
Ostrzeżenie: *Prywatność dla tego produktu do nabycia osobno
Modern Health
Mozilla recently decided to offer the mental health app Modern Health to employees as part of our wellbeing program. With the growing mental health crisis around the world, many companies are adding access to mental health apps to their wellbeing programs too. It can be challenging to find companies capable of meeting high privacy standards, and so we decided it was important we include a review of the mental health app we offer to share what it is like to navigate these privacy concerns.
First, a little about Modern Health. The app offers a full spectrum of mental health services, including 1:1 sessions with care professionals, guided meditations, group sessions, digital programs, well-being assessments and more. Offered through your employer, access to the app is free. One of the features Modern Health offers the over 250 companies that use their service is access to "aggregated and de-identified" data through an "Insights Hub". How does Modern Health look from a privacy perspective? Well, even the mental health app Mozilla uses raises a number of privacy concerns. We hope to see improvements. We will update this post when we do.
Co się może stać, jeśli coś pójdzie nie tak?
Modern Health's privacy notice raised flags for us because they say they can collect a large amount of personal information. For example, they recently changed their privacy policy to say they "utilize tracking technologies on our marketing website" and they “do not engage in any third party tracking on [their] platform or target ads toward any of [their] platform members.” We worry they can use information learned about users of their service for advertising purposes, and if that's not true, then we hope they clarify their privacy policy to alleviate our concerns. For example, open questions we still have include: what's a "marketing website"? Do they engage with third party tracking off-their platform
Modern Health says they can collect a fair amount of personal information, including name, mailing address, e-mail address, telephone number, date of birth, IP address, location information, social media information, video recordings and photographs, and information about your dependents. The company also says they can collect information about you from third parties. And they may combine or enhance information they get from you when you use Modern Health's services with information they get from third parties. So far, that's a lot of information gathered on you.
They also say they can share your personal information with a number of third parties, including business affiliates and your employer. It is unclear from their privacy policy who the business affiliates are and with whom they are sharing your data. Finally, Modern Health doesn’t specifically state in their privacy policy that they don’t sell user data, which is something we like to see stated clearly. That's not a good thing to be unclear on. The privacy policy only confirms that they have not sold California consumers’ data, but it doesn't guarantee anything about the future or people in other locations.
So yes, even the mental health app Mozilla offers employees raises a host of privacy concerns for us.. And overall, employer-provided access to mental health apps raises a number of privacy concerns employees should consider before using these apps. We recommend reaching out to your company's HR or wellness department to learn what access to data your company has for such apps and what policies they have in place to keep any data collected private, secure, and anonymous.
What's the worst that could happen? Well, Modern Health shares data with employers. Modern Health has assured Mozilla that it only shares high-level, aggregated data with employers and does not share any user level data. We hope they will commit to that publicly in their privacy policy, because it currently says “[w]e only share information with your employer that is permitted by law.” We would like to see more public details here so we (or any consumer reading this) doesn't have to make assumptions on what is permitted by law
One final thing, one of the co-founders of Modern Health, who has since left the company, raised her own concerns and offered solutions about the problems she sees with mental health apps broadly and patient safety in this space.
Wskazówki, jak się chronić
- Ensure you have a strong password
- Do not allow third-party tools access to your medical data
- Do not give permission to combine your data with other third-party data, or to use it for research
Czy może mnie podsłuchiwać?
Aparat
Urządzenie: Nie dotyczy
Aplikacja: Tak
Mikrofon
Urządzenie: Nie dotyczy
Aplikacja: Tak
Śledzi położenie
Urządzenie: Nie dotyczy
Aplikacja: Tak
Czego można użyć do rejestracji?
Tak
Telefon
Nie
Konto firmy trzeciej
Nie
Jakie dane zbiera ta firma?
Osobiste
Name, mailing address, e-mail address, telephone, location
Związane z ciałem
Health or medical condition, and your treatment (if certain services are connected)
Społecznościowe
Jak ta firma wykorzystuje te dane?
Jak możesz kontrolować swoje dane?
Jaka jest znana historia tej firmy w zakresie ochrony danych użytkowników?
No known privacy or security incidents discovered in the last 3 years.
Informacje o prywatności dziecka
Czy ten produkt może być używany bez połączenia z siecią?
Przyjazne dla użytkownika informacje o prywatności?
Odnośniki do informacji o prywatności
Czy ten produkt spełnia nasze minimalne standardy bezpieczeństwa?
Szyfrowanie
Modern Health applies PGP encryption to verify that any data exchanged is encrypted between the sender and receiver
Silne hasło
Aktualizacje zabezpieczeń
Zajmuje się problemami z bezpieczeństwem
Modern Health has a disclosure policy, security vulnerabilities can be reported to [email protected]
Komentarze
Masz uwagi? Podziel się nimi z nami.