Open this publication in new window or tab >>2019 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]
Mobile health (mHealth) systems empower Community Health Workers (CHWs) around the world, by supporting the provisioning of Community-Based Primary Health Care (CBPHC) – primary care outside the health facility into people’s homes. In particular, Mobile Health Data Collection Systems (MDCSs) are used by CHWs to collect health-related data about the families that they treat, replacing paper-based approaches for health surveys. Although MDCSs significantly improve the overall efficiency of CBPHC, existing and proposed solutions lack adequate privacy and security safeguards. In order to bridge this knowledge gap between the research areas of mHealth and privacy, the main research question of this thesis is: How to design secure and privacy-preserving systems for Mobile Health Data Collection Systems? To answer this question, the Design Method is chosen as an engineering approach to analyse and design privacy and security mechanisms for MDCSs. Among the main contributions, a comprehensive literature review of the Brazilian mHealth ecosystem is presented. This review led us to focus on MDCSs due to their impact on Brazil’s CBPHC, the Family Health Strategy programme. On the privacy engineering side, the contributions are a Privacy Impact Assessment (PIA) for the GeoHealth MDCS and three mechanisms: (a) SecourHealth, a security framework for data encryption and user authentication; (b) an Ontology-based Data Sharing System (O-DSS) that provides obfuscation and anonymisation functions; and, (c) an electronic consent (e-Consent) tool for obtaining and handling informed consent. Additionally, practical experience is shared about designing a MDCS, GeoHealth, and deploying it in a large-scale experimental study. In conclusion, the contributions of this thesis offer guidance to mHealth practitioners, encouraging them to adopt the principles of privacy by design and by default in their projects.
Abstract [en]
Mobile health (mHealth) systems empower Community Health Workers (CHWs) around the world, by supporting the provisioning of Community-Based Primary Health Care (CBPHC). In particular, Mobile Health Data Collection Systems (MDCSs) are used by CHWs to collect health-related data about the families that they treat, replacing paper-based approaches. Although MDCSs improve the efficiency of CBPHC, existing solutions lack adequate privacy and security safeguards.
To bridge this knowledge gap between the research areas of mHealth and privacy, we start by asking: How to design secure and privacy-preserving systems for Mobile Health Data Collection Systems? To answer this question, an engineering approach is chosen to analyse and design privacy and security mechanisms for MDCSs.
Among the main contributions, a comprehensive literature review of the Brazilian mHealth ecosystem is presented. On the privacy engineering side, the contributions are a Privacy Impact Assessment (PIA) for the GeoHealth MDCS and three mechanisms: SecourHealth, a security framework for data encryption and user authentication; an Ontology-based Data Sharing System (O-DSS) that provides obfuscation and anonymisation functions; and, an electronic consent (e-Consent) tool for obtaining and handling informed consent.
Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2019. p. 55
Series
Karlstad University Studies, ISSN 1403-8099 ; 2019:1
Keywords
Privacy, data protection, information security, mobile health, community-based primary care, privacy impact assessment, consent management, anonymisation
National Category
Computer and Information Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-70216 (URN)978-91-7063-900-5 (ISBN)978-91-7063-995-1 (ISBN)
Public defence
2019-01-31, 1A305, Lagerlöfsalen, Karlstad, 10:00 (English)
Opponent
Supervisors
Projects
HITS, 4707
Funder
Knowledge Foundation
2019-01-082018-11-272022-11-22Bibliographically approved