context, the responsibility of women to conceive, prevent conception, or receive an abortion develops a large interest for women to utilize these applications. The cultural shame women encounter as a result of issues regarding infertility and weight management encourages women to use mHealth as a safe zone. However, the huge growth of the mHealth market has resulted in application manufacturers exploiting the data they collect to generate profits. 

A significant portion of women’s mHealth applications are commercial. Concerns have been raised regarding the disclosure of personal, health, and other confidential data as it can leave women vulnerable to social stigma. A study published by JMIR has addressed these concerns by examining the data sharing, privacy, and security policies of the most popular women’s mHealth applications on the current international market. 

The study analyzed a total of 23 applications on the Apple app store and Google play. The apps subject to the study were reviewed manually by 2 independent analysts based on compliance with the European Union’s GDPR requirements. Within the 23 women’s mHealth applications, 16 concerned fertility health, ovulation or menstrual cycle tracking, and pregnancy. The other applications regarded topics such as abortion, breast and lung cancers, women’s health excercises, and women’s mental health and self-care. 

The study found that all of the applications included behavioral tracking, with only 1 of the apps enabling the user to opt out of sharing their data. 7 did not allow tracking the location of the user, and 2 did not supply any information at all regarding location tracking. Of the 23 applications, 20 disclosed user data to third parties. Among these, 3 began collecting data without consent from its users.18 of the 23 applications shared the personal data for research purposes, while 6 of the 18 did not require consent from the user. 15 of the 23 applications disclosed data to a third party for tracking and analysis. Of the 23 applications assessed, 16 were clear about how they intended to process the user information, while 6 did not disclose any information at all regarding its management. 

The study revealed that the standard practices of the 23 applications did not comply with EU GDPR requirements. All of the applications examined acquired the personal and health information of its users. However, the opportunity for users to provide consent was not always available. To improve the security of female health data, the researchers assert that more stringent regulations should be established. They argue that protocols should be improved to allow users to assess and understand privacy and data sharing policies. Protocols should require mHealth to include illustrated figures and photos to improve user awareness and understanding. The researchers assert that these actions are imperative to the future of women’s health.