Assessing and Improving Privacy Practices in eHealth Apps

This project thoroughly investigates privacy issues in eHealth applications. It focuses on understanding user privacy concerns and the complexity of eHealth app privacy policies, specifically how these policies address user concerns. A significant part of the study involves a large-scale analysis of over 5.1 million user reviews from 276 eHealth apps, identifying eight key privacy-related issues, and examining the readability and length of app privacy policies.

The findings reveal that many eHealth app privacy policies are not only difficult to understand but also lengthy, often taking over 15 minutes to read. Common user concerns include scams, trust and safety, permissions, data access and sharing, security, location data, advertisements, and the content of the policies themselves.

In response, recommendations for developers have been proposed to address privacy concerns in app policy formulation. A prototype tool was also developed to aid developers in considering privacy issues when creating app behaviours and policies.

The study highlights a significant disconnect between user concerns and how they are addressed in eHealth app privacy policies, emphasising the need for clearer, more user-friendly policies and a more responsible approach to user data handling by developers. Overall, the project sheds light on the privacy challenges in eHealth apps and suggests practical solutions for improving their privacy and security aspects.

Paper: An Analysis of Privacy Issues and Policies of eHealth Apps

Project lead

Dr Omar Haggag

Project team

Prof John Grundy, Mohamed Abdelrazek (Deakin University)