2025 ASEE Annual Conference & Exposition

Objective and Motivation:

The use of mobile apps to manage mental health has grown significantly in recent years. With features ranging from mood tracking and guided meditation to virtual therapy sessions, these apps provide a convenient way for people to address mental health challenges in their daily lives. This study examines trends in mental health apps since 2009, including a comparison of app features and usage between pre- and post-COVID periods.

Privacy policies for mobile apps are crucial as they explain how user data is collected, used, stored, and shared. Given the sensitive nature of mental health data, privacy issues in mental health apps are particularly critical. However, these documents are often overlooked due to their length and complexity. This study leverages Large Language Models (LLMs) and Retrieval-Augmented Generation (RAG) techniques to analyze privacy policy documents from mobile apps available in the Apple App Store. The goal is to extract answers to key privacy and security-related questions, providing insights for stakeholders, including mental health app users, developers, and policymakers.

Methodology:

General app information—such as genres, user ratings, pricing, and more—is collected from the Apple App Store using the Apple Store API and Python tools. An exploratory analysis is conducted to identify trends in mental health apps since 2009.

Privacy policy documents of mental health apps are also collected for analysis. ChatGPT is utilized to extract privacy-related metrics, such as the percentage of apps that reference privacy regulations like the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), and the Children’s Online Privacy Protection Act (COPPA). LLMs and RAG are employed to answer critical privacy and security-related questions from the dataset of privacy policy documents. These questions cover multiple categories, such as the types of user information collected, methods for data protection and storage, and whether user information is shared with third parties.

Results

Our analysis reveals a significant increase in both the number and quality of mental health apps in the post-pandemic era. Out of 4,764 English-language apps, 3,371 have privacy policies and 1,393 do not. Approximately 37.9% of the apps reference privacy regulations such as GDPR, HIPAA, or COPPA in their privacy policies, revealing gaps in awareness and compliance with privacy standards. In addition, the analysis of privacy policy documents reveals that the vast majority of mental health apps are transparent about their user data collection actions (91%) and purpose (96.7%). However, a smaller percentage (76.9%) disclose data sharing with third parties, and 81.3% provide users with options to opt out of data collection or to delete their data.

Conclusions:

As the adoption of digital mental health solutions continues to rise, ensuring comliance with privacy regulations is increasingly critical. Additionally, tools that simplify the understanding of complex privacy policies are also essential to enhance user trust and awareness. This study underscores the importance of transparency and regulation in the growing field of mental health apps, offering insights for improving user awareness and protection while promoting responsible app development.