News today has highlighted some serious flaws in the security of data with many of the NHS accredited smartphone health apps. In a study by researchers in London, many of the apps that sit within NHS England’s Apps Library failed against basic security standards.
Flaws included flouted privacy standards and sending data without encrypting it. According to the study, 23 out of a total of 70 apps sent data without encryption, which could result in sensitive and identifiable patient information falling into the hands of the wrong person, leading to ID theft or fraud. What’s more, the study also found issues with the accuracy of apps. One in particular, a dermatology app used to identify pre-cancerous moles was found to be just 10 percent accurate.
Whilst such information is worrying, hopefully the news reinforces the urgency to NHS England that creating a new, secure model for digital health apps can’t be left in the shadows for much longer. It was only a few weeks ago that Jeremy Hunt said how it almost seems wrong that we use the internet for shopping, holidaying and banking yet health is lagging behind despite it being more important. Consumers are driving the demand for the NHS to embrace technology but as this story highlights, their pace in which they’re going about it is somewhat slow.
Primarily, NHS England needs to take the lead on this. A revised and thorough endorsement programme needs to be implemented with set standards and architecture for others to follow. The concept of an endorsed app programme is powerful but the set-up needs governance and leadership with structured criteria as to what is and not acceptable. Data governance and ensuring patient data is securely safeguarded is a key priority when it comes to digital health, yet it’s only one part of the mix. Clinical backing, interoperability into clinical systems, ease of use, robust evidence, free at the point of use and bridging the digital divide are just some of the standards to be considered.
Richard Quine, our Product Director at Inhealthcare sums this up quite nicely on a blog he wrote for NHS Health Call quite recently. The study also cites the researcher’s own recommendations including educating patients and boosting app literacy, creating an app safety consortium, putting them under government regulation, enforcing external validation by third parties and ensuring they pass a medical review. Whatever the right answers are, one thing is certainly clear; something needs to be done almost immediately.
The concept of an endorsed app programme has real potential and the need for it has never been more so than now but without rules, apps like these are unfortunately going to fall through the net. NHS England needs to take the driving seat on this one so let’s hope this ‘scare’ is the nudge needed to get things moving in the right direction.
If you’ve got any other thoughts, I’d very much like to hear them.