As healthcare executives lobby the federal government to legislate how health apps can use patient data (and how to disclose when they’re doing so), the Department of Health and Human Services is moving forward with rules that put the onus on patients.
The challenge is that, even though it’s patients who ultimately hit the download button, they don’t always understand the implications of their actions. For example, Modern Healthcare reports 3.5 million people’s data was exposed in breaches this past June, and according to a Ponemon Institute and Verizon Data Breach Investigations report, the health industry experiences more data breaches than any other sector.
Providers have reason to be concerned, too, says Kelli Garber, MSN, APRN, PPCPN-BC, and lead advanced practice provider and clinical integration specialist at the Medical University of South Carolina’s Center for Telehealth.
“We’re seeing a lot of consumers taking on their own healthcare,” Garber explains. “It’s our responsibility as providers to educate our patients. They’re responsible for entering their info. If they’re going to choose to use a health app, I want to support them in making the best choice possible.”
What’s more, “a number of studies have shown that apps don’t safeguard users data and can collect passwords, contacts, bluetooth and more info unrelated to the purpose of the app,” Garber adds. “There’s evidence that many share this info with third parties without users’ knowledge. I’ve also seen references to medical information being shared, such as X-rays and things, with cybercriminals fraudulently.”
Garber recommends providers take the following steps to help their patients use apps safely:
Advise patients to read the fine print.
- The source of the app: Is it a respected organization you can trust?
- Read reviews: Are they positive? What complaints do users have?
- The app’s creation and updated dates: Is it giving you the most recent information available?
- What info does the app collect?: And what’s the purpose of the info they’re collecting?
Tell patients to only download apps associated with a known healthcare organization.
It’s not enough to only download apps from organizations you recognize because even well-known brands can fall victim to data breaches. Take Target, for example, says Steve Cardinal, manager of security technology at the Medical University of South Carolina.
Garber’s patients most often use apps that pertain to fitness and nutrition, support the management of diabetes (including carb-counting and blood sugar monitoring), track menses, and help parents care for their children. Trusted apps she recommends to patients and fellow providers include:
- LactMed: For information on how drugs or dietary supplements can affect breastfeeding
- CDC STD treatment guide: For info on identifying and treating STDs
- CDC Vaccine schedules: Quick access from CDC to ACIP-recommended immunization schedules, complete with footnotes
- Epocrates and Pedi QuikCalc: For medication dosing and calculations
- Kidsdoc: For answers to medical advice questions that parents often have
Advise patients to ask you or a relevant specialist any questions about app safety.
Healthcare providers’ education empowers them to identify which app creators are trustworthy more easily than lay people, Garber says. So tell patients to ask a provider when in doubt about a specific app.
Become educated about the most reliable apps for your specialty.
Because there are some 325,000 health apps on the market, as a provider, you can’t expect yourself to assess the safety of every single one. Instead, Garber recommends “identifying a handful of apps in [your] specialty that [you] feel are vetted and reliable to share with patients. That should be the best of all worlds.”
When assessing apps for your patients, in addition to looking at the source and how their data will be used, Garber advises fellow providers to consider patients’ backgrounds, as well.
“The right app depends on the population you’re serving,” she explains. “Think about their health literacy, access to mobile devices and condition specifics. Make sure the app is suited to that individual family based on the whole picture.”
June-reported healthcare breaches exposed 3.5 million people’s data, Modern Healthcare.
Last updated on 10/9/19.