Accepted for/Published in: JMIR mHealth and uHealth
Date Submitted: Jul 26, 2019
Date Accepted: Apr 16, 2021
Warning: This is an author submission that is not peer-reviewed or edited. Preprints - unless they show as "accepted" - should not be relied on to guide clinical practice or health-related behavior and should not be reported in news media as established information.
Challenges in Developing Secure Mobile Health Applications - A Systematic Review
ABSTRACT
Background:
Mobile health (mHealth) applications (apps) have gained significant popularity over the last few years due to its tremendous benefits such as lowering healthcare cost and increasing patient awareness. However, the sensitivity of healthcare data makes the security of mHealth apps a serious concern. The use of poor security practices and lack of Security Knowledge (SK) on developers’ side can embed several vulnerabilities in mHealth apps.
Objective:
In this review paper, we aim at identifying and analysing the reported challenges that the developers of mHealth apps face with respect to security. The knowledge of such challenges can help to reduce the risk of developing insecure mHealth apps.
Methods:
We followed Systematic Literature Review (SLR) method for this review. Since the major app stores (i.e., Google Play and Apple Store) were launched in 2008, we selected studies that have been published between January 2008 and April 2019. We selected 26 studies using predefined criteria and used thematic analysis method for analysing the extracted data.
Results:
Out of 26 studies, we identified seven challenges that can affect the development of secure mHealth apps. Our analysis revealed that insufficient SK of the developers, lack of security guidelines for developing secure mHealth apps, lack of security experts in mHealth apps development organizations, obsolete SK of mHealth apps developers, poor security decisions during mHealth apps development, speed of delivering mHealth apps, and lack of mHealth apps testing during the development process are the major challenges that hinder secure mHealth apps. Based on our analysis, we have presented a conceptual framework which highlights the correlation between the identified challenges.
Conclusions:
Whilst mHealth apps development organizations might overlook the security, we conclude that our findings can be beneficial to assist them to identify the weaknesses and improve their security practices. Similarly, the developers of mHealth apps can identify the challenges they are facing to enable them to develop mHealth apps that do not pose security risk for users. Our review suggests further support for mHealth apps developers by continuously providing the needed SK, seeking to hire a security expert in the domain of mHealth app and providing sufficient time to deliver an app.
Citation
Request queued. Please wait while the file is being generated. It may take some time.
Copyright
© The authors. All rights reserved. This is a privileged document currently under peer-review/community review (or an accepted/rejected manuscript). Authors have provided JMIR Publications with an exclusive license to publish this preprint on it's website for review and ahead-of-print citation purposes only. While the final peer-reviewed paper may be licensed under a cc-by license on publication, at this stage authors and publisher expressively prohibit redistribution of this draft paper other than for review purposes.