RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Privacy and Security for Digital Health: Assessing Risks and Harms to Users
Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013). Karlstad University. (PriSec)ORCID-id: 0000-0003-1750-649x
2024 (engelsk)Doktoravhandling, med artikler (Annet vitenskapelig)
Abstract [en]

Electronic Health (e-Health), such as mobile health (mHealth) and Health Information Systems (HIS), benefits healthcare consumers and professionals. However, it also poses potential privacy risks, as security, privacy, and human factors remain challenges in the rapid digitization of healthcare. Considering an impact assessment of the planned processing helps identify and prevent privacy risks early in the development of digital health technologies. When such risks are exploited, they can result in various privacy harms to individuals, including physical, psychological, financial, reputational, and societal harms.

This thesis deals with the overarching objective of analyzing security and privacy risks in health-related systems. Specifically, it focuses on four main topics: (i.) the analysis of a selected category of mHealth apps, specifically, COVID-19 contact tracing apps; (ii.) the exploration of the potential impact on the privacy of patients in the context of cyberwar; (iii.) identification and modeling of privacy harms after a healthcare data breach; and, (iv.) an assessment of whether privacy harms enhance privacy risk assessments. It incorporates empirical methods, including in-depth document analysis through narrative reviews and a systematic literature review. A qualitative approach is also applied, using semi-structured interviews and a privacy risk assessment (PRA) exercise.

Our results show that rapidly developed digital health apps present security and privacy risks that could impact healthcare consumers' privacy. While integrating Information and Communications Technology (ICT) in healthcare is advantageous, it also introduces new risks. State-sponsored attackers may exploit these risks, potentially causing privacy harm to healthcare service users. We identify actual privacy impacts and use this to model privacy harms by modifying a PRA methodology. In addition to identifying methods for evaluating Privacy Impact Assessments (PIAs) and PRAs, we assess the coverage of privacy harms within these existing methodologies. Furthermore, we gain insight into the operationalization of privacy harms from practitioners and how this improves PRAs. 

Among the main contributions, the research creates an awareness of the risks associated with a lack of data protection mechanisms, and data breaches as well as their impact on patient privacy. In addition, a comprehensive systematic literature review on PIAs and PRAs was conducted, which led us to focus on operationalizing privacy harms that can be integrated into PRAs to assess the impact on the privacy of healthcare consumers. As a result, privacy experts and IT practitioners in healthcare will be better informed and guided in understanding privacy harms during privacy risk assessments. This ensures that appropriate safeguards are in place to prevent the materialization of actual privacy harms

Abstract [sv]

e-Hälsa, till exempel mobil hälsa (mHälsa) och hälsoinformationssystem (HIS), gynnar både vårdkonsumenter och vårdpersonal. Trots fördelarna kan e-Hälsa  leda till potentiella integritetsskador eftersom säkerhets- och integritetsfrågor, bland annat mänskliga faktorer, fortfarande är en utmaning i den snabba digitaliseringen av hälso- och sjukvården. Genom att göra en konsekvensbedömning av den planerade behandlingen kan man identifiera och förebygga integritetsrisker i ett tidigt skede av den digitala hälsotekniken. När dessa risker utnyttjas kan de leda till potentiella integritetsskador för de registrerade, inklusive fysiska, psykologiska, ekonomiska, ryktesrelaterade och samhälleliga skador.

Den här avhandlingen handlar om det övergripande målet att analysera säkerhets- och integritetsrisker i hälsorelaterade system. I synnerhet fokuserar vi på fyra huvudämnen: (i.) analysen av en utvald kategori av mHälsa-appar, särskilt kontaktspårningsappar för COVID-19; (ii.) utforskningen av den potentiella inverkan på patienternas integritet i samband med cyberkrig; (iii.) identifiering och modellering av integritetsskador efter ett dataintrång i vården; och (iv.) en bedömning av huruvida integritetsskador förbättrar bedömningar av integritetsrisker. För att uppnå detta omfattar avhandlingen empirisk forskning, djupgående dokumentanalys (i form av narrativa granskningar och en systematisk litteraturgransking) och ett kvalitativt tillvägagångssätt i form av en semistrukturerad intervju och en riskbedömningsövning. 

Vi konstaterade att digital hälsoappar som utvecklats i all hast har flera säkerhets- och integritetsrisker som kan påverka vårdkonsumenternas integritet. Dessutom medför integreringen av informations- och kommunikationsteknik (IKT) i hälso- och sjukvården risker, även om den är fördelaktig. Statligt sponsrade angripare kan utnyttja dessa risker, vilket leder till negativa integritetseffekter (integritetsskador) för användarna av hälso- och sjukvårdstjänster. Vi identifierar faktiska konsekvenser för integriteten och använder detta för att modellera integritetsskador genom att modifiera en PRA-metod. Förutom att identifiera metoder för att utvärdera konsekvensbedömningar avseende integritet (PIAs) och riskbedömning av integritetsskydd (PRAs), utvärderar vi täckningen av integritetsskador inom dessa befintliga metoder. Dessutom får vi insikt i operationaliseringen av integritetsskador från praktiker och hur detta förbättrar riskbedömning av integritetsskydd.

