With the rise in the popularity of digital health tools, a significant number of women in Ghana have adopted period-tracking applications as methods to observe menstrual cycles, ovulation and document reproductive health symptoms.
These applications can be beneficial, since they are free and user-friendly and have become an essential aspect of health management in women. Nonetheless, the latest findings show that not all these platforms gather and transfer as much data as consumers might think, which is important for privacy and cybersecurity issues.
The research by worldwide digital health evaluators, including ORCHA, has demonstrated that more than 80 per cent of period-tracking software distributes individual and delicate health data to third parties.
They might involve information on menstruation, sexual life, the use of contraceptives, as well as mood swings.
There are instances where the information is utilised in marketing, analytics or research without apparent user permission.
As an example, lawsuits were filed against the popular app, Flo, because of the claim that it was sharing reproductive data with other companies like Meta without sufficient disclosure.
In spite of the fact that the company eventually enhanced its privacy policies, the event acts as a reminder that not every health app is transparent in the way that it uses sensitive data.
Data protection
In Ghana, the problem of data protection is regulated by the Data Protection Act, 2012 (Act 843). The health information, including reproductive data, is categorised by the law as special personal data, and thus it is worthy of more protection.
The Act provides the right of an individual to know the purpose of using his or her data, to consent or revoke this consent, and to insist on the organisation safely using data.
But in Ghana, this is not fully enforced and as most of these apps are created overseas, the end consumer is usually at the data handling policies of foreign firms that may not be as stringent as the requirements of Ghana.
A number of time management applications are now trending among the Ghanaian users for example, Grace Health, Poka Health, Flo, Clue and Eve.
Cybersecurity wise
Cybersecurity-wise, the Ghanaian user needs to be aware and cautious of these applications.
The privacy policy is an important document to read before downloading any period tracking app to gain insight into the data OneFast is collecting, its storage and sharing it with third parties.
Users are advised to keep the personal information as little as possible, particularly optional ones, such as, sexual activity or partner’s details, and turn off the unnecessary privileges like location access.
It is safer to use apps with an option of anonymous mode or local storage, without compulsory registration.
It is also important to be good at digital hygiene. Users are advised to check the permissions on their phones with high regularity, use strong and unique passwords, and have the app and phone software up-to-date.
To individuals who wish to stay entirely private, the use of manual tracking via notebooks or an offline spreadsheet is a relatively easy and safe alternative.
Although period-tracker apps can be a powerful tool in the health of women, their privacy should not be sacrificed.
With Ghana still in the process of the digitalisation of healthcare systems, cybersecurity professionals and policymakers should collaborate in reinforcing the Data Protection Act and promoting transparency in gender specific health apps.
Designers in Africa must develop health apps based on the privacy by design concept, which is to make sure that data protection occurs not by these technologies as an afterthought, but by including it within the technology.
In the meantime,all on these applications ought to continue being watchful. Reproductive health information is one of the most personalised types of information and once posted online, it is hard to manage or delete.
Users can experience the positive sides of technology and preserve their privacy by making an educated decision and knowing the essence of their data processing.
The writer is a cybersecurity/ data privacy expert.
E-mail: innocentfiagbedu@gmail.com
