Mobile health apps (mHealth apps) are being increasingly adopted in the healthcare sector, enabling stakeholders such as medics and patients, to utilize health services in a pervasive manner. Despite having several benefits, mHealth apps entail significant security and privacy challenges that can lead to data breaches with serious social, legal, and financial consequences. This research presents an empirical investigation into security awareness of end-users of mHealth apps that are available on major mobile platforms. We conducted end-users’ survey-driven case study research in collaboration with two mHealth providers in Saudi Arabia to survey 101 end-users, investigating their security awareness about (i) existing and desired security features, (ii) security-related issues, and (iii) methods to improve security knowledge. The results indicate that while security awareness among the different demographic groups was statistically significant based on their IT knowledge level and education level ,security awareness based on gender, age, and frequency of mHealth app usage was not statistically significant. We also found that the majority of the end-users are unaware of the existing security features provided (e.g., restricted app permissions); however, they desire usable security (e.g., biometric authentication) and are concerned about the privacy of their health information (e.g., data anonymization). End-users suggested that protocols such as two-factor authentication positively impact security but compromise usability. Security-awareness via peer guidance, or training from app providers can increase end-users’ trust in mHealth apps. This research investigates human-centric knowledge based on a case study and provides a set of guidelines to develop secure and usable mHealth apps.