PANDAS Tracker Security Advisory: Secure-by-Design vs. Data Privacy Risks in Pediatric Health Apps
A security analysis comparing PANDAS Tracker's privacy-first architecture against common data risks in consumer health applications.
The data risk landscape for pediatric health apps
Most consumer health apps monetize user data through advertising partnerships, data licensing to pharmaceutical companies, or data broker relationships. For apps handling children's behavioral health records — OCD, tics, psychiatric medications, and infection histories — this is an unacceptable risk. De-identified data can be re-identified. Data sold to brokers reaches insurers, employers, and advertisers.
PANDAS Tracker's secure-by-design architecture
PANDAS Tracker is built with zero advertising SDKs, no data broker relationships, industry-standard encryption at rest and in transit, server-side access controls enforcing family-only data access, and a BAA with our cloud provider. The founder's background in cybersecurity and privacy law is reflected in the architecture — not as aspirational language, but as implemented controls.
Key security controls
- industry-standard encryption at rest via our cloud database
- industry-standard encrypted transport for all data in transit
- server-side access controls: server-side access control on every database operation
- Business Associate Agreement (BAA) with our cloud infrastructure provider
- No advertising SDKs or third-party analytics exfiltrating user data
- Data minimization: only collect what is needed
- Audit logging of all data access
- 72-hour breach notification commitment
Contact
Security concerns or disclosures: security@spmadvisors.net