IEEE Access (Jan 2020)
Security and Privacy of mHealth Applications: A Scoping Review
Abstract
While digital health or mHealth applications (apps) have become accessible resources for the support of personal health, the privacy and security of users' data have been the subject of concern and controversy. As large numbers of mHealth apps are created and are increasingly widely used by people with various health conditions, it is crucial to have clear and valid methods for evaluating the data practices within them. Recent regulatory initiatives such as the European Union's General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) have had the effect of raising awareness and establishing a minimal set of expectations. However, they do not in themselves address the issue of the development of systems which meet privacy and security requirements. There is a growing body of research on evaluation techniques and frameworks to support the assessment of the privacy and security of health apps, and guidelines to support their design. However, it can be challenging to navigate this space and choose appropriate techniques for a given context. Addressing this issue, this paper examines the recent literature on security and privacy of m-Health applications, using a scoping review methodology. It analyses data security and privacy evaluation techniques and frameworks that have been proposed for mHealth applications, as well as relevant research-based design recommendations. This work consolidates recent research on the topic to support researchers, app designers, end users, and healthcare professionals in designing, evaluating, recommending and adopting mHealth applications.
Keywords
