ACSIMA: A Cyber Security Index for Mobile Health Apps

Abstract

Mobile health (mHealth) apps can make healthcare more accessible and affordable by enabling users to perform a range of self-service activities to manage their own health and wellbeing. However, the mHealth app market is largely unregulated, potentially exposing app users to substantial cyber security risks. In this exploratory study, we present the Australian Cyber Security Index for mHealth Apps (ACSIMA) as a curated cyber security checklist that can guide the assessment of existing mHealth apps as well as the design/development of new apps. In contrast to existing mHealth app assessment frameworks, ACSIMA (1) focuses exclusively on cyber security, (2) takes a multi-stakeholder approach to cyber security assessment, and (3) is specific to the Australian digital health context. ACSIMA is aimed at raising the level of cyber security acuity among different stakeholder groups, including app users and app developers, and can be considered a first step towards the provision of reliable and trustworthy digital health services. We validate ACSIMA's usability and practicability through an online survey with the different stakeholder groups. The study finds that different stakeholder groups exhibit different levels of familiarity and importance towards the ACSIMA checklist, validating the need for raising the awareness of cyber security concerns in mHealth apps across all stakeholder groups.