 Bland de viktigaste bidragen är att forskningen skapar en medvetenhet om de risker som är förknippade med bristande dataskyddsmekanismer och dataintrång samt deras inverkan på patienternas integritet. Dessutom genomfördes en omfattande systematisk litteraturgranskning av konsekvensbedömningar avseende integritet och riskbedömning av integritetsskydd, vilket ledde till att vi fokuserade på att operationalisera integritetsskador som kan integreras i riskbedömning av integritetsskydd för att bedöma hur vårdkonsumenter integritet påverkas. Detta innebär att integritetsexperter och IT-personal inom hälso- och sjukvården kan informeras och vägledas i förståelsen av integritetsskador under bedömningen av integritetsrisker. Detta säkerställer att lämpliga skyddsåtgärder finns på plats för att förhindra att faktiska integritetsskador inträffar.

Abstract [en]

e-Health, such as mobile health (mHealth) and Health Information Systems (HIS), benefits healthcare consumers and professionals. However, it also poses potential privacy risks, as security, privacy, and human factors remain challenges in the rapid digitization of healthcare. Considering an impact assessment of the planned processing helps identify and prevent privacy risks early in digital health technologies. When such risks are exploited, they can result in various privacy harms to individuals, including physical, psychological, financial, reputational, and societal harms. This thesis focuses on analyzing security and privacy risks in health-related systems. It incorporates empirical research, in-depth document analysis, and a qualitative approach in terms of a semi-structured interview and a privacy risk assessment exercise. Key contributions include raising awareness of the risks posed by inadequate data protection mechanisms, and data breaches as well as their impact on patient privacy. Additionally, we operationalize privacy harms to assess impact on healthcare consumers' privacy. This helps privacy experts and IT practitioners in healthcare understand and address privacy harms during risk assessments, ensuring safeguards are in place to prevent actual privacy harms.

sted, utgiver, år, opplag, sider
Karlstads universitet, 2024.
Serie
Karlstad University Studies, ISSN 1403-8099 ; 2024:34
Emneord [en]
Privacy, Data Protection, Security, e-Health, mHealth, Risk Analysis, Privacy Harms
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-101713DOI: 10.59217/kyvu3874ISBN: 978-91-7867-500-5 (tryckt)ISBN: 978-91-7867-501-2 (digital)OAI: oai:DiVA.org:kau-101713DiVA, id: diva2:1901102
Disputas
2024-11-27, 9C203, Universitetsgatan 2, Karlstad, 09:30 (engelsk)
Opponent
Veileder
Tilgjengelig fra: 2024-11-05 Laget: 2024-09-25 Sist oppdatert: 2024-11-05bibliografisk kontrollert
Delarbeid
1. A privacy and security analysis of early-deployed COVID-19 contact tracing Android apps
Åpne denne publikasjonen i ny fane eller vindu >>A privacy and security analysis of early-deployed COVID-19 contact tracing Android apps
2021 (engelsk)Inngår i: Empirical Software Engineering, ISSN 1382-3256, E-ISSN 1573-7616, Vol. 26, nr 3, artikkel-id 36Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

As this article is being drafted, the SARS-CoV-2/COVID-19 pandemic is causing harm and disruption across the world. Many countries aimed at supporting their contact tracers with the use of digital contact tracing apps in order to manage and control the spread of the virus. Their idea is the automatic registration of meetings between smartphone owners for the quicker processing of infection chains. To date, there are many contact tracing apps that have already been launched and used in 2020. There has been a lot of speculations about the privacy and security aspects of these apps and their potential violation of data protection principles. Therefore, the developers of these apps are constantly criticized because of undermining users’ privacy, neglecting essential privacy and security requirements, and developing apps under time pressure without considering privacy- and security-by-design. In this study, we analyze the privacy and security performance of 28 contact tracing apps available on Android platform from various perspectives, including their code’s privileges, promises made in their privacy policies, and static and dynamic performances. Our methodology is based on the collection of various types of data concerning these 28 apps, namely permission requests, privacy policy texts, run-time resource accesses, and existing security vulnerabilities. Based on the analysis of these data, we quantify and assess the impact of these apps on users’ privacy. We aimed at providing a quick and systematic inspection of the earliest contact tracing apps that have been deployed on multiple continents. Our findings have revealed that the developers of these apps need to take more cautionary steps to ensure code quality and to address security and privacy vulnerabilities. They should more consciously follow legal requirements with respect to apps’ permission declarations, privacy principles, and privacy policy contents.

