Final published version
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - End-users’ knowledge and perception about security of clinical mobile health apps
T2 - A case study with two Saudi Arabian mHealth providers
AU - Aljedaani, Bakheet
AU - Ahmad, Aakash
AU - Zahedi, Mansooreh
AU - Babar, M. Ali
PY - 2023/1/31
Y1 - 2023/1/31
N2 - Mobile health apps (mHealth apps) are being increasingly adopted in the healthcare sector, enabling stakeholders such as medics and patients, to utilize health services in a pervasive manner. Despite having several benefits, mHealth apps entail significant security and privacy challenges that can lead to data breaches with serious social, legal, and financial consequences. This research presents an empirical investigation into security awareness of end-users of mHealth apps that are available on major mobile platforms. We conducted end-users’ survey-driven case study research in collaboration with two mHealth providers in Saudi Arabia to survey 101 end-users, investigating their security awareness about (i) existing and desired security features, (ii) security-related issues, and (iii) methods to improve security knowledge. The results indicate that while security awareness among the different demographic groups was statistically significant based on their IT knowledge level and education level ,security awareness based on gender, age, and frequency of mHealth app usage was not statistically significant. We also found that the majority of the end-users are unaware of the existing security features provided (e.g., restricted app permissions); however, they desire usable security (e.g., biometric authentication) and are concerned about the privacy of their health information (e.g., data anonymization). End-users suggested that protocols such as two-factor authentication positively impact security but compromise usability. Security-awareness via peer guidance, or training from app providers can increase end-users’ trust in mHealth apps. This research investigates human-centric knowledge based on a case study and provides a set of guidelines to develop secure and usable mHealth apps.
AB - Mobile health apps (mHealth apps) are being increasingly adopted in the healthcare sector, enabling stakeholders such as medics and patients, to utilize health services in a pervasive manner. Despite having several benefits, mHealth apps entail significant security and privacy challenges that can lead to data breaches with serious social, legal, and financial consequences. This research presents an empirical investigation into security awareness of end-users of mHealth apps that are available on major mobile platforms. We conducted end-users’ survey-driven case study research in collaboration with two mHealth providers in Saudi Arabia to survey 101 end-users, investigating their security awareness about (i) existing and desired security features, (ii) security-related issues, and (iii) methods to improve security knowledge. The results indicate that while security awareness among the different demographic groups was statistically significant based on their IT knowledge level and education level ,security awareness based on gender, age, and frequency of mHealth app usage was not statistically significant. We also found that the majority of the end-users are unaware of the existing security features provided (e.g., restricted app permissions); however, they desire usable security (e.g., biometric authentication) and are concerned about the privacy of their health information (e.g., data anonymization). End-users suggested that protocols such as two-factor authentication positively impact security but compromise usability. Security-awareness via peer guidance, or training from app providers can increase end-users’ trust in mHealth apps. This research investigates human-centric knowledge based on a case study and provides a set of guidelines to develop secure and usable mHealth apps.
U2 - 10.1016/j.jss.2022.111519
DO - 10.1016/j.jss.2022.111519
M3 - Journal article
VL - 195
JO - Journal of Systems and Software
JF - Journal of Systems and Software
SN - 0164-1212
M1 - 111519
ER -