donn_edwards
Well-Known Member
I would like to draw everyone's attention to the security flaws in the Discovery Health iPad app: there is no security at all. Furthermore, Discovery's servers will automatically trust any iPad that claims to provide "permission" from the client, and tell the iPad user anything they want to know about the user's medical history, claims, chonic conditions, and so on.
My blog article gives more details, but essentially the problem is this: Discovery Health will publish your medical history to anyone who requests it, and you can't prevent it from happening. You can authorise it in advance, but you can't stop it in advance.
If the doctor happens to lose his iPad on a plane, or have it stolen from his office, or even just accessed by someone in his office, there is nothing in place to prevent this from happening. And there are plenty of life insurance companies who would be most interested in knowing exactly what medication you claim for, how often you visit a psychologist or psychiatrist, and so on. Not to mention marketing companies.
Right now we are protected because the information is scattered in diverse paper files and offline accounting systems, but the HealthID app aims to centralise it all on Discovery's servers, where they can look at the data captured by your doctor, along with their own.