NHS-accredited health apps vulnerable to hacking

A new study has revealed that several NHS-accredited smartphone health apps that store personal data of patients are vulnerable to hacking.

Researchers from Imperial College London found that some apps don’t follow privacy standards and transmit information without encryption.

They investigated how data was protected in the NHS Health Apps Library and identified that unencrypted personal and medical data was sent over the internet.

Researchers tested 79 separate apps listed in the NHS library over a six month period in 2013. They found that 70 sent data over the internet.

Lead researcher Kit Huckvale said: "It is known that apps available through general marketplaces had poor and variable privacy practices, for example, failing to disclose personal data collected and sent to a third party.

"However, it was assumed that accredited apps – those that had been badged as trustworthy by organisational programs such as the UK’s NHS Health Apps Library – would be free of such issues."

The study indicated that the privacy of accredited apps users may have been put at risk unnecessarily.

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up