New health apps are popping up every day, promising to help you track your health conditions, count your calories, manage your medications, or predict your ovulation. These apps often ask for some of your most sensitive personal information, like your health history, medication list, or whether you have ever suffered a miscarriage.
Some apps use that sensitive information only to give you services. But others may use it for their own research, to target you with ads, or disclose — or even sell — your data to other companies. And, unlike your doctor, these apps may not be covered by health privacy laws like HIPAA.
For example, Flo is a health app that functions as an ovulation calendar, period tracker, and pregnancy guide. In a settlement announced today, the FTC said that the makers of the Flo app shared users’ personal health information with marketing and analytics companies like Facebook and Google — even though it had promised users to keep this sensitive information private. As part of the settlement, Flo Health, Inc. has agreed to get users’ consent before it can share their information in the future. The settlement also requires Flo to get an outside review of the honesty of its privacy promises.
How can you avoid the risks associated with these types of health apps? Here are some things to consider: