Privacy policies of IoT-based healthcare: an empirical analysis study of the data collection practices of existing IoT medical applications

In healthcare, the internet of things (IoT) has accelerated the process of gathering patients’ data. However, data processing is a significant violation of patients’ privacy. This research critically examines to what extent the privacy policies of IoT medical apps provide sufficient details about their data collection practices with respect to personal data. It aims to explore the various medical data collected by IoT medical apps. An empirical analysis investigated the privacy policies of 21 of IoT medical apps. The findings revealed that these apps had provided sufficient details related to some of the data collection practices. However, details related to the security of personal data were more general. The findings indicate that most of these apps offer no guarantee regarding securing personal data. Such results open new research to be extended to validate to what extent the service providers are committed to what is explained in their privacy policies.