Privacy Issues in Headache and Migraine Smartphone Applications

Many headache smartphone applications or “apps” share information with third parties, more than half of which have privacy policies stating that the shared data will be used to serve targeted advertisements from third parties, according to a study published in Headache.

A search conducted in the summer of 2017 identified 29 smartphone apps pertinent to the study, 14 of which were diary apps and 15 of which were relaxation apps. The relaxation apps were found to request little to no input from users, and therefore did not have much personal information to potentially share. Of the 15 relaxation apps, 11 apps (73%) had privacy policies.

In contrast, the 14 headache diary apps required extensive direct input from users, 11 of which (79%) had visible privacy policies, none of which disclaimed sharing data with third parties. Four of the 11 apps with visible privacy policies (36%) allowed users to share their headache diary directly with healthcare providers. Only 7 of 11 apps with privacy (64%) had information on reasons for sharing data, with 6 apps (55%) explicitly stating that use of the app implied an authorization to share data with third parties for the purposes of advertising, marketing, or promotions.

Study investigators conclude that “headache apps could potentially share information with third parties, posing privacy risks because there are few legal protections against the sale or disclosure of data from non-[Health Insurance Portability and Accountability Act] (or non-[Children’s Online Privacy Protection Act]) regulated medical apps to third parties.”

Reference

Minen MT, Stieglitz EJ, Sciortino R, Torous J. Privacy Issues in Smartphone Applications: An Analysis of Headache/Migraine Applications [published online July 4, 2018]. Headache. doi: 10.1111/head.13341