Forside > Siste Nytt > Connected health devices violate users privacy

Connected health devices violate users privacy

28. september, 2017
The health devices that were tested are intended to simplify and improve everyday life for people. However, several app-connected blood pressure gauges and blood glucose-monitoring devices fall short of properly protecting the privacy and consumer rights of users, according to the Norwegian Consumer Council.

The Norwegian Consumer Council encourage users to think twice about connecting health devices, which collect sensitive personal information, to the internet.

– Although the features of these services can be useful to people, it is unacceptable that some apps contribute to users losing control their own health data, says Anne Kristin Vie, Director of Public Services and Health at the Norwegian Consumer Council.

They have investigated the consumer and privacy-related aspects of four blood pressure gauges and three blood glucose-monitoring devices used together with smartphone apps. The consultancy company Bouvet has carried out the technical part of the test on behalf of the Norwegian Consumer Council.

– Unfortunately, users often have to waive basic consumer rights in order to use the apps that are used with the devices, says Vie.

Test report: Health data for sale? Technical report by Bouvet

Testsituasjon ved test av blodtrykksmålere

Weak security practices

The apps provided with the devices contribute to enhanced functionality such as measurement history, visualization of results and other additional features, including the ability to report results electronically to your doctor. However, several of them fall short in terms of privacy and security, and give unsatisfactory information about user rights.

Some of the apps send potentially sensitive information to companies in East Asia and North America, without the users being properly informed about this. The Consumer Council believes that the standards of security for internet-connected healthcare products are often too low.

– It is not okay that, by using health-monitoring devices, you risk your health information being sold to, for example, insurance companies or other unauthorized entities. This is information that is commercially attractive for many actors, says Vie.

– The health tech industry must make sure that terms and practices do not violate users’ privacy and basic consumer protection. The users should not have to fear that their information could be used for harmful, direct marketing or price discrimination, Vie says.

Lack of secure ways to share health data

The Norwegian Consumer Council also encourages people to avoid e-mailing the health information registered by the devices to others, including your own doctor. Many of the apps that were tested directly encourage users to share their health data, either through e-mail or social media.

– E-mail is not a sufficiently secure channel to send data about your own health, Vie says.

At the same time, she points out that devices intended for home testing can be both accurate and user-friendly.

– This kind of technology has proved to be useful for people, and is readily available in stores, in pharmacies and online. Nevertheless, people need secure ways to share the information that the devices collect with, for example, their doctor, Vie says.

These are the tested products

Product Type Character
Andersson BDR 1.0

Blood pressure gauge

Security/Privacy Grønt smile fjes, ikon
Terms of service Rødt surt fjes, ikon
Blodtrykksmåler av merket A03-X_iHealth BP7 iHealth BP7

Blood pressure gauge

Security/Privacy Rødt surt fjes, ikon
Terms of service Rødt surt fjes, ikon
Blodtrykksmåler av merket A02-X_QardioArm A100 QardioArm A100

Blood pressure gauge

Security/Privacy Rødt surt fjes, ikon
Terms of service Gult skeptisk fjes, ikon
Blodtrykksmåler av merket A04-X_Withings BP-801 Withings BP-801

Blood pressure gauge

Security/Privacy Rødt surt fjes, ikon
Terms of service Gult skeptisk fjes, ikon
2in1

Blood glucose-monitoring device

Security/Privacy Grønt smile fjes, ikon
Terms of service *
Contour

Blood glucose-monitoring device

Security/Privacy Grønt smile fjes, ikon
Terms of service Rødt surt fjes, ikon
IHealth BG5

Blood glucose-monitoring device

Security/Privacy Rødt surt fjes, ikon
Terms of service Rødt surt fjes, ikon

* Terms are not included with this product and have therefore not been tested.