As healthcare apps boom, privacy best practices come to the fore

A report published Wednesday by the Future of Privacy Forum (FPF) takes stock of many popular mobile apps, documenting which of them provide consumers with a privacy policy describing their data collection and usage. FPF also released a guide to best practices for app developers.

With some 40,000 mHealth apps already available across various platforms, and the market set to skyrocket – pegged to grow 25 percent annually over the next five years, according to a study earlier this month from Kalorama – such practices will only grow in importance when it comes to protecting personal health information.

[See also: Mobile health app market in growth mode.]

By providing a privacy policy, companies become legally accountable for their practices and provide consumers with an opportunity to make informed decisions about whether to download an app.

In an effort to provide application developers with the tools and resources needed to implement trustworthy data practices, including privacy policies, FPF and the Center for Democracy & Technology (CDT) released a publication titled "Best Practices for Mobile Application Developers."

"Developers have access to tremendous amounts of very sensitive data about their customers," said Justin Brookman, CDT's director of consumer privacy. "We're offering these Best Practices guidelines to help well-meaning developers preserve user privacy without stifling the innovation and convenience offered by new platforms."

[See also: ONC seeks good practices for mobile device privacy and security.]

The report is generally-focused, but does touch on the special challenges faced by health-related apps and the data they traffic in – most importantly the importance of HIPAA compliance.

As part of its best practices guide, FPF and CDT list seven "Basic Steps Towards Building Privacy into your App":