Abstract

Telehealth apps are growing at a rate faster than regulatory legislation and guidelines can keep pace. As a result, app developers, healthcare providers, and individual app users are left without a clear understanding of the rights and responsibilities of each party involved. Use of Telehealth apps may leave the end users’ personal health information vulnerable. Improper security within the app may leave the app provider and healthcare providers at risk legally. The goal of this paper is to examine the regulatory framework and regulatory guidance which applies to telehealth apps. In addition, a series of three case studies were conducted to examine the prevalence and nature of residual personal health data from these telehealth apps. In two of the three case studies patient health data was recovered through the app in the form of various artifacts.

Share

COinS
 

Risk Analysis of Residual Protected Health Information of Android Telehealth Apps

Telehealth apps are growing at a rate faster than regulatory legislation and guidelines can keep pace. As a result, app developers, healthcare providers, and individual app users are left without a clear understanding of the rights and responsibilities of each party involved. Use of Telehealth apps may leave the end users’ personal health information vulnerable. Improper security within the app may leave the app provider and healthcare providers at risk legally. The goal of this paper is to examine the regulatory framework and regulatory guidance which applies to telehealth apps. In addition, a series of three case studies were conducted to examine the prevalence and nature of residual personal health data from these telehealth apps. In two of the three case studies patient health data was recovered through the app in the form of various artifacts.