Title: Privacy policies of IoT-based healthcare: an empirical analysis study of the data collection practices of existing IoT medical applications

Authors: Mohamed Sarrab; Fatma Alshohoumi; Abdulla AlHamadani

Addresses: Communication and Information Research Center, Sultan Qaboos University, Muscat, Oman ' Communication and Information Research Center, Sultan Qaboos University, Muscat, Oman ' Department of Computer Science, Sultan Qaboos University, Muscat, Oman

Abstract: In healthcare, the internet of things (IoT) has accelerated the process of gathering patients' data. However, data processing is a significant violation of patients' privacy. This research critically examines to what extent the privacy policies of IoT medical apps provide sufficient details about their data collection practices with respect to personal data. It aims to explore the various medical data collected by IoT medical apps. An empirical analysis investigated the privacy policies of 21 of IoT medical apps. The findings revealed that these apps had provided sufficient details related to some of the data collection practices. However, details related to the security of personal data were more general. The findings indicate that most of these apps offer no guarantee regarding securing personal data. Such results open new research to be extended to validate to what extent the service providers are committed to what is explained in their privacy policies.

Keywords: healthcare; privacy policy; data collection practices; privacy concerns; IoT medical apps.

DOI: 10.1504/IJEH.2022.124491

International Journal of Electronic Healthcare, 2022 Vol.12 No.3, pp.221 - 251

Received: 27 Aug 2020
Accepted: 18 Dec 2021

Published online: 27 Jul 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article