Before You Approve That App: Build a Vetting Process That Actually Works

Learn how to replace ad hoc app reviews with a scalable vetting process, spot hidden risks like AI components, and make defensible approval decisions with real-world examples.

Register Now
Live Webinar
Live Webinar: Build a Better App Vetting Process Live Webinar: Build a Better App Vetting Process Register Now
magnifying glass icon

Copied to clipboard

Mobile App Risk is Business Risk.

Regulators are watching Enterprise mobile apps. Users demand transparency. Get instant visibility into privacy risks, AI data exposure, dangerous permissions and suspicious network connections across your entire enterprise app portfolio.

Search 2,000+ Enterprise Apps. Know Your Risk in Minutes.

Random App Search
iOS

Spruce: Medical Communication

Spruce: Medical Communication

Spruce is the leading platform for HIPAA-compliant communication and care outside of the exam room. Call, text, fax, secure message, video chat, and more—all from one secure app, with a unified team inbox. Designed for healthcare professionals and their patients, Spruce takes your clinical operations to the next level, with powerful, easy-to-use tools for team collaboration, panel management, telehealth, business phone functionality, and automated custom communications.

Healthcare Professionals: Start your free 14-day trial today—no credit card required.

Patients: Spruce is always free. Download to connect with your care team for secure messaging and telehealth.⁣⁣⁣

— SPRUCE FOR HEALTHCARE PROFESSIONALS —
• Get new phone and fax numbers, or transfer in your existing lines
• Robust mobile and desktop apps
• Built-in compliance: Automatic HIPAA BAA, two-factor login security, SOC 2 auditing, HITRUST certification, and automatic audit logging for communication read, write, and view
• Advanced phone system: Phone trees, multiple lines, secure voicemail, automated transcription, VoIP, number sharing
• Messaging and fax: Secure individual and group messaging, two-way SMS texting, secure two-way eFax
• Telehealth: Secure video calling, as well as adaptive clinical questionnaires for patient intake and screening
• After-hours: Automated schedules adjust your phone system and messaging to match your business hours
• Automation: Save messages for reuse, schedule messages for future delivery, implement automatic message responses for common needs
• Panel management: Contact and conversation tagging, patient list upload, advanced search, bulk messaging, and custom inbox configuration and communication routing for each team member
• Team collaboration: Secure team chats, shared inboxes, internal notes, and @-paging bring the features of modern team software to the healthcare space
• And more…!

— SPRUCE FOR PATIENTS —
• Sign in to a free and secure patient app, on mobile or desktop
• Receive video calls from your care team
• Send and receive secure messages, including photos
• Receive alerts for new activity

Ask your healthcare team for an invitation to connect on Spruce. If they’re not on Spruce yet, ask them to sign up today!

App Store Details

Spruce: Medical Communication

Package ID

com.sprucehealth.messenger-live

Version

4.4.28

Developer

Spruce Health

Category

Medical

Store Rank

49

App Store Link

View in App Store

Developer Privacy Policy

Privacy Policy

Observations Summary:

Permissions: DETECTEDPrivacy Declarations: DISCREPANCY DETECTEDSensitive Data Collection and Sharing: SENSITIVE INFO FOUNDNetwork Connections: DETECTEDAI: NONE DETECTED

Permissions Observations

 DETECTED

Permissions defined by Apple and Google as dangerous have been observed.

Observed During Analysis

  • The app is requesting access to the device’s camera.
  • The app is requesting access to the user’s contacts.
  • + 5 more
  • See Your App’s Risk Profile

Why Permissions Matter

If not managed properly, dangerous permissions can permit malicious access to sensitive data, and device features.

Privacy Declarations Observations

 DISCREPANCY DETECTED

A discrepancy in the declarations was observed, indicating there are conflicts or omissions in the app or component declarations.

Observed During Analysis

  • Missing iOS Privacy Manifest
  • Missing Accessed API Types Declaration
  • See Your App’s Risk Profile

Why Privacy Declarations Matter

Declarations matter because they provide transparency on how apps collect and use sensitive data. iOS requires Privacy Manifest declarations, while Android requires Data Safety disclosures and manifest permissions.

Sensitive Data Collection and Sharing Observations

 SENSITIVE INFO FOUND

This app collects, stores, or shares information that is often designated as sensitive and private.

Observed During Analysis

  • Advertiser Identifier (ADID)
  • Identifier for Vendor (IDFV)
  • See Your App’s Risk Profile

Why Data Collection and Sharing Matters

If not managed properly private data can expose enterprises, customers, employees and partners to breach and compliance violations.

Network Connections Observations

 DETECTED

Network analysis has detected communication with external servers and data transfer patterns.

Observed During Analysis

Connected Hostname:
  • amazon.com
  • google.com
Server Locations:
  • Ashburn, Virginia, US
  • Kansas City, Missouri, US
  • See Your App’s Risk Profile

Why Network Connections Matter

Uncontrolled communication with external servers by an employee-used app could expose sensitive business data to unauthorized third parties. This unauthorized access can lead to data breaches, regulatory non-compliance, and damage to your business's reputation and financial standing.

AI Observations

 NONE DETECTED

None detected. Further analysis recommended.

  • See Your App’s Risk Profile

Why AI Matters

AI features can process sensitive data in unexpected ways, potentially exposing proprietary information or creating liability.

NowSecure provides detailed risk assessments for millions of mobile apps. We Can Help Secure Your App.

All trademarks, logos, and brand names are the property of their respective owners. All company, product, and service names used in this website are for identification purposes only. Use of these names, trademarks, and brands does not imply endorsement.

MARC App Directory

Ready to Reduce Enterprise Mobile App Risk?

Stop operating in the dark. NowSecure Mobile App Risk Management gives enterprise CISOs, compliance officers and security teams the visibility and control needed to protect sensitive data, meet regulatory requirements and safeguard your brand reputation across all apps your organization builds and deploys.