Mobile apps for dementia patients lack security measures

The lack of cybersecurity in mobile applications meant to assist dementia patients and their caregivers could put patients' personal health information at risk, according to researchers at McLean Hospitals in Belmont, Massachusetts, and clinicians at Harvard Medical School. A study in the American Journal of Geriatric Psychiatry examined app security policies and provided recommendations.

Mobile applications are a convenient way for dementia patients to input information while also providing their caregivers with a tool to check on individuals. This study stated that the patient information stored on these apps is susceptible to hackers due to the lack of security.

“No one using an app for a mental health-related reason should assume that privacy and security measures are in place,” said senior author Ipsit Vahia, MD, medical director of Geriatric Psychiatry Outpatient Services at McLean. “Pay attention to the type of information that they provide to the app, and try to understand what can be done with that information.”

The study analyzed the privacy policies of mobile apps matching the terms "medical + dementia" or "health & fitness + dementia." Of 125 apps, 72 contained user-generated content and only 33 of these apps had privacy policies. Researchers found that, of the apps with policies on individual-level protections, missing information and sharing of data with an outside party were common.

“In order for technology to realize its full potential in mental health, users need to feel confident about the security and privacy of the information that is collected,” concluded Vahia. “Clinicians should educate themselves and their patients about issues related to the data collected.”