Mobile health (mHealth); data privacy; patient trust; digital health security; privacy compliance; health informatics; GDPR; HIPAA; structural equation modeling; app privacy audit; cybersecurity in healthcare; user perception; regulatory governance; digital health ethics
AuthorsAbstractBackground:The rapid expansion of mobile health (mHealth) applications has transformed healthcare delivery, yet it has simultaneously intensified concerns regarding patient data privacy, unauthorized data sharing, and regulatory compliance gaps. While frameworks such as GDPR and HIPAA establish formal safeguards, emerging evidence suggests that many applications fail to translate these standards into effective real-world protections (Huckvale et al., 2019; Sunyaev et al., 2020). This discrepancy raises critical questions about the reliability of privacy assurances in digital health ecosystems. Objective:This study aims to evaluate the actual efficacy of data privacy mechanisms in mHealth applications, moving beyond stated policies to assess how privacy is implemented, perceived, and experienced by users. It seeks to bridge the gap between regulatory compliance and functional privacy outcomes, while advancing theoretical understanding of trust and risk in digital health environments. Methods:A mixed-methods design was employed, integrating (i) a systematic audit of widely used mHealth applications to assess permissions, encryption practices, and third-party data sharing; (ii) a content analysis of privacy policies; and (iii) a user-based survey measuring trust, perceived risk, and behavioral intention. Quantitative data were analyzed using regression modeling and structural equation modeling (SEM) to examine relationships between privacy practices and user trust, while qualitative insights contextualized discrepancies between policy and practice. Results:Findings indicate a significant divergence between declared privacy commitments and actual data handling practices. Applications demonstrating transparent data minimization and robust encryption were positively associated with user trust (p < 0.01), whereas extensive thirdparty data sharing negatively influenced perceived security. Notably, regulatory compliance alone did not reliably predict user confidence, suggesting that experiential factors play a mediating role. Conclusion:The results underscore the need to reconceptualize privacy in mHealth as a performance-based outcome rather than a compliance checklist. Policymakers and developers should prioritize enforceable transparency standards, user-centric privacy design, and continuous auditing mechanisms to strengthen trust and ensure sustainable adoption of digital health technologies. 1. Introduction The last decade has witnessed an unprecedented expansion of mobile health (mHealth) applications, reshaping how healthcare services are delivered, accessed, and monitored. Driven by widespread smartphone adoption, improved internet connectivity, and advancements in cloud computing and artificial intelligence, mHealth ecosystems now occupy a central position in digital healthcare transformation. These applications support a wide range of functions, including chronic disease management, •••••••••••••••••••••••••••••••• ejprd.org- Published by Riset Publishing Services LLC.
EJPRD
Copyright © 2026 by Riset Publishing Services LLC