Health apps approved by NHS 'may put users at risk of identity theft'

Experts say apps do not adequately protect personal information

Charlie Cooper
Thursday 24 September 2015 20:07 EDT
Comments
Experts have warned that some apps do not adequately protect personal information
Experts have warned that some apps do not adequately protect personal information (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Health apps accredited by the NHS may not be adequately protecting personal information from hackers, a university study has claimed.

Experts in the UK and France subjected 79 health apps listed by the NHS’s ‘Health Apps Library’ to security checks. They found that around a third were sending identifiable information such as passwords and personal details over the internet with no encryption.

Four of the apps were also sending information about health and lifestyle – such as bodyweight – without encryption, leaving it vulnerable to hackers. One in six also sent information to third parties such as advertisers, despite privacy policies not mentioning this could happen.

Kit Huckvale, a PhD researcher in mobile health at Imperial College London, who led the study, said it could not be ruled out that personal information such as bodyweight, entered into an app, could lead to targeted advertising online.

However, he said the greatest risk was of identity theft. “It doesn’t sit within the expectations of privacy that we have in health,” he said.

The researchers, who have not named the apps in question, have alerted NHS Choices, which manages the app library, to their findings. A number of apps are understood to have been removed as a result.

A spokesperson for NHS Choices said: “We were made aware of some issues with some of the featured apps and took action to either remove them or contact the developers to insist they were updated. A new, more thorough NHS endorsement model for apps has begun piloting this month.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in