A recent study by students at Imperial College London has found that some health apps approved by the NHS sent personal data without encryption, thereby leaving users vulnerable to cyber hacking. These apps were meant to be watertight from a security viewpoint and have now been removed from circulation. Some were the more popular health apps in the NHS library focusing on common issues such as weight loss, smoking and drinking.
The students used fake data to mimic genuine usage and found that over a period of several months, some data was sent to linked health service providers without any form of encryption. Additionally, the warnings about the sharing of data in general were found to be unclear and vague.
As the NHS continues to endorse some of these apps – and invest in their development and usage in the future, which is their stated aim – addressing security levels and privacy policies will no doubt be becoming a higher priority.