Abstract
While digital health or mHealth applications (apps) have become accessible resources for the support of personal health, the privacy and security of users' data have been the subject of concern and controversy. As large numbers of mHealth apps are created and are increasingly widely used by people with various health conditions, it is crucial to have clear and valid methods for evaluating the data practices within them. Recent regulatory initiatives such as the European Union's General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) have had the effect of raising awareness and establishing a minimal set of expectations. However, they do not in themselves address the issue of the development of systems which meet privacy and security requirements. There is a growing body of research on evaluation techniques and frameworks to support the assessment of the privacy and security of health apps, and guidelines to support their design. However, it can be challenging to navigate this space and choose appropriate techniques for a given context. Addressing this issue, this paper examines the recent literature on security and privacy of m-Health applications, using a scoping review methodology. It analyses data security and privacy evaluation techniques and frameworks that have been proposed for mHealth applications, as well as relevant research-based design recommendations. This work consolidates recent research on the topic to support researchers, app designers, end users, and healthcare professionals in designing, evaluating, recommending and adopting mHealth applications.
Highlights
There is a growing body of literature that recognises the potential of mobile applications to improve access to healthcare and provide real-time monitoring and self-management of various health conditions [1]–[3]
A systematic search was conducted with the Scopus,1 PubMed, and ProQuest databases on the 6th of August 2019, as these contained papers from conference proceedings and journals most relevant to the areas of mobile health (mHealth) and human computer interaction (HCI), including the main titles of publishers such as ACM,2 IEEE,3 and Journal of Medical Internet Research (JMIR)
Following the methodology proposed by [48] and based on the information provided in the included papers, we describe the frameworks regarding the objectives of security and/or privacy evaluation, target stakeholders, and the phase of the mHealth app lifecycle the evaluation is suggested to be performed at
Summary
There is a growing body of literature that recognises the potential of mobile applications (apps) to improve access to healthcare and provide real-time monitoring and self-management of various health conditions [1]–[3]. MHealth apps have become popular resources for mental health support as an accessible alternative or adjunct to face-to-face therapy [4] They are increasingly widely used, both independently and following the recommendation of health professionals [5]. Control over and be free from intrusion into their private life, as defined by the European Convention on Human Rights and other national laws [11] It should be ensured in digital health services. From a wide range of sources, such as wearable, portable or even implantable devices, digital health products generate large sets of patient data. They circulate it to devices and/or health professionals (who analyse and make sense of the data), creating opportunities for more precise diagnostics and more personalised healthcare delivery
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
