Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Ontology-based Obfuscation and Anonymisation for Privacy: A Case Study on Healthcare
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (Privacy and Security)ORCID iD: 0000-0001-9005-0543
Trento University, Italy. (Department of Information Engineering and Computer Science)
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (Privacy and Security)ORCID iD: 0000-0002-9980-3473
Trento University, Italy. (Department of Information Engineering and Computer Science)
Show others and affiliations
2016 (English)In: Privacy and Identity Management: Time for a Revolution? / [ed] David Aspinal, Marit Hansen, Jan Camenisch, Simone Fischer-Hübner, Charles Raab, Springer, 2016, p. 343-358Conference paper, Published paper (Refereed)
Place, publisher, year, edition, pages
Springer, 2016. p. 343-358
Series
IFIP Advances in Information and Communication Technology, ISSN 1868-4238
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:kau:diva-43014DOI: 10.1007/978-3-319-41763-9ISBN: 9783319417639 (electronic)OAI: oai:DiVA.org:kau-43014DiVA, id: diva2:937525
Conference
10th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6/SIG 9.2.2 International Summer School
Available from: 2016-06-15 Created: 2016-06-15 Last updated: 2018-11-27Bibliographically approved
In thesis
1. Secure and Privacy-aware Data Collection and Processing in Mobile Health Systems
Open this publication in new window or tab >>Secure and Privacy-aware Data Collection and Processing in Mobile Health Systems
2016 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Healthcare systems have assimilated information and communication technologies in order to improve the quality of healthcare and patient's experience at reduced costs. The increasing digitalization of people's health information raises however new threats regarding information security and privacy. Accidental or deliberate data breaches of health data may lead to societal pressures, embarrassment and discrimination. Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance. This thesis consists of publications contributing to mHealth security and privacy in various ways: with a comprehensive literature review about mHealth in Brazil; with the design of a security framework for MDCSs (SecourHealth); with the design of a MDCS (GeoHealth); with the design of Privacy Impact Assessment template for MDCSs; and with the study of ontology-based obfuscation and anonymisation functions for health data.

Abstract [en]

Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2016. p. 28
Series
Karlstad University Studies, ISSN 1403-8099 ; 2016:47
Keywords
Mobile health, information security, data privacy, data collection, personal health data
National Category
Computer and Information Sciences Telecommunications Computer Sciences
Research subject
Computer Science; Computer Science
Identifiers
urn:nbn:se:kau:diva-46982 (URN)978-91-7063-730-8 (ISBN)
Presentation
2016-12-13, 21A342 - Eva Erikssonsalen, Karlstads universitet, 651 88, Karlstad, 15:15 (English)
Opponent
Supervisors
Available from: 2016-11-22 Created: 2016-10-31 Last updated: 2018-08-07Bibliographically approved
2. Engineering Privacy for Mobile Health Data Collection Systems in the Primary Care
Open this publication in new window or tab >>Engineering Privacy for Mobile Health Data Collection Systems in the Primary Care
2019 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Mobile health (mHealth) systems empower Community Health Workers (CHWs) around the world, by supporting the provisioning of Community-Based Primary Health Care (CBPHC) – primary care outside the health facility into people’s homes. In particular, Mobile Health Data Collection Systems (MDCSs) are used by CHWs to collect health-related data about the families that they treat, replacing paper-based approaches for health surveys. Although MDCSs significantly improve the overall efficiency of CBPHC, existing and proposed solutions lack adequate privacy and security safeguards. In order to bridge this knowledge gap between the research areas of mHealth and privacy, the main research question of this thesis is: How to design secure and privacy-preserving systems for Mobile Health Data Collection Systems? To answer this question, the Design Method is chosen as an engineering approach to analyse and design privacy and security mechanisms for MDCSs. Among the main contributions, a comprehensive literature review of the Brazilian mHealth ecosystem is presented. This review led us to focus on MDCSs due to their impact on Brazil’s CBPHC, the Family Health Strategy programme. On the privacy engineering side, the contributions are a Privacy Impact Assessment (PIA) for the GeoHealth MDCS and three mechanisms: (a) SecourHealth, a security framework for data encryption and user authentication; (b) an Ontology-based Data Sharing System (O-DSS) that provides obfuscation and anonymisation functions; and, (c) an electronic consent (e-Consent) tool for obtaining and handling informed consent. Additionally, practical experience is shared about designing a MDCS, GeoHealth, and deploying it in a large-scale experimental study. In conclusion, the contributions of this thesis offer guidance to mHealth practitioners, encouraging them to adopt the principles of privacy by design and by default in their projects.

Abstract [en]

Mobile health (mHealth) systems empower Community Health Workers (CHWs) around the world, by supporting the provisioning of Community-Based Primary Health Care (CBPHC). In particular, Mobile Health Data Collection Systems (MDCSs) are used by CHWs to collect health-related data about the families that they treat, replacing paper-based approaches. Although MDCSs improve the efficiency of CBPHC, existing solutions lack adequate privacy and security safeguards.

To bridge this knowledge gap between the research areas of mHealth and privacy, we start by asking: How to design secure and privacy-preserving systems for Mobile Health Data Collection Systems? To answer this question, an engineering approach is chosen to analyse and design privacy and security mechanisms for MDCSs.

Among the main contributions, a comprehensive literature review of the Brazilian mHealth ecosystem is presented. On the privacy engineering side, the contributions are a Privacy Impact Assessment (PIA) for the GeoHealth MDCS and three mechanisms: SecourHealth, a security framework for data encryption and user authentication; an Ontology-based Data Sharing System (O-DSS) that provides obfuscation and anonymisation functions; and, an electronic consent (e-Consent) tool for obtaining and handling informed consent.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2019. p. 55
Series
Karlstad University Studies, ISSN 1403-8099 ; 2019:1
Keywords
Privacy, data protection, information security, mobile health, community-based primary care, privacy impact assessment, consent management, anonymisation
National Category
Computer and Information Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-70216 (URN)978-91-7063-900-5 (ISBN)978-91-7063-995-1 (ISBN)
Public defence
2019-01-31, 1A305, Lagerlöfsalen, Karlstad, 10:00 (English)
Opponent
Supervisors
Available from: 2019-01-08 Created: 2018-11-27 Last updated: 2019-01-08Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records BETA

Iwaya, L HMartucci, LeonardoFischer-Hübner, Simone

Search in DiVA

By author/editor
Iwaya, L HMartucci, LeonardoFischer-Hübner, Simone
By organisation
Department of Mathematics and Computer ScienceDivision for Information Technology
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 296 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf