Modern Health
Mental Health Apps Meditation Apps Online Therapy

Modern Health

Modern Life, Inc
Wi-Fi

Review date: April 25, 2023

|
Mozilla researched 18 hours
|

Mozilla says

|
People voted: Somewhat creepy

Mozilla recently decided to offer the mental health app Modern Health to employees as part of our wellbeing program. With the growing mental health crisis around the world, many companies are adding access to mental health apps to their wellbeing programs too. It can be challenging to find companies capable of meeting high privacy standards, and so we decided it was important we include a review of the mental health app we offer to share what it is like to navigate these privacy concerns.

First, a little about Modern Health. The app offers a full spectrum of mental health services, including 1:1 sessions with care professionals, guided meditations, group sessions, digital programs, well-being assessments and more. Offered through your employer, access to the app is free. One of the features Modern Health offers the over 250 companies that use their service is access to "aggregated and de-identified" data through an "Insights Hub" . How does Modern Health look from a privacy perspective? We're happy to see they've improved their privacy practices since we first reviewed them in 2022.

What could happen if something goes wrong?

First reviewed April 20, 2022. Review updated, April 25, 2023

Good news! Modern Health's privacy practices and policies have improved since we released our review in 2022. Indeed, after our review came out, we had many discussions with Modern Health about ways they could improve their privacy policy and clarify their privacy practices. We were heartened to see these implemented. Now, all users of Modern Health, regardless of what privacy laws they live under, have the right to access and delete their data. Modern Health also explicitly states in their privacy policy that they "do not sell, disclose, and/or share your Personal Information to other businesses or third parties for monetary or valuable consideration." That is certainly something we like to see explicitly stated.

A couple of other improvements we've seen from Modern Health include clarifying in their privacy policy that while they target ads towards employer-customers and brokers based on information gathered from their website, they do not target ads towards Modern Health members or individual consumers. And last year when we reached out to Modern Health at the email listed in their privacy policy for privacy related questions, we never heard back from them. They acknowledged that email was going unmonitored and have since made sure the email addresses listed in their privacy policy for consumers to ask questions are now better monitored.

We do still have some questions about Modern Health and how they say they can gather personal information about you from third parties and combine that with data they already have on you to provide more personalization in their services. This isn't super uncommon these days, but it's still something you should know about. All in all though, Modern Health's privacy policies have improved a since 2022 and that makes us happy.

Read our 2022 review:

Update: Modern Health updated their privacy policy again on September 28, 2022. We've include a note on these updates below. After working with Modern Health for months to improve their privacy policy, they have improved enough to no longer earn our *Privacy Not Included warning label.

Update: Modern Health updated their privacy policy on June 30, 2022. We've included a note on these updates below.

Modern Health's privacy notice raised flags for us because they say they can collect a large amount of personal information and combine or enhance this information with more information they collect on you from third parties for things such as providing more personalized services. Modern Health says they can collect a fair amount of personal information, including name, mailing address, e-mail address, telephone number, date of birth, IP address, location information, social media information, video recordings and photographs, and information about your dependents.

And remember, they might also collect information about you from your employer. Their privacy policy reads, "...we may receive Personal Information about you from our customers (who may be your employer) to enable us to validate your eligibility to use the Service. This information may include your name, work email address, postal code, date of birth, gender, race/ethnicity, employee ID number or code (if applicable), employment start and end dates, department, title, job code (if applicable), office location, performance information, health claims data, or survey information about your work satisfaction and related topics." So far, that's a lot of information gathered on you.

Modern Health did make a clarification in the update they made to their privacy policy on June 30, 2022 regarding how they do interest-based targeted advertising. Their privacy policy reads, "We do not target any advertisements toward individual consumers or members of our platform. We may engage third party service providers who utilize tracking technologies on our corporate website (www.modernhealth.com) to serve advertisements that may be of interest to potential employer-buyers of our Services. Some of these advertisements may be personalized, meaning that the advertisements are intended to be relevant to potential employer-buyers based on what we, or the third party service providers, know about them..." So, they do use personal information for targeted advertising, but they say they don't target "individual consumers or members." All this is still a bit confusing. Hopefully this mean if you use Modern Health as a wellness service, nothing you do on the platform or website will be used to target you with ads anywhere else on the internet.

Finally, Modern Health does say they can share your personal information with a number of third parties, including business affiliates and your employer. It is unclear from their privacy policy who the business affiliates are.

So yes, even the mental health app Mozilla offers employees raises some privacy concerns for us.. And overall, employer-provided access to mental health apps raises a number of privacy concerns employees should consider before using these apps. We recommend reaching out to your company's HR or wellness department to learn what access to data your company has for such apps and what policies they have in place to keep any data collected private, secure, and anonymous.

One final thing, one of the co-founders of Modern Health, who has since left the company, raised her own concerns and offered solutions about the problems she sees with mental health apps broadly and patient safety in this space

Tips to protect yourself

  • Choose a strong password! You may use a password control tool like 1Password, KeePass etc
  • Do not use social media plug-ins.
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
  • Keep your app regularly updated
  • Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
  • When starting a sign-up, do not agree to tracking of your data if possible.
  • mobile

Can it snoop on me? information

Camera

Device: N/A

App: Yes

Microphone

Device: N/A

App: Yes

Tracks location

Device: N/A

App: Yes

What can be used to sign up?

What data does the company collect?

How does the company use this data?

We ding this product for combining users peronal data with data obtained from third parties. It is unclear if such practice may include obtaining data from data brokers.

"No Sale of Personal Information: We do not sell, disclose, and/or share your Personal Information to other businesses or third parties for monetary or valuable consideration."

"We do not share any Personal Information with employers unless necessary to prevent imminent harm (e.g., crisis management) or as required by law. We only share anonymized and aggregated information with employers.

If you are accessing the service through an employer (such as single sign-on), your employer may collect information about your login activity, including whether and when you access Modern Health Services. Modern Health does not control the information collection practices of employers or other benefit providers, and you should consult their internal policies and procedures for more information about their information collection practices"

"Advertising: We do not target any advertisements toward individual consumers or members of our platform. Nothing you do on the Modern Health app or web platform will be used by us to target any advertisements towards you as an individual consumer anywhere else on the internet. We may engage third party service providers who utilize tracking technologies on our corporate website (www.modernhealth.com) to serve advertisements that may be of interest to potential employer-buyers of our Services. Some of these advertisements may be personalized, meaning that the advertisements are intended to be relevant to potential employer-buyers based on what we, or the third party service providers, know about them, such as employment at or agency for a company that might be interested in offering Modern Health as a benefit to its employees."

"We may also get Personal Information about you from other third parties where permitted by applicable law, and combine that with Personal Information you provide us, in order to provide you with more personalized Services. For example, we may receive Personal Information about you from our customers (who may be your employer) to enable us to validate your eligibility to use the Service. This information may include your name, work email address, postal code, date of birth, gender, race/ethnicity, employee ID number or code (if applicable), employment start and end dates, department, title, job code (if applicable), office location, performance information, health claims data, or survey information about your work satisfaction and related topics. We also may receive Personal Information from Providers to help us to match you with a different Provider or to facilitate your continuity of care. "

How can you control your data?

"You may request access to or deletion of your Personal Information. We will honor your request regardless of where you live or are physically located unless a legal requirement prevents us from doing so or a legal exception applies. To make a request related to your Personal Information, click here or contact us. (If you are a former employee or worker of Modern Health and you would like to exercise your privacy rights or learn more about your privacy rights as a former employee or worker of Modern Health click here or contact us.)

With respect to your Personal Information, you may:

Withdraw consent: If we use or share your Personal Information based on your consent, you may withdraw your consent at any time.

Access: You may request access to or copies of your Personal Information. You may also request what types of Personal Information we have, the purposes for which we process it, and who has received access to your Personal Information.

Correction and Deletion: You may request that we correct your Personal Information if you think it is inaccurate or incomplete. You can also request that we erase or delete your Personal Information. Please note, if you are a Modern Health member, you can immediately request deletion of your Personal Information/account within the Modern Health mobile app by clicking on “Delete Account” in the account settings and following the instructions to complete your request. Once your Personal Information/account is deleted, you will no longer be able to access your account.

Restrict Processing: You may request that we restrict the processing of certain Personal Information.

Data Portability: You may request that we provide you with your Personal Information that we obtained from you, and you can ask us to provide it to another entity.

Object: You may have the right to object to our processing of your Personal Information for certain purposes.

Lodge a Complaint: If you believe we are using, disclosing, or otherwise processing your Personal Information in a way that is not in accordance with applicable law, you can lodge a complaint with the relevant data protection authority in your country."

What is the company’s known track record of protecting users’ data?

Average

No known privacy or security incidents discovered in the last 3 years.

Child Privacy Information

"Online components of our Services are not directed to children under the age of thirteen (13), and we do not knowingly collect Personal Information via online Services from children under the age of 13. Some Services can be provided to those under thirteen but this is handled outside of our online Services (e.g., by phone) and therefore electronic information for children under the age of 13 is not available. If you think that we have collected Personal Information via an online Service from a child under the age of 13, please contact us.

The Service is not intended to be accessed by minors under the age of eighteen (18) except as authorized by their parents or legal guardian, and we do not knowingly collect any Personal Information directly from such minors and children without such authorization. If we discover that an individual under 18 has provided us with Personal Information, we will delete the Personal Information to the extent required by the Children’s Online Privacy Protection Act."

Can this product be used offline?

No

User-friendly privacy information?

No

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

Modern Health applies PGP encryption to verify that any data exchanged is encrypted between the sender and receiver

Strong password

Yes

Security updates

Yes

Manages vulnerabilities

Yes

Modern Health has a disclosure policy, security vulnerabilities can be reported to [email protected].

Privacy policy

Yes

Does the product use AI? information

Can’t Determine

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

Can’t Determine

Does the user have control over the AI features?

Can’t Determine

*Privacy Not Included

Dive Deeper

  • Gatekeepers need to tame ‘Wild West’ of mental health and other digital health therapeutics
    STAT Link opens in a new tab
  • The Inside Story of a Scorched-Earth Breakup Between Two Founder Friends
    The Information Link opens in a new tab
  • Insights from user reviews to improve mental health apps
    Sage Journals Link opens in a new tab
  • Modern Health rolls out data tool for employers to better pinpoint workers' mental health needs
    Fierce Healthcare Link opens in a new tab
  • Lyra vs Modern Health vs Ginger: What’s the Best Mental Health Platform for Employees?
    Fin vs Fin Link opens in a new tab

Comments

Got a comment? Let us hear it.