Security risks are not that only thing that mHealth apps need to worry about as there are also ethic and legal issues that come along with this because medical information is the type of information is very sensitive data. First of all, HIPAA (Health Insurance Portability and Accountability Act), is a US federal law that states that all healthcare providers need to maintain the confidentiality of all patient’s medical information, which also includes mobile health apps. The thing is that since these mHealth apps are collecting medical information about an individual and storing that data onto the app, this means that these apps may have loopholes to share information with 3rd parties without making it clear to the users, which raises and ethical concern of not keeping medical information private. For example, Checkpoint Researchers, who are a part of a cyber threat intelligence company, conducted a study in which they analyzed the data of 23 apps on an android, and the number of downloads per app was between 10,000 and 10 million. The researchers found that app developers left the data of millions of users exposed to 3rd party cloud services by not following secure practices to integrate these 3rd parties, which included mHealth apps. This raised an ethical concern of having one’s medical data being shared with other companies in order to “improve” their performance (HT Tech, 2021). With this ethical concern, it raises a legal concern of the fact that users can sue these mHealth companies for sharing their medical information with 3rd parties without their knowledge or consent. This can lead to bigger consequences like legally having the mHealth apps shut down all together or having 3rd party companies investigated for their sharing of information. To make matters even more complicated, “there is no single federal agency or law that governs the vast realm of mHealth apps (Jolt, 2019),” which means that mHealth apps may be able to slip away with sharing medical information because they are not thoroughly regulated besides the general medical act, HIPAA, raising concern for if mHealth apps are even significantly part of the bigger conversation of “what should be done better to protect data of users.”