Health IT Pulse

Dec 22 2010   12:00AM GMT

HIPAA alert for smartphone app developers, users in health care

Don Fluckinger Profile: Don Fluckinger

mobile health

With its iPhone and iPad, Apple Inc. might be winning the battle for physician mind share for smartphones and tablets for a good reason: While it touts “user experience” as a major reason it vets software before it can be offered via its App Store, Apple also might be helping screen apps for potential Health Insurance Privacy and Accountability Act (HIPAA) violations.

A report in The Wall Street Journal earlier this week looked at Apple iOS apps versus Google Android smartphone apps, and detailed the deep data that some ad networks glean from app users — from where they live to tracking their current location.

Another Journal article examined TheFind, a shopping app that offers location-sensitive sale information from retailers hoping to part shoppers from their money. Android apps are policed less than Apple apps and potentially can gather more data on the phone user, but iPhone apps can track broad groups of users and serve ads based on that intel. Apple has sent signals that it may be planning to track more individual data in the future, as Android apps do now.

What does this mean for health care? Considering HIPAA regulations, IT leaders in facilities developing their own apps would be well-advised to examine the intentions of their developers closely, and to make sure business associate agreements prevent data mining that potentially could violate HIPAA regulations — including recent additions to the rule in which the Federal Trade Commission outlaws some kinds of patient marketing.

Furthermore, physicians who see patients using consumer apps on their smartphones might do well to encourage them to understand what’s being done with their data on the back end as a self-defense against sharing one’s personal information with parties more interested in making a buck than in the individual’s actual health.

For instance, to apply an example we’re heard HIPAA experts use in conference presentations: No patient wants to think about the marketing process leading to an ad for a particular brand of prescription drug getting served to his phone while using a consumer health app (How does my phone know I have diabetes? Or arthritis? Or erectile dysfunction?) — or a hospital oriented service such as access to a personal health record. In this brave new world of mHealth apps, it’s time to start questioning how those feeds find their marks.

It’s one thing to have an app find the best local deal on a flat-screen television; it’s quite another to influence health decisions based on behavioral data collected by shrewd marketers.

7  Comments on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Jenny Laurello
    #HIPAA alert for smartphone app developers- Apple might be winning battle for physician mind share, and for good reason
    0 pointsBadges:
  • SearchHealthIT
    #Smartphone apps are tracking consumer data, which raises #HIPAA red flags for #healthcare use #mhealth #healthIT
    0 pointsBadges:
  • Jenny Laurello
    RT @SearchHealthIT: #Smartphone apps are tracking consumer data, which raises #HIPAA red flags for #healthcare #mHealth
    0 pointsBadges:
  • CareCloud
    RT @SearchHealthIT: #Smartphone apps are tracking consumer data, which raises #HIPAA red flags for #healthcare use ...
    0 pointsBadges:
  • RWJF Pioneer
    Security's important for #mhealth, but it shouldn't impede operability:
    0 pointsBadges:
  • Project HealthDesign
    Security, operability both important in #mhealth apps: #PHA / via @pioneerrwjf
    0 pointsBadges:
  • Donald Childs
    HIPPA alert for smartphone app developers, users in health care - Health IT Exchange
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: