Background: With the development of mobile health (mHealth), chronic disease management apps have brought not only the possibility of reducing the burden of chronic diseases but also huge privacy risks to patients’ health data.
Objective: The purpose of the study was to analyze the extent to which chronic disease management apps in China comply with the Personal Information Security Specification (PI Specification).
Methods: The compliance of 45 popular chronic disease management apps was evaluated from the perspective of the information life cycle. To conduct a fine-grained evaluation, a scale based on the PI Specification was developed. Finally, 6 level 1 indicators, 22 level 2 indicators, and 61 level 3 indicators were defined.
Chronic diseases, such as diabetes and hypertension, are a major global health issue affecting many countries . Fortunately, the booming of mobile health (mHealth) offers opportunities for chronic diseases prevention, treatment, and daily self-management. The health benefits of mHealth interventions for patients with chronic diseases have been demonstrated [ ]; mHealth apps can be used to collect and monitor health data [ , ], promote and support self-management [ , ], and provide medication and appointment reminders [ ]. Different from other types of mHealth apps, such as online registration and online consultation, chronic disease management apps allow individuals to generate large quantities of data about their lifestyle, introducing risks to the security and privacy of patient data.
As for the evaluation criteria, various standards were used to evaluate the privacy of mHealth apps. Most papers established evaluation indicators based on the existing literature [, ] or authors’ criteria [ - ]. The most common items in the evaluation criteria included stating processing purposes, determining the recipient of personal data, the existence of the data rights of the individuals, and the existence of privacy policies. Although a few papers on the privacy assessment of mHealth apps were based on laws or regulations, such as General Data Protection Regulation (GDPR), Fair Information Practices (FIPS) [ , ], some of them proposed a set of items to check the compliance of laws or regulations [ , ].
Considering the popularity of Android in China , this study investigated mHealth apps in Android app stores. The top 4 Android app stores were selected, which accounts for 61.0% of the Chinese Android market [ ], including Tencent My App (26.0%) [ ], Huawei App Market (15.1%) [ ], Oppo Software Store (10.2%) [ ], and 360 Mobile Assistant (9.7%) [ ]. The apps returned by queries for “noncommunicable diseases,” “chronic disease,” “diabetes,” “blood pressure,” “hypertension,” “heart disease,” “kidney,” “cardiovascular,” “asthma,” “respiratory disease,” or “cancer” were included in the set of chronic diseases management apps.
This search was conducted on October 2, 2020. Our sample was filtered based on the title and description in the app stores. The app met inclusion criteria if it (1) was in Chinese; (2) required the input of PI over time; (3) had the general public as its target user group rather than clinicians; and (4) had over 100,000 downloads. The authors saved all privacy policies as text files and recorded the downloads, update time, and disease category.
Scale Development and Scoring
The level 1 and level 2 evaluation indicators are shown in. Level 3 evaluation indicators for privacy policies are listed in . Based on the information life cycle, 6 level 1 indicators were developed, including information collection and use, information storage and protection, information sharing and transfer, information destruction, general characteristics of privacy policies, and rights of PI subjects. There are 22 items on level 2 indicators and 61 items on level 3 indicators. For each level 3 indicator, a brief explanation, example sentences, and corresponding clauses of PI Specification are listed in .
Initially, 2 raters (ZN and YW) independently reviewed 21% (7/33) of randomly selected apps to assess the level of agreement; the Kappa-Cohen Index was 0.87, which denoted an almost perfect agreement. Then, 2 raters (ZN and YW) discussed indicators with inconsistent scores, and each rater analyzed half of the remaining apps after the standard was unified.
Level 1 and level 2 evaluation indicators for privacy policies.
1. General characteristics
- App scope
- Policy disclosure
- Policy updates
2. Information collection and use
- Information collection and usage rules for business functions
- Personal sensitive information
3. Information storage and protection
- Storage security
- The handling of security incidents
4. Information sharing and transfer
- Entrusted processing
- Sharing of PI
- Transfer of PI
- Public disclosure of PI
- Cross-border transmission
5. Information destruction
- Storage time limit
- Data deletion and anonymization
6. Rights of PI subjects
The basic characteristics of these apps are presented in. The types of chronic diseases targeted by apps mainly include diabetes (11/45, 24%), hypertension (4/45, 9%), heart disease (4/45, 9%), cancer (2/45, 4%), and comprehensive chronic disease management (19/45,42%). The comprehensive chronic disease management app referred to providing users with long-term, multifaceted chronic disease prevention and treatment services that were not targeted at specific chronic disease. Besides, it included a small number of apps for other types of chronic diseases (5/45, 11%), such as asthma, chronic kidney disease, and chronic skeletal muscle diseases. Most apps (30/45, 67%) had between 100,000 and 1,000,000 downloads; 73% (33/45) of apps were updated in 2020.
|Category||Count, n (%)|
|Heart disease||4 (9)|
The average score of 33 apps was 40.4 out of 100, and the degree of dispersion was very high (SD 31.2). The evaluation results on level 1 indicators of privacy policies are presented in. The most complied-with items in level 1 indicators were the following: general characteristics (mean 51.9% [SD 28.1%]), information collection and use (mean 51.1% [SD 36.7%]), and information sharing and transfer (mean 50.3% [SD 33.5%]). However, some indicators had a low degree of overall compliance, such as information storage and protection (mean 29.4% [SD 32.4%]), information destruction (mean 31.8% [SD 40.0%]), and rights of PI subjects (mean 31.2% [SD 35.5%]). The name and evaluation results of each app are listed in .
The scoring rate for level 2 indicators ranged from 15.2% to 75.8%, with an average of 40.4%. We visualized the evaluation results with bar graphs, in which the color of bars indicates the scoring rate of level 2 indicators (the value in parentheses) and the length of bars indicates the scoring rate of level 3 indicators.
Compliance evaluation results in the stage of information collection and use, and the stage of information storage and protection are presented in. In the information collection and use stage, the scoring rate of all level 2 indicators reached the average, and the overall compliance degree was relatively high. Because the research object of this article was chronic disease management apps, all apps in this research involved the collection and processing of personally sensitive information. However, in terms of personal sensitive information, only 30% (10/33) of apps marked personal sensitive information prominently.
Although the compliance level of storage security was close to the average (38%), most apps (28/33, 85%) did not inform PI subjects the security agreement they followed and the certification they obtained. The compliance level of the handling of security incidents (18%) was far below the average. Among the 33 apps, only 1 app (3%) promised to bear corresponding responsibilities if a security incident occurred. In addition, no more than one-third of apps described how to inform PI subjects after a security incident (10/33, 30%), and whether they would report it truthfully to government organizations (7/33, 21%).
Compliance evaluation results in the stage of information sharing and transfer, and the stage of information destruction are shown in. Only 24% (8/33) of apps informed the type of shared information and 33% (11/33) of apps informed the security measures taken before sharing, such as anonymization or deidentification. Entrusted processing scored low; only 27% (9/33) of apps stated that they would supervise the entrusted party by establishing the third-party’s responsibilities and duties through contract or other such means. The 2 level 2 indicators of the information destruction stage, namely, storage time limit (35%) and data deletion and anonymization (29%), were all lower than the average scoring rate. Especially if PI subjects request to delete user data, only 21% (7/33) of apps would notify third parties to promptly delete their PI.
Most privacy policies had a low scoring rate for the indicators related to rights of PI subjects (), especially the right to obtain a copy of PI, which was only 15% (5/33). Scores for level 2 indicators such as complaint management (29%) and responding to requests (26%) were far below the average, which meant that most apps did not pay attention to the handling of user requests and complaints.
In this study, we proposed a scale based on PI Specification 2020 for assessing the compliance of China’s chronic disease apps privacy policies from various stages of the information life cycle. Fu and Zhao  analyzed the privacy policies of 20 mHealth apps in China based on PI Specification 2017. In their study, the privacy policies were analyzed from 6 aspects, including information collection, cookies and other related technologies, PI storage and protection, PI sharing, PI processing rights, and minor information protection. However, their study did not conduct a fine-grained quantitative analysis and evaluation of each item and it could not reveal the app’s compliance with specific articles in PI Specification. In this paper, 6 level 1 indicators, 22 level 2 indicators, and 61 level 3 indicators were defined and a fine-grained evaluation was conducted. PI controllers and subjects can use the scale to obtain a percentual score that defines the compliance of privacy policies.
Regarding scores, only 39% (13/33) of apps in our sample had a score greater than or equal to 40 points, with an average score of 40.4 out of 100 (SD 31.2), which indicated that the majority of chronic disease management apps in China had low compliance with PI Specification 2020. This result is consistent with the prior finding by Fu and Zhao , who determined that most mHealth apps in China did not meet the requirements of PI Specification. Benjumea et al [ ] analyzed the privacy policies of 31 cancer Android apps from the Google Play website (Spanish version) and obtained an average score of 50.5 points; in Hutton et al [ ], the average score for 64 self-tracking mHealth apps from Google Play was 46.2% (SD 24.3%). These differences might also be the result of different mHealth app types, evaluation scales, and even normative background (Hutton et al [ ] refer to GDPR, FIPS, and usability, whereas Benjumea et al [ ] refer to GDPR). What we compared is the degree to which apps complied with local laws or regulations, rather than the degree to which they protected the privacy of users. Thus, according to the evaluation results, the compliance of chronic disease management apps in China Android app stores might be slightly lower than that of mHealth apps in Google Play.
In the stage of information collection and use, 64% (21/33) of apps stated the purpose of collecting and using PI, which was in line with the result (61%) of Hutton et al ; 52% (17/33) of apps described the impact of refusal to provide PI, which was far higher than the result (27%) of Benjumea et al [ ]. According to PI Specification Article 5.5, if the app involves the collection of personal sensitive information, the PI controller should clearly mark or highlight the information. However, only 30% (10/33) of apps prominently marked personal sensitive information in their privacy policies.
Among the stages of the information life cycle, the stage of information storage and protection had the lowest compliance with PI Specification. According to Zhou et al , most users did have concerns about their privacy when using mHealth apps and expected the apps to take a variety of security measures, such as regular password updates, remote wipe, user consent, and access control. However, according to our assessment, approximately two-thirds of chronic disease management apps lacked the description of security measures in the level of organization management. Concerningly, only few PI controllers (18%) have stated how to handle security incidents, such as security incident reporting, security incident notification, and commitment to bear corresponding legal responsibility for PI security incidents.
The timely destruction of PI is essential to the privacy of patients. Few privacy policies complied with PI Specification in terms of the storage time limit (35%) and the deletion or anonymization of PI after account cancellation (29%). One noteworthy point here was that only 21% (7/33) of chronic disease management apps would notify third parties to promptly delete PI after PI subjects cancelled their accounts. According to PI Specification , the PI retention period should be the shortest time needed to achieve the purpose (Article 6.1); after the retention period is exceeded or the account is cancelled, PI controllers should carry out data deletion or anonymization (Article 6.1, Article 8.5). Judging from the assessment results of this study, the performance of apps in the stage of information destruction was far from reaching the requirements of PI Specification.
The scoring rate for rights of PI subjects is generally low, especially for obtaining copies of PI (15%) and responding to requests (25%), which was consistent with a previous study . Furthermore, during our evaluation, we noticed that compared with the description of rights of PI subjects, the scoring rate of how to exercise rights of PI subjects is usually lower. For example, 48% (16/33) of apps stated the right of PI inquiry, whereas only 36% (12/33) of apps provided methods to inquire PI. These findings demonstrated that most Android chronic disease management apps in China can hardly guarantee the exercise of patients’ rights.
Implications and Recommendations
The contributions of this study are threefold. First, we developed a new scale based on PI Specification. From the perspective of information life cycle management, the compliance of privacy policies can be evaluated systematically, and the scale can be generalizable to other kinds of apps in China. Based on our scale, app operators can also conduct a fine-grained self-assessment of their app privacy policies. Second, through the analysis of privacy policies, physicians and patients could better understand what information patients provide to the app companies and the potential risk of providing this information to non–health care providers, especially in terms of information storage and protection. Moreover, we investigated and assessed the current state of practice in chronic disease management apps regarding the protection of health-related data. The indicators in this paper were based on the PI Specification 2020, and findings presented in this article could provide insights into the implementation of the new specification in China. Personal health information is highly sensitive and the leakage of daily health data may cause negative effects . In this regard, we would like to make the following recommendations:
This work was supported by the National Natural Science Foundation of China (Grant nos. 71661167007, 71420107026).
Conflicts of Interest
Evaluation indicators for privacy policies.DOCX File , 25 KB
Evaluation guide.XLSX File (Microsoft Excel File), 22 KB
List of mHealth apps names and evaluation results.XLSX File (Microsoft Excel File), 13 KB
- World Health Organization. Noncommunicable diseases: Secondary Noncommunicable diseases. 2018 Jun 1. URL: https://www.who.int/news-room/fact-sheets/detail/noncommunicable-diseases [accessed 2020-12-21]
- Triantafyllidis A, Kondylakis H, Votis K, Tzovaras D, Maglaveras N, Rahimi K. Features, outcomes, and challenges in mobile health interventions for patients living with chronic diseases: A review of systematic reviews. Int J Med Inform 2019 Dec;132:103984. [CrossRef] [Medline]
- Aubourg T, Demongeot J, Provost H, Vuillerme N. Circadian Rhythms in the Telephone Calls of Older Adults: Observational Descriptive Study. JMIR Mhealth Uhealth 2020 Feb 25;8(2):e12452 [FREE Full text] [CrossRef] [Medline]
- Huang R, Liu N, Nicdao M, Mikaheal M, Baldacchino T, Albeos A, et al. Emotion sharing in remote patient monitoring of patients with chronic kidney disease. J Am Med Inform Assoc 2020 Feb 01;27(2):185-193 [FREE Full text] [CrossRef] [Medline]
- Korpershoek YJG, Hermsen S, Schoonhoven L, Schuurmans MJ, Trappenburg JCA. User-Centered Design of a Mobile Health Intervention to Enhance Exacerbation-Related Self-Management in Patients With Chronic Obstructive Pulmonary Disease (Copilot): Mixed Methods Study. J Med Internet Res 2020 Jun 15;22(6):e15449 [FREE Full text] [CrossRef] [Medline]
- Slater H, Stinson JN, Jordan JE, Chua J, Low B, Lalloo C, et al. Evaluation of Digital Technologies Tailored to Support Young People's Self-Management of Musculoskeletal Pain: Mixed Methods Study. J Med Internet Res 2020 Jun 05;22(6):e18315 [FREE Full text] [CrossRef] [Medline]
- Tabi K, Randhawa AS, Choi F, Mithani Z, Albers F, Schnieder M, et al. Mobile Apps for Medication Management: Review and Analysis. JMIR Mhealth Uhealth 2019 Sep 11;7(9):e13608 [FREE Full text] [CrossRef] [Medline]
- Kotz D. A threat taxonomy for mHealth privacy. New York, NY: IEEE; 2011 Presented at: 2011 Third International Conference on Communication Systems and Networks (COMSNETS 2011); January 4-8, 2011; Bangalore, Karnataka, India p. 1-6. [CrossRef]
- Atienza AA, Zarcadoolas C, Vaughon W, Hughes P, Patel V, Chou WS, et al. Consumer Attitudes and Perceptions on mHealth Privacy and Security: Findings From a Mixed-Methods Study. J Health Commun 2015;20(6):673-679. [CrossRef] [Medline]
- Peng W, Kanthawala S, Yuan S, Hussain SA. A qualitative study of user perceptions of mobile health apps. BMC Public Health 2016 Nov 14;16(1):1158 [FREE Full text] [CrossRef] [Medline]
- Zhou L, Bao J, Watzlaf V, Parmanto B. Barriers to and Facilitators of the Use of Mobile Health Apps From a Security Perspective: Mixed-Methods Study. JMIR Mhealth Uhealth 2019 Apr 16;7(4):e11223 [FREE Full text] [CrossRef] [Medline]
- Quevedo Rodríguez A, Wägner AM. Mobile phone applications for diabetes management: A systematic review. Endocrinol Diabetes Nutr 2019 May;66(5):330-337. [CrossRef] [Medline]
- Leigh S, Ouyang J, Mimnagh C. Effective? Engaging? Secure? Applying the ORCHA-24 framework to evaluate apps for chronic insomnia disorder. Evid Based Ment Health 2017 Nov;20(4):e20. [CrossRef] [Medline]
- Powell AC, Singh P, Torous J. The Complexity of Mental Health App Privacy Policies: A Potential Barrier to Privacy. JMIR Mhealth Uhealth 2018 Jul 30;6(7):e158 [FREE Full text] [CrossRef] [Medline]
- Knorr K, Aspinall D, Wolters M. On the Privacy, Security and Safety of Blood Pressure and Diabetes Apps. In: ICT Systems Security and Privacy Protection. SEC 2015. IFIP Advances in Information and Communication Technology (Vol. 455). Cham: Springer; 2015 Presented at: SEC 2015: 30th IFIP TC 11 International Conference; May 26-28, 2015; Hamburg, Germany p. 571-584. [CrossRef]
- Huckvale K, Torous J, Larsen ME. Assessment of the Data Sharing and Privacy Practices of Smartphone Apps for Depression and Smoking Cessation. JAMA Netw Open 2019 Apr 05;2(4):e192542 [FREE Full text] [CrossRef] [Medline]
- Bachiri M, Idri A, Fernández-Alemán JL, Toval A. Evaluating the Privacy Policies of Mobile Personal Health Records for Pregnancy Monitoring. J Med Syst 2018 Jun 29;42(8):144. [CrossRef] [Medline]
- Papageorgiou A, Strigkos M, Politou E, Alepis E, Solanas A, Patsakis C. Security and Privacy Analysis of Mobile Health Applications: The Alarming State of Practice. IEEE Access 2018;6:9390-9403. [CrossRef]
- Minen MT, Stieglitz EJ, Sciortino R, Torous J. Privacy Issues in Smartphone Applications: An Analysis of Headache/Migraine Applications. Headache 2018 Jul;58(7):1014-1027 [FREE Full text] [CrossRef] [Medline]
- Benjumea J, Ropero J, Rivera-Romero O, Dorronzoro-Zubiete E, Carrasco A. Privacy Assessment in Mobile Health Apps: Scoping Review. JMIR Mhealth Uhealth 2020 Jul 02;8(7):e18868 [FREE Full text] [CrossRef] [Medline]
- Hutton L, Price BA, Kelly R, McCormick C, Bandara AK, Hatzakis T, et al. Assessing the Privacy of mHealth Apps for Self-Tracking: Heuristic Evaluation Approach. JMIR Mhealth Uhealth 2018 Oct 22;6(10):e185 [FREE Full text] [CrossRef] [Medline]
- Benjumea J, Ropero J, Rivera-Romero O, Dorronzoro-Zubiete E, Carrasco A. Assessment of the Fairness of Privacy Policies of Mobile Health Apps: Scale Development and Evaluation in Cancer Apps. JMIR Mhealth Uhealth 2020 Jul 28;8(7):e17134 [FREE Full text] [CrossRef] [Medline]
- National Information Security Standardization Technical Committee. Information security technology: Personal information security specification (GB/t 35273-2020). 2020. URL: https://www.chinesestandard.net/PDF/English.aspx/GBT35273-2020 [accessed 2020-12-21]
- China Internet Network Information Center. Statistical Report on China Internet Development: Secondary Statistical Report on China Internet Development. 2020 Apr 28. URL: http://www.cac.gov.cn/2020-04/27/c_1589535470378587.htm [accessed 2020-12-21]
- AppInChina. The AppInChina App Store Index. 2020 Jul 8. URL: https://www.appinchina.co/market/app-stores/ [accessed 2020-12-21]
- Tencent. Tencent My App. URL: https://android.myapp.com/ [accessed 2020-12-21]
- Huawei. Huawei App Market. URL: http://app.hicloud.com/ [accessed 2020-12-21]
- BBK Electronics. Oppo Software Store. URL: https://store.oppomobile.com/ [accessed 2020-12-21]
- Qihoo 360. 360 Mobile Assistant. URL: http://zhushou.360.cn/ [accessed 2020-12-21]
- Fu S, Zhao A. Research on user privacy protection policies of health apps - based on information security technology - personal information security specification [in Chinese]. Libr Tribune 2019;39(12):109-118.
- Huang Z, Lum E, Car J. Medication Management Apps for Diabetes: Systematic Assessment of the Transparency and Reliability of Health Information Dissemination. JMIR Mhealth Uhealth 2020 Feb 19;8(2):e15364 [FREE Full text] [CrossRef] [Medline]
- Robillard JM, Feng TL, Sporn AB, Lai J, Lo C, Ta M, et al. Availability, readability, and content of privacy policies and terms of agreements of mental health apps. Internet Interv 2019 Sep;17:100243 [FREE Full text] [CrossRef] [Medline]
- Das G, Cheung C, Nebeker C, Bietz M, Bloss C. Privacy Policies for Apps Targeted Toward Youth: Descriptive Analysis of Readability. JMIR Mhealth Uhealth 2018 Jan 04;6(1):e3 [FREE Full text] [CrossRef] [Medline]
- The National People's Congress of the People's Republic of China. The draft of personal information protection law and other draft laws are open for comments. URL: http://www.npc.gov.cn/npc/c30834/202010/9f67b926535948719c2a0b0220dce9ed.shtml [accessed 2020-12-21]
|FIPS: Fair Information Practices|
|GDPR: General Data Protection Regulation|
|mHealth: mobile Health|
|PI: personal information|
|PI Specification: Information Security Technology–Personal Information Security Specification (GB/t 35273-2020)|
Edited by L Buis; submitted 11.08.20; peer-reviewed by J Benjumea, S Lalla-Edward; comments to author 18.09.20; revised version received 10.11.20; accepted 02.12.20; published 28.01.21Copyright
©Zhenni Ni, Yiying Wang, Yuxing Qian. Originally published in JMIR mHealth and uHealth (http://mhealth.jmir.org), 28.01.2021.
This is an open-access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work, first published in JMIR mHealth and uHealth, is properly cited. The complete bibliographic information, a link to the original publication on http://mhealth.jmir.org/, as well as this copyright and license information must be included.