Grindrod Kelly, Boersema Jonathan, Waked Khrystine, Smith Vivian, Yang Jilan, Gebotys Catherine
School of Pharmacy (Grindrod, Boersema, Waked, Yang), University of Waterloo, Waterloo, Ontario.
Can Pharm J (Ott). 2016 Dec 6;150(1):60-66. doi: 10.1177/1715163516680226. eCollection 2017 Jan-Feb.
To explore the privacy and security of free medication applications (apps) available to Canadian consumers.
The authors searched the Canadian iTunes store for iOS apps and the Canadian Google Play store for Android apps related to medication use and management. Using an Apple iPad Air 2 and a Google Nexus 7 tablet, 2 reviewers generated a list of apps that met the following inclusion criteria: free, available in English, intended for consumer use and related to medication management. Using a standard data collection form, 2 reviewers independently coded each app for the presence/absence of passwords, the storage of personal health information, a privacy statement, encryption, remote wipe and third-party sharing. A Cohen's Kappa statistic was used to measure interrater agreement.
Of the 184 apps evaluated, 70.1% had no password protection or sign-in system. Personal information, including name, date of birth and gender, was requested by 41.8% (77/184) of apps. Contact information, such as address, phone number and email, was requested by 25% (46/184) of apps. Finally, personal health information, other than medication name, was requested by 89.1% (164/184) of apps. Only 34.2% (63/184) of apps had a privacy policy in place.
Most free medication apps offer very limited authentication and privacy protocols. As a result, the onus currently falls on patients to input information in these apps selectively and to be aware of the potential privacy issues. Until more secure systems are built, health care practitioners cannot fully support patients wanting to use such apps.
探讨加拿大消费者可使用的免费药物应用程序(应用)的隐私与安全情况。
作者在加拿大iTunes商店搜索与药物使用和管理相关的iOS应用,并在加拿大谷歌Play商店搜索安卓应用。使用一台苹果iPad Air 2和一台谷歌Nexus 7平板电脑,两名评审员生成了一份符合以下纳入标准的应用列表:免费、英文可用、面向消费者使用且与药物管理相关。使用标准数据收集表,两名评审员独立对每个应用是否存在密码、个人健康信息存储、隐私声明、加密、远程擦除和第三方共享进行编码。使用科恩卡帕统计量来衡量评分者间的一致性。
在评估的184个应用中,70.1%没有密码保护或登录系统。41.8%(77/184)的应用要求提供包括姓名、出生日期和性别的个人信息。25%(46/184)的应用要求提供地址、电话号码和电子邮件等联系信息。最后,89.1%(164/184)的应用要求提供除药物名称之外的个人健康信息。只有34.2%(63/184)的应用制定了隐私政策。
大多数免费药物应用提供的认证和隐私协议非常有限。因此,目前责任在于患者有选择地在这些应用中输入信息,并意识到潜在的隐私问题。在构建更安全的系统之前,医疗从业者无法全力支持想要使用此类应用的患者。
