Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
mHealth: A Privacy Threat Analysis for Public Health Surveillance Systems
Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013). (Privacy and Security)ORCID-id: 0000-0001-9005-0543
Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).ORCID-id: 0000-0002-6938-4466
School of Informatics, University of Skövde, Skövde, Sweden.
Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).ORCID-id: 0000-0002-9980-3473
2018 (Engelska)Ingår i: 2018 IEEE 31st International Symposium on Computer-Based Medical Systems / [ed] Bridget Kane, Karlstad, Sweden: IEEE, 2018Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Community Health Workers (CHWs) have been using Mobile Health Data Collection Systems (MDCSs) for supporting the delivery of primary healthcare and carrying out public health surveys, feeding national-level databases with families’ personal data. Such systems are used for public surveillance and to manage sensitive data (i.e., health data), so addressing the privacy issues is crucial for successfully deploying MDCSs. In this paper we present a comprehensive privacy threat analysis for MDCSs, discuss the privacy challenges and provide recommendations that are specially useful to health managers and developers. We ground our analysis on a large-scale MDCS used for primary care (GeoHealth) and a well-known Privacy Impact Assessment (PIA) methodology. The threat analysis is based on a compilation of relevant privacy threats from the literature as well as brain-storming sessions with privacy and security experts. Among the main findings, we observe that existing MDCSs do not employ adequate controls for achieving transparency and interveinability. Thus, threatening fundamental privacy principles regarded as data quality, right to access and right to object. Furthermore, it is noticeable that although there has been significant research to deal with data security issues, the attention with privacy in its multiple dimensions is prominently lacking.

Ort, förlag, år, upplaga, sidor
Karlstad, Sweden: IEEE, 2018.
Serie
IEEE International Symposium on Computer-Based Medical Systems, E-ISSN 2372-9198
Nyckelord [en]
Privacy, Data privacy, Security, Surveillance, Data collection, Public healthcare
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Datavetenskap; Informatik
Identifikatorer
URN: urn:nbn:se:kau:diva-68003DOI: 10.1109/CBMS.2018.00015ISBN: 978-1-5386-6060-7 (digital)ISBN: 978-1-5386-6061-4 (tryckt)OAI: oai:DiVA.org:kau-68003DiVA, id: diva2:1232367
Konferens
Proceedings of 31st IEEE Symposium on Computer-Based Medical Systems (CBMS 2018)
Tillgänglig från: 2018-07-11 Skapad: 2018-07-11 Senast uppdaterad: 2019-11-10Bibliografiskt granskad
Ingår i avhandling
1. Engineering Privacy for Mobile Health Data Collection Systems in the Primary Care
Öppna denna publikation i ny flik eller fönster >>Engineering Privacy for Mobile Health Data Collection Systems in the Primary Care
2019 (Engelska)Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

Mobile health (mHealth) systems empower Community Health Workers (CHWs) around the world, by supporting the provisioning of Community-Based Primary Health Care (CBPHC) – primary care outside the health facility into people’s homes. In particular, Mobile Health Data Collection Systems (MDCSs) are used by CHWs to collect health-related data about the families that they treat, replacing paper-based approaches for health surveys. Although MDCSs significantly improve the overall efficiency of CBPHC, existing and proposed solutions lack adequate privacy and security safeguards. In order to bridge this knowledge gap between the research areas of mHealth and privacy, the main research question of this thesis is: How to design secure and privacy-preserving systems for Mobile Health Data Collection Systems? To answer this question, the Design Method is chosen as an engineering approach to analyse and design privacy and security mechanisms for MDCSs. Among the main contributions, a comprehensive literature review of the Brazilian mHealth ecosystem is presented. This review led us to focus on MDCSs due to their impact on Brazil’s CBPHC, the Family Health Strategy programme. On the privacy engineering side, the contributions are a Privacy Impact Assessment (PIA) for the GeoHealth MDCS and three mechanisms: (a) SecourHealth, a security framework for data encryption and user authentication; (b) an Ontology-based Data Sharing System (O-DSS) that provides obfuscation and anonymisation functions; and, (c) an electronic consent (e-Consent) tool for obtaining and handling informed consent. Additionally, practical experience is shared about designing a MDCS, GeoHealth, and deploying it in a large-scale experimental study. In conclusion, the contributions of this thesis offer guidance to mHealth practitioners, encouraging them to adopt the principles of privacy by design and by default in their projects.

Abstract [en]

Mobile health (mHealth) systems empower Community Health Workers (CHWs) around the world, by supporting the provisioning of Community-Based Primary Health Care (CBPHC). In particular, Mobile Health Data Collection Systems (MDCSs) are used by CHWs to collect health-related data about the families that they treat, replacing paper-based approaches. Although MDCSs improve the efficiency of CBPHC, existing solutions lack adequate privacy and security safeguards.

To bridge this knowledge gap between the research areas of mHealth and privacy, we start by asking: How to design secure and privacy-preserving systems for Mobile Health Data Collection Systems? To answer this question, an engineering approach is chosen to analyse and design privacy and security mechanisms for MDCSs.

Among the main contributions, a comprehensive literature review of the Brazilian mHealth ecosystem is presented. On the privacy engineering side, the contributions are a Privacy Impact Assessment (PIA) for the GeoHealth MDCS and three mechanisms: SecourHealth, a security framework for data encryption and user authentication; an Ontology-based Data Sharing System (O-DSS) that provides obfuscation and anonymisation functions; and, an electronic consent (e-Consent) tool for obtaining and handling informed consent.

Ort, förlag, år, upplaga, sidor
Karlstad: Karlstads universitet, 2019. s. 55
Serie
Karlstad University Studies, ISSN 1403-8099 ; 2019:1
Nyckelord
Privacy, data protection, information security, mobile health, community-based primary care, privacy impact assessment, consent management, anonymisation
Nationell ämneskategori
Data- och informationsvetenskap
Forskningsämne
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-70216 (URN)978-91-7063-900-5 (ISBN)978-91-7063-995-1 (ISBN)
Disputation
2019-01-31, 1A305, Lagerlöfsalen, Karlstad, 10:00 (Engelska)
Opponent
Handledare
Tillgänglig från: 2019-01-08 Skapad: 2018-11-27 Senast uppdaterad: 2019-09-19Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltexthttps://ieeexplore.ieee.org/document/8417210/?tp=&arnumber=8417210&filter%3DissueId%20EQ%20%228417175%22

Personposter BETA

Iwaya, Leonardo HFischer-Hübner, SimoneÅhlfeldt, Rose-MharieMartucci, Leonardo

Sök vidare i DiVA

Av författaren/redaktören
Iwaya, Leonardo HFischer-Hübner, SimoneÅhlfeldt, Rose-MharieMartucci, Leonardo
Av organisationen
Institutionen för matematik och datavetenskap (from 2013)
Datavetenskap (datalogi)

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 181 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf