Skip to Main Content
University of Oregon
UO Libraries

Digital Health & Wellness Resources

This online guide to digital health and wellness resources is meant to provide the University of Oregon community with information about on-campus resources, mobile health (mHealth) apps, and strategies to evaluate mHealth apps.

Data Privacy & Security Risks Associated with mHealth Apps

A Black non-binary person sits at an adjustable desk and paints with watercolors at a cafe. They are dressed in all black with glasses, earrings, and a red lip, and have a shaved head. Their leopard print cane hangs off the side of the desk.As of 2021, researchers found that 88% of mobile health (mHealth) apps available for users to download contained code that had the ability to collect user data. The research also revealed that most data collection operations involved third-party providers, and 23% of user data transmissions took place on insecure communication protocols. In addition, only 47% of data transmissions complied with the app’s privacy policies, and 28% of apps did not provide a privacy policy at all. (Source: Mobile health and privacy: cross sectional study)

Image Attribution: Created by Chona Kasinger (Free to use under the Disabled and Here project CC-BY)

Privacy has always been a concern, especially in the health domain as the proliferation of mHealth apps has led to a large amount of sensitive data generated. Therefore, it is important for users to perform privacy assessments of mHealth apps by evaluating diverse privacy components; however, it can be difficult as users have different needs of individual care that require different criteria for their assessments. (Source: Privacy Assessment in Mobile Health Apps: Scoping Review)

If people are to use and trust these tools for their mental health, it is crucial for people learn data and informational literacy skills in evaluating the transparency and quality around the data practices of these apps. Especially, as availability of information about developers' data security procedures for mHealth apps, specifically those targeting mental health, has not been thoroughly investigated. (Source: Reviewing the data security and privacy policies of mobile apps for depression)

mHealth App Evaluation Rubric

The purpose of the app evaluation rubric below is to give the user sufficient information from which to make an informed decision that they deem correct for their situation. You can also check out the American Psychiatric Association's (APA) Comprehensive App Evaluation Model for in-depth app evaluations.

(was created by)

 

Lowest Quality (1 pt.)

Average Quality (2 pt.)

Best Quality (3 pt.)
Access & Background

If the app meets MOST of the following criteria:

  • Only works on one type of device (iOS or Android)
  • Does not work on a desktop computer
  • Does not work with accessibility features of a device
  • Is not accessible for those with impaired vision or other disabilities
  • Has not been updated in the last 180 days
  • Is not free to download
  • Has additional and/or hidden costs in order to work

If the app meets MOST of the following criteria:

  • Works on all types of devices (iOS or Android)
  • Does not work on a desktop computer
  • Does work with accessibility features of a device
  • Is accessible for those with impaired vision or other disabilities
  • Has been updated in the last 180 days
  • Is free to download
  • Has optional add-ons
  • Is workable without additional and/or hidden costs

If the app meets MOST of the following criteria:

  • Works on all types of devices (iOS or Android)
  • Does work on a desktop computer
  • Does work with accessibility features of a device
  • Is accessible for those with impaired vision or other disabilities
  • Has been updated in the last 90 days
  • Is free to download
  • Has no additional and/or hidden costs
Privacy & Security

If the app meets ANY of the following criteria:

  • Does not provide a privacy policy before use
  • Does not declare data use or purpose
  • Does not allow users to opt out of data collection or delete data
  • Does not explain security systems used
  • Does not claim to collect, use and/or transmit sensitive data securely

If the app meets ANY of the following criteria:

  • Does provide a privacy policy before use
  • Does declare data use or purpose
  • Allows users to opt out of data collection once or delete limited data
  • Does explain security systems used
  • Does claim to collect, use and/or transmit sensitive data securely

If the app meets ANY of the following criteria:

  • Does provide a transparent privacy policy that is clear and accessible before use
  • Does clearly declare data use or purpose
  • Allows users to opt out of data collection or delete all data whenever
  • Does explain security systems used and protocol
  • Does claim to not collect, use and/or transmit sensitive data
Clinical Foundation

If the app meets ANY of the following criteria:

  • Does not provide evidence of effectiveness/efficacy
  • Does not provide evidence of specific benefit from academic institutions, publications, and user feedback or research studies
  • Does not have a clinical/recovery foundation relevant to intended use
  • Is not funded or reviewed by a national association of clinicians or researchers 

If the app meets ANY of the following criteria:

  • Does provide limited evidence of effectiveness/efficacy
  • Does provide limited evidence of specific benefit from academic institutions, publications, and user feedback or research studies
  • Does have limited clinical/recovery foundation relevant to intended use
  • Is funded and/or reviewed by a national association of clinicians or researchers

If the app meets ANY of the following criteria:

  • Does provide detailed evidence of effectiveness/efficacy
  • Does provide detailed evidence of specific benefit from academic institutions, publications, and user feedback or research studies
  • Does have detailed clinical/recovery foundation relevant to intended use
  • Is funded and/or reviewed by a national association of clinicians
Usability

If the app meets ANY of the following criteria:

  • Does not define functional scope
  • Does not align with personal needs and priorities
  • Is not customizable
  • Is difficult to use

If the app meets ANY of the following criteria:

  • Does define functional scope
  • Does align with some personal needs and priorities
  • Has limited customization capabilities
  • Is easy to use

If the app meets ANY of the following criteria:

  • Does clearly define functional scope in detail
  • Does align with all personal needs and priorities
  • Has customization capabilities
  • Is easy to use
Data Integration towards Therapeutic Goal

If the app meets ANY of the following criteria:

  • User does not own their data
  • Data cannot be shared and interpreted in a way that's consistent with stated purpose of the app
  • Does not improve therapeutic alliance between patient and medical provider
  • Does not provide scientific evidence that leads to any positive behavioral change or skill acquisition

If the app meets ANY of the following criteria:

  • User owns limited personal data
  • Can be used for individual use or in collaboration with a medical provider
  • Does not have the ability to export or transfer data if used with a medical provider
  • Data can be shared and interpreted in a way that's consistent with stated purpose of the app
  • Does improve therapeutic alliance between patient and medical provider
  • Does provide scientific evidence that leads to general positive behavioral changes or skill acquisitions

If the app meets ANY of the following criteria:

  • User owns all personal data
  • Can be used for individual use or in collaboration with a medical provider
  • Has the ability to export or transfer data if used with a medical provider
  • Data can be shared and interpreted in a way that's consistent with stated purpose of the app
  • Does improve therapeutic alliance between patient and medical provider
  • Does provide scientific evidence that leads to specific positive behavioral changes or skill acquisitions

Contact Us
Library Accessibility
UO Libraries Privacy Notices and Procedures

Make a Gift

1501 Kincaid Street
Eugene, OR 97403
P: 541-346-3053
F: 541-346-3485


© University of Oregon. All Rights Reserved.