Investigating Protected Health Information Leakage from Android Medical Applications

TL;DR

This study examines the potential for residual data leakage from Android medical apps, highlighting forensic artifacts and assessing privacy risks related to sensitive health information in mobile healthcare applications.

Contribution

It provides an initial forensic analysis of residual data artifacts in Android medical apps, aiding risk assessment and privacy protection efforts.

Findings

Documented types and locations of recoverable artifacts

Identified privacy risks related to residual data leakage

Contributed to forensic understanding of medical app data

Abstract

As smartphones and smartphone applications are widely used in a healthcare context (e.g., remote healthcare), these devices and applications may need to comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. In other words, adequate safeguards to protect the user's sensitive information (e.g., personally identifiable information and/or medical history) are required to be enforced on such devices and applications. In this study, we forensically focus on the potential of recovering residual data from Android medical applications, with the objective of providing an initial risk assessment of such applications. Our findings (e.g., documentation of the artifacts) also contribute to a better understanding of the types and location of evidential artifacts that can, potentially, be recovered from these applications in a digital forensic investigation.