Study: Popular women's health apps don't meet basic privacy, security standards

The researchers found 20 of the 23 apps reviewed shared data with third parties. Only 16 displayed a privacy policy, and three collected data before consent.
By Emily Olsen
11:40 am
Share

Photo: d3sign/Getty Images

Many popular women's health apps fail to meet basic data privacy and security standards, according to a review published in JMIR.

The study analyzed 23 of the most downloaded and highest rated femtech apps on Apple's App Store and Google Play by two independent reviewers on data privacy, data sharing and security assessment criteria. Sixteen of the apps were related to fertility, cycle tracking and pregnancy, while others focused on areas like breast and lung cancers, mental health, exercise and abortion. 

Researchers found all the apps included behavioral tracking, and 14 allowed location tracking. Meanwhile, only 16 displayed a privacy policy, and 12 requested consent from users. Three of the apps began collecting data before obtaining consent. Thirteen provided users with information about data security.

The review also noted that 20 of the 23 apps shared data with third parties, while researchers couldn't determine data sharing policies from the final three. 

"Many of the most popular women’s mHealth apps on the market have poor data privacy, sharing and security standards. Although regulations exist, such as the European Union General Data Protection Regulation, current practices do not follow them," the study's authors wrote. "The failure of the assessed women’s mHealth apps to meet basic data privacy, sharing and security standards is not ethically or legally acceptable."

WHY IT MATTERS

The researchers argued that women's health apps in particular can contain private data that may come from young women, teens and children. 

"Given the sensitive nature of women’s health, women’s mHealth apps should practice increased privacy rather than the poor practices uncovered in this study. Moreover, some women’s mHealth apps collected not only women’s sensitive data but also information on children and infants," they wrote. "These observations demonstrate the complexity of the standard practices of data privacy and consent."

THE LARGER TREND

After a Supreme Court draft opinion that would overturn Roe v. Wade leaked earlier this month, some privacy and security experts have raised concerns that data from period-tracking apps could be used to determine whether the user has had an abortion. 

Privacy concerns have surfaced for femtech apps before. Popular period and fertility tracking app Flo, which raised $50 million in Series B funding last year, settled with the Federal Trade Commission in January 2021 regarding a complaint the company had shared user data with marketing and analytics services at Facebook and Google. 

Meanwhile, though femtech still makes up a small portion of overall digital health funding, the market has been growing. In its Q1 investment report, Rock Health noted that reproductive and maternal health startups moved into the top six in terms of clinical focus for the first time since 2019, scooping up $424 million in financing. 

Share