Health data leaks to third parties in web-based health services
: Rauti, Sampsa; Carlsson, Robin; Laato, Samuli; Heino, Timi; Puhtila, Panu; Leppänen, Ville
: Kasurinen, Jussi; Päivärinta, Tero; Vartiainen, Tero
: Annual Doctoral Symposium of Computer Science
Publisher: CEUR-WS
: 2024
: CEUR Workshop Proceedings
: TKTP 2024: Annual Doctoral Symposium for Computer Science 2024: Proceedings of the 41 st Doctoral Symposium of the Finnish Society for Computer Science
: CEUR Workshop Proceedings
: 3776
: 117
: 121
: 1613-0073
: https://ceur-ws.org/Vol-3776/shortpaper10.pdf(external)
: https://research.utu.fi/converis/portal/detail/Publication/458969247(external)
Today, users may share sensitive health data on web-based health services. We rely on these services to keep our data safe and secured, but this is not always the case. Therefore, this study investigates the privacy of a snapshot of 10 Finnish web-based health services, providing an analysis of health data leaks. We show that all analyzed services leaked at least some kind of personal data to third parties – from topics of visited pages to details on appointment bookings. While the situation has improved after we have notified the health service providers about this issue, the study serves as a reminder of the ongoing challenges in protecting user privacy in online health services and highlights the pressing need to address these issues.
:
This research has been funded by Academy of Finland project 327397, IDA – Intimacy in Data-Driven Culture