| 19.8°C Belfast

Health apps approved by NHS 'may put users at risk of identity theft'

Close

Graham Johnson came forward to police and confessed to hacking phones

Graham Johnson came forward to police and confessed to hacking phones

Graham Johnson came forward to police and confessed to hacking phones

Health apps accredited by the NHS may not be adequately protecting personal information from hackers, a university study has claimed.

Experts in the UK and France subjected 79 health apps listed by the NHS’s ‘Health Apps Library’ to security checks. They found that around a third were sending identifiable information such as passwords and personal details over the internet with no encryption.

Four of the apps were also sending information about health and lifestyle – such as bodyweight – without encryption, leaving it vulnerable to hackers. One in six also sent information to third parties such as advertisers, despite privacy policies not mentioning this could happen.

Kit Huckvale, a PhD researcher in mobile health at Imperial College London, who led the study, said it could not be ruled out that personal information such as bodyweight, entered into an app, could lead to targeted advertising online.

However, he said the greatest risk was of identity theft. “It doesn’t sit within the expectations of privacy that we have in health,” he said.

The researchers, who have not named the apps in question, have alerted NHS Choices, which manages the app library, to their findings. A number of apps are understood to have been removed as a result.

A spokesperson for NHS Choices said: “We were made aware of some issues with some of the featured apps and took action to either remove them or contact the developers to insist they were updated.  A new, more thorough NHS endorsement model for apps has begun piloting this month.”

Weekly Business Digest

Margaret Canning’s selection of the must-read business stories straight to your inbox every Tuesday morning

This field is required

Independent


Privacy