BSidesVienna 0x7E7

What is Your Painlevel? - Testing Security and Privacy of Physiotherapy Mhealth Apps
11-18, 14:30–15:00 (Europe/Vienna), Badeschiff

Physiotherapy mobile health (mhealth) applications facilitate the remote communication between practitioners and their patients. They process and keep track of sensitive health data such as pain levels and training exercises, which reveal health issues or physical impairment. In this presentation we give an introduction into the methodologies of our security and privacy evaluation of four selected physiotherapy mhealth apps commonly used in Austria. The static and dynamic analysis of the apps and web interfaces showed alarming results with plenty of room for improvement.

Ines Kramer is research staff at the Competence Center for IT-Security at FH Campus Wien - University of Applied Sciences. The security evaluation of the telehealth applications was conducted during the Telehealth Blocks project from the Health Assisting Engineering program at FH Campus Vienna. This project was funded by the City of Vienna, Magistratsabteilung 23, Austria under Grant number MA23-338474-2021-2
https://www.fh-campuswien.ac.at/en/studies/study-courses/it-security-master.html
https://www.fh-campuswien.ac.at/en/studies/study-courses/health-assisting-engineering.html