Do your health tracking apps need a checkup?
Five questions to ask when evaluating the quality of your health apps
Would you give a stranger access to your photos, birthdate, and intimate details about your health and sex life? If yes, this article isn’t for you. If not, read on. When it comes to the health tracking apps on your phone, what do you know about them?
When I was pregnant years ago, I downloaded pregnancy apps recklessly. I’d skim through the apps and delete the ones I didn’t like. Perhaps the design bothered me, or I didn’t find much value in what the app offered. The one particular app I kept had lengthy questionnaires. I’d easily spend 20 minutes entering all of my information meticulously, only to have the app do…. nothing. The app wasn’t using my data to improve the experience for me. So what was the point of my entering all of that information?
Dearest reader, if you are smarter than I was, you will know I was the product. The app’s business model involved selling my data to third parties. Once I figured that out, I stopped using the app. I disliked the idea of being targeted with ads to buy stuff or potentially having my data shared with my employer. Unfortunately, we still live in a world where people use information about women and their personal lives to withhold promotions, discriminate based on sex and gender, etc.
Since then, I’m happy to say that I’ve become savvier about using apps. Just as I’d check out a babysitter before leaving my child with them, I now check out my apps before installing them on my phone. Here are the five questions I use to assess the quality of an app:
- What do the one-star reviews say?
- Who’s behind the app?
- Where is the company located?
- Are privacy and data security key values?
- Can I trust what the app says?
1. What do the one-star reviews say?
Before I download an app, I like to do the “one-star test.” Five-star reviews are often variations of the same praise, so I go right to the one-star reviews in the app store. Why did people rate the app one star? Are they upset with aesthetic issues, like an overwhelmingly pink color palette? Or are they expressing concerns about the quality of the content, a murky privacy policy, or poor data security? There’s a significant difference between disliking an app because the color palette is overwhelmingly pink and disliking an app because of issues related to ethics, false information, and data security.
If I don’t see any red flags behind the one-star reviews, I move to step two.
2. Who’s behind the app?
How can I trust an app when I don’t know who’s behind it? At this point in my process, I go to the company’s website. Does the website name the people behind the company on a team page or an “about us” page? I think it’s a red flag when people aren’t willing to stand beside their work publicly.
The European Union’s General Data Protection Regulation (GDPR) requires companies operating in the European Union to have an imprint and privacy policy on their website. If there isn’t a team page or an “about us” page, the imprint and policy pages should report who’s behind the company. The imprint will say who legally represents the company, and the privacy policy will say who is the “controller” (the person responsible for data processing on the website).
Unfortunately, at least in the Apple App store, there isn’t a requirement to disclose the actual people behind the apps. For example, a pregnancy tracking app with over 10,000 reviews in the Apple App store lists a company as the developer. The company’s website and privacy statement have no information about who is behind the app. Why would I take pregnancy advice from a stranger who won’t share their name with me?
If the team members are named, what are their motivations and areas of expertise? Why should I trust them? Do they have a relevant degree or experience that makes them suitable for the job?
If I’m comfortable with who’s behind the app, I move on to step three.
3. Where is the company located?
While still on the company webpage, I look for a physical address. Where is the company located? This information might appear on the “contact us” page. It should also appear in the website’s imprint and privacy policy.
Some companies, like the one behind the mysterious pregnancy tracking app I mentioned in step 2 above, do not disclose this information. Based on this particular app’s languages, English and Russian, I could likely narrow down the company’s location to a handful of countries. But even my narrowed list of countries has a wide range of policies and regulations regarding consumer rights, privacy, and data security. Some countries mandate that companies report data breaches and inform affected customers. Other countries don’t require this reporting.
If the company doesn’t disclose where it is physically located, does its privacy policy at least mention where the company stores users’ data? Does the privacy policy discuss transferring user data to countries lacking GDPR-type regulations?
If I know where the company is located and am comfortable with the country’s regulatory requirements on topics like privacy and data security, I move to step four.
4. Are privacy and data security key values?
By this point, there’s a chance that I skimmed the company’s privacy policy to learn about who’s behind the app and where they operate. If I haven’t read the privacy policy, now’s the time. The privacy policy should be located on the app’s website or made accessible through the app. However, it’s likely no privacy policy exists. A recent study that reviewed 23 of the most popular women’s health apps found only 70% of the apps had a privacy policy. Only 57% of these apps informed users about data security.
Sometimes privacy statements are easy to understand. But what happens when the statements are written in legalese or don’t make sense? As a non-lawyer, I sometimes find it easier to assess privacy by looking for clues outside the privacy policy. How does the team feel about privacy and data security? Perhaps they wrote about it in a blog post or highlighted these topics in their website copy. Perhaps transparency, privacy, and data security are addressed in the company’s culture code, code of conduct, or business standards.
Suppose I’m accessing the company’s website in the European Union, and the website doesn’t inform me of cookies or allow me to decline the cookies. In that case, there’s a chance the app may also not follow relevant EU regulations on privacy and data security.
Finally, what is the company’s business model for the app? How does this business model support or conflict with my expectations of privacy and data security? Does the company make money by charging me or a third party, such as my health insurance company, a subscription to use the app? If the app is free, how does the company monetize it? Are they selling advertisements on the app? Are they collecting and selling customers’ data? Does the app inform me about how will my data will be used and ask me to consent?
If I understand how my data will be used and I consent to it, I move to step five.
5. Can I trust what the app says?
By the time I make it to step five, I have downloaded the app. Do the articles in the app say who wrote them? If yes, what is the writer’s area of expertise? What conflicts of interest might the writer have? For example, did the writer disclose that L’Oréal sponsored them to write the article on skincare? Do I think such a disclosure might bias the writer and what information they choose to share with me? Or am I simply satisfied to know they are upfront about it?
Does the content reference where the writer obtained the information? Do they reference studies from peer-reviewed scientific research, or are they referencing a random blog post like this one? How long ago was the article written, and when is it due for an update? This information often appears at the end of an article.
To ensure false and harmful information doesn’t make it into the app, does the company have an editorial process? How is the content written, edited, reviewed, and approved? Information about the editorial process might appear in the app’s settings or hyperlinked below an article.
If I make it to the end of these questions and am happy with all five answers, it’s time to celebrate. I found a quality health app!
This checkup has become routine before I install new health apps. Given the latest data privacy concerns with period tracking apps, I don’t see myself stopping anytime soon.
What do you look for when evaluating health apps? Let me know! I might need to update my list :)
Dr. Samantha Lattof, CEO and Co-Founder of Maila Health, wrote this article.
This article was originally published on the Maila Health Blog.
