Balancing easier access and greater security of healthcare data

Security is a big topic for healthcare right now and has been for some years. Johan Sörmling, Managing Director at Encap Security and Head of Mobile Identity at Signicat, believes that healthcare has a great deal to learn from other markets—in particular fintech. He believes it’s important to think of app users, no matter the app, as consumers when considering how to attract and keep people using healthcare apps.

We knew that access to healthcare data was valuable, but the last eighteen months has made it clear just how vital access to data is. Governments have used data to make decisions on border control and lockdowns. Healthcare authorities have used data to prioritise vaccination programs and resources. People have been able to use published data to better understand the scale of the pandemic and make decisions on the level of risk that they feel comfortable with.

One big lesson of the pandemic has been that sharing health data is good for decision making.

Unfortunately, it’s also been a bad time for data securityOne report suggests that the industry has experienced a 51% increase in the total number of records exposed, from 2019 to 2020. Healthcare has also become a big target for ransomware, with Ireland falling victim to a “catastrophic” attack in May 2021, and Germany being attacked in late 2020. The Vastaamo hack was possibly the most damaging of all, with a security flaw in exposing its entire patient database, including email addresses and social security numbers, but the actual written notes that therapists had taken.

Healthcare data can be some of the most sensitive information that’s held about us, ranging from the mundane to the intensely private. The lesson that some of the public may take away from the last few years is that sharing data is risky, and could mean a loss of control.

If healthcare providers want their patients to install and use the apps they have created, they may need to look to the success of other sectors to better understand how they can get people on board.

Healthcare apps as consumer apps

European regulators are keen to make mobile health a reality across the continent and have been for the best part of a decade, creating regulations and legal frameworks, and funding projects through its Horizon 2020 program.

Digital health and mhealth adoption has been patchy. As an example, France has been breaking records for telemedicine and has started trials for a vaccine passport. A new healthcare act adopted in 2019 is looking to expand the country’s focus on digital health—improving interoperability, establishing a data hub and make use of artificial intelligence. Germany has also been doing similarly good work since a change in health minister in 2019 meant a new way of doing things.

Elsewhere, progress has been slower. The app designed to help monitor the spread of COVID-19 has been described as a “fiasco”, while a study from the British Medical Journal found that many mhealth apps lacked privacy controls. One report claims that 71% of healthcare apps have a serious vulnerability.

Even as people choose to engage with healthcare apps, there are going to be problems—not every app will be of the same quality, and the public’s perception may be affected by poor-quality apps. This is a problem in every sector. Maybe it’s time to learn from them?

Financial services, for example, is another sector where people have data they want to keep to themselves, and only they should have access. In recent years, there’s been a huge shift to mobile apps. One in five UK customers, for example, now use challenger banks—huge if you consider how young the fintech sector is compared to the incumbent financial sector.

For healthcare apps to do the same, maybe it’s time to think more like a fintech? 

Learning lessons from elsewhere

What is the secret to fintech success? It’s a focus on customer experience. No one should find an app difficult to use or find it confusing. If they do, they will quickly abandon the app for one that’s more welcoming, and there are many alternatives on the market.

This attention to the customer experience includes one of the most important parts of any app, authentication. It’s also the part where many businesses go wrong. Authentication tells a business that the customer returning to their app is who they say they are. Often this is done with a username and password, but this is notoriously insecure—many people reuse passwords or use passwords that are simple and easily guessed. But additional security can mean making things more difficult for the customer—and turning them away from the app due to a poor experience.

Consumers need to both be protected, and feel protected. Security needs to be just a little bit visible so that they know it is there and they feel safe. If it’s completely invisible, or in the way consumers will walk away. So how can mhealth apps solve this problem?

If mhealth apps want customers to both be secure and feel secure in their apps, they need to start using some of the techniques that have been proven elsewhere. They need to use two-factor authentication. Consumers increasingly expect this level of protection, and many are now demanding it. If you have entered a code sent to you by text, then you have used two-factor authentication, but this is not the best way to do it. SMS text messages are not secure—anyone can send them, and they can be used in what’s called a “man in the middle” attack to take over an account.

Luckily, there’s a solution thanks to where the app exists in the first place. Smartphones are smarter than ever, with face and fingerprint recognition common. Integrating these makes two factor authentication easy for the consumer. Plus the data that the smartphone has access to, such as location, means that there can be far more confidence that the person using the app is who they say they are.


Any app that wants to be successful needs to look beyond its own sector for best practice. For consumers, their banking app, games and mhealth all exist on the same device, one tap away. We believe that mhealth apps cannot rely on their usefulness alone if they want customers to return to them—they will expect any app to achieve the same level of accessibility no matter if it’s offering pure entertainment or advice for good health. mhealth apps are not competing with other mhealth apps, but with every other app on a customer’s device.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

An image of , News, Balancing easier access and greater security of healthcare data

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

Hacking Cyber Security’s battle for workers

Andrew Marsh • 30th September 2022

Cyber attacks are increasing exponentially, cyber professionals are quitting, and ultimately, no one is replacing them. Worldwide, the cyber workforce shortfall is approximately 3.5 million people. We have a mountain to climb. While there are rising numbers of people with security degrees and qualifications, this falls way short of industry demand.

Getac becomes British Touring Car Championship official technology partner

Chris Gibbs • 29th September 2022

In competitive motorsports, the smallest detail can be the difference between winning and losing. Getac is the official technology partner to the British Touring Car Championships (BTCC) helping it achieve its digital transformation goals, putting a wealth of information at the fingertips of both race officials and teams alike, and helping deliver incredibly exciting racing.

The Time is Now for Digital Transformation

Paul Waddilove • 29th September 2022

According to a McKinsey research report, 70% of enterprises that had taken on digital transformation reported in 2020 that their momentum had stalled. It is worth understanding the reasons–culture or scale for example–causing the slowdown as the payoffs from digital transformation can be impressive. It can lead to more efficient operations, with enterprises enjoying autonomy...

Addressing the environmental impact of the data centre

David Watkins • 29th September 2022

David Watkins, solutions director at VIRTUS Data Centres , share how you may have seen the recent news that Thames Water has launched a probe into the impact of data centres on water supplies in and around London, as it imposed a hosepipe ban on its 15 million customers in a drought-hit area. Ensuring that...

How Can Businesses Ensure Efficient Management of COSU Devices

Nadav Avni • 29th September 2022

Nadav Avni, Chief Marketing Officer at Radix Technologies, shares how when it comes to speeding up queues and providing instant information, nothing beats corporate-owned, single-use (COSU) devices. When put in kiosk mode, these devices become efficient digital assistants that collect and share information.

The Cloud – Debunking the Myth

Guy Parry Williams • 26th September 2022

Mid-sized businesses are head down, wrestling with constantly evolving operational challenges, from skills shortages to supply chain delays and raging inflation. Management teams lack the time and often confidence to explore technology innovation and, as a result, too many companies are missing vital opportunities to cut costs, boost efficiency and reach new customers.