mHealth Applications

FTC, HHS Update Mobile Health App Data Privacy Compliance Tool

December 8, 2022 - The Federal Trade Commission (FTC) and HHS updated their Mobile Health App Interactive Tool, designed to help mobile health app developers understand which data privacy laws apply to their apps. The FTC collaborated with the HHS Office for Civil Rights (OCR), the HHS Office of the National Coordinator for Health Information Technology (ONC), and...


More Articles

Analysis of Addiction Treatment mHealth Sites Highlights Data Privacy Risks

by Jill McKeon

An analysis of a dozen opioid use disorder (OUD) treatment and recovery websites revealed significant data privacy concerns and a need for stronger legal protections for addiction treatment data, a...

House Panel Probes Health Apps to Protect Reproductive Health Data Privacy

by Jill McKeon

The House Committee on Oversight and Reform sent letters to five data brokers and five health apps as part of an investigation into their reproductive health data privacy practices. Led by Rep. Carolyn...

New Framework Helps Healthcare Assess Privacy, Security of Digital Health Apps

by Jill McKeon

The American College of Physicians (ACP), the American Telemedicine Association (ATA), and other industry leaders released a new framework to help providers and patients assess the...

EHI Provides Guidance for Protecting non-HIPAA-Covered Health Data

by Jill McKeon

Executives for Health Innovation (EHI) released a report with guidance for protecting non-HIPAA-covered health data held by health tech companies. In the report, EHI advocated for the adoption of...

AMA Encourages Health App Developers to Implement “Privacy by Design”

by Jill McKeon

The American Medical Association (AMA) released a guide on data governance and equitable digital health data collection for health app developers to reference as they navigate the new age of health...

FTC: Health Apps Must Comply with Health Breach Notification Rule

by Jill McKeon

The Federal Trade Commission (FTC) issued a policy statement emphasizing that health apps and connected device companies must comply with the Health Breach Notification Rule. The rule requires vendors...

What Data Privacy Risks Are Associated with Mobile Health Apps?

by Jill McKeon

In an analysis of over 20,000 mobile health (mHealth) apps available in the Google Play marketplace, researchers found that 88 percent contained code that had the ability to collect user data,...

PA Health Dept Sued; Investigation Looms, After Contact Tracing Breach

by Jessica Davis

The Pennsylvania Department of Health and its third-party contractor Insight Global have been sued, after reports that its COVID-19 contact tracing app exposed the sensitive data of at least 72,000...

Congress Urges FTC Crackdown on Health Apps Via Breach Notice Rule

by Jessica Davis

A group of three Congressional members from New Jersey are urging the Federal Trade Commission to utilize its Health Breach Notification Rule to crack down on mobile health apps that share personal...

CDT, eHI Share Proposed Consumer Health Data Privacy Framework

by Jessica Davis

The Center for Democracy & Technology and the eHealth Initiative & Foundation (eHI) released a newly proposed consumer health data privacy framework, which aims to better secure the privacy of...

30 Popular mHealth Apps Vulnerable to API Attacks, Posing PHI Risk

by Jessica Davis

The 30 most popular mHealth apps are highly vulnerable to API cyberattacks, which could enable unauthorized access to full patient records, such as protected health information and personally...

Fertility App Premom Sued Over Alleged Data Sharing with China

by Jessica Davis

Easy Healthcare Corp., the owner of fertility app Premom, is being sued by an app user, over claims the company shared personal data with third-party data collection firms in China -- without user...

OCR Lifts HIPAA Penalties for Use of COVID-19 Vaccine Scheduling Apps

by Jessica Davis

The Office for Civil Rights announced another enforcement discretion amid the pandemic, lifting penalties for potential HIPAA violations related to the good faith use of online or web-based scheduling...

COVID-19 Vaccine Distribution Spurs 51% Rise in Health Web App Attacks

by Jessica Davis

Cyberattacks on web applications tied to the healthcare sector increased by 51 percent, since the start of COVID-19 vaccine distribution in December, according to a new report from Imperva Research...

COVID-19 Sites Plagued with Third-Party Tracking, Posing Privacy Risk

by Jessica Davis

Nearly all webpages tied to the COVID-19 pandemic and designed to help individuals find information about the coronavirus contain code that transfers data to third parties, which can pose serious...

Patients Vastly Unaware of Insurers’ Access to Online Health Data

by Jessica Davis

Just one in 10 American patients believe health insurance companies have access to their personal spending and streaming habits, although reports have shown insurers routinely search private and public...

OCR Updates HIPAA Resource for mHealth Apps, Cloud Computing

by Jessica Davis

The Department of Health and Human Services Office for Civil Rights updated and renamed its former Health App Developer Portal as a HIPAA resource page for mobile health apps, APIs, and...

RWJF, Manatt Share Consumer Health Data Privacy Framework

by Jessica Davis

The Robert Wood Johnson Foundation and Manatt Health recently released a consumer Health Data Privacy Framework designed to address some of the gaps in existing health data privacy...

Breach of Telehealth App Babylon Health Raises Privacy Concerns

by Jessica Davis

UK-Based telehealth app Babylon Health recently experienced a breach of its general practitioner platform, where users were able to access videos from other patients’ appointments, first reported...