sted, utgiver, år, opplag, sider
Springer Nature, 2021
Emneord
contact tracing apps, covid19, privacy, security, software quality, android, permissions, personal data, maturity, information privacy, privacy risk
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-83509 (URN)10.1007/s10664-020-09934-4 (DOI)000631083100001 ()2-s2.0-85103351291 (Scopus ID)
Prosjekter
Digital Well ResearchAlert
Tilgjengelig fra: 2021-03-22 Laget: 2021-03-22 Sist oppdatert: 2024-09-25bibliografisk kontrollert
2. Privacy Analysis of COVID-19 Contact Tracing Apps in the EU
Åpne denne publikasjonen i ny fane eller vindu >>Privacy Analysis of COVID-19 Contact Tracing Apps in the EU
2021 (engelsk)Inngår i: Secure IT Systems: 25th Nordic Conference, NordSec 2020, Virtual Event, November 23–24, 2020, Proceedings / [ed] Mikael Asplund and Simin Nadjm-Tehrani, Springer, 2021, s. 213-228Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

This paper presents results from a privacy analysis of COVID-19 contact tracing apps developed within the EU. Though these apps have been termed advantageous, concerns regarding privacy have become an issue that has led to their slow adoption. In this empirical study, we perform both static and dynamic analysis to judge apps’ privacy-preserving behavior together with the analysis of the privacy and data protection goals to deduce their transparency and intervenability. From the results, we discover that while the apps aim to be privacy-preserving, not all adhere to this as we observe one tracks users’ location, while the other violates the principle of least privilege, data minimisation and transparency, which puts the users’ at risk by invading their privacy.

sted, utgiver, år, opplag, sider
Springer, 2021
Serie
Lecture Notes in Computer Science, ISSN 0302-9743 ; 12556
Emneord
Privacy, COVID-19, Contact Tracing Apps
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-83327 (URN)10.1007/978-3-030-70852-8 (DOI)2-s2.0-85103585121 (Scopus ID)978-3-030-70852-8 (ISBN)
Konferanse
NordSec: Nordic Conference on Secure IT Systems
Prosjekter
DigitalWell Research
Tilgjengelig fra: 2021-03-04 Laget: 2021-03-04 Sist oppdatert: 2024-09-25bibliografisk kontrollert
3. e-Health as a Target in Cyberwar: Expecting the Worst
Åpne denne publikasjonen i ny fane eller vindu >>e-Health as a Target in Cyberwar: Expecting the Worst
2021 (engelsk)Inngår i: Proceeding of the 20th European Conference on Cyber Warfare and Security, ECCWS 2021: A Virtual Conference Hosted By University of Chester UK. 24th-25th June 2021, Reading, UK: ACI Academic Conferences International, 2021, , s. 646s. 549-557Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Healthcare organisations have become a key target for attackers as evidenced by the global increase in cyberattacks. These cyberattacks are attributed to various attackers who differ in motivations and skills, with the common motivation being financial gain due to the rich personal data contained in patients' health records. But what would happen if the motivation changed? What would happen if the motivation is driven by targeting key people, mass exploitation or taking lives? What would happen if a strategic cyberattack knocks out a society’s critical infrastructure? This article investigates the possibility of targeting e-Health in the context of cyberwar. It assesses the privacy in healthcare and compares the consequences and impact of conventional cyber-attacks within the healthcare sector, against the consequences and impact of cyberwar on the same. The outcome indicates that e-Health in the context cyberwar could result to active reconnaissance of patient records, which could lead to the targeting of key and influential people through Personally Identifiable Information (PII), mass exploitation, and personal attacks derived from Personal Health Information (PHI), which could result to irreversible damage or death.

sted, utgiver, år, opplag, sider
Reading, UK: ACI Academic Conferences International, 2021. s. 646
Emneord
e-Health, privacy, cyberwar, cyber-attack, critical-infrastructure, healthcare
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-84646 (URN)978-1-912764-43-3 (ISBN)978-1-912764-99-0 (ISBN)
Konferanse
20th European Conference on Cyber Warfare and Security
Tilgjengelig fra: 2021-06-18 Laget: 2021-06-18 Sist oppdatert: 2024-09-25bibliografisk kontrollert
4. Modelling privacy harms of compromised personal medical data - Beyond data breach
Åpne denne publikasjonen i ny fane eller vindu >>Modelling privacy harms of compromised personal medical data - Beyond data breach
2022 (engelsk)Inngår i: ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security, Association for Computing Machinery (ACM), 2022, artikkel-id 133Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

What harms and consequences do patients experience after a medical data breach? This article aims at the improvement of privacy impact analysis for data breaches that involve personal medical data. The article has two major findings. First, scientific literature does not mention consequences and harms to the data subjects when discussing data breaches in the healthcare sector. For conceptualizing actual documented harm, we had to search court rulings and popular press articles instead. We present the findings of our search for empirically founded harms in the first part of the article. Second, we present a modified PRIAM assessment method with the goal of better assessment of harms and consequences of such data breaches for the patient/employee data subject in healthcare. We split the risk assessment into parallel categories of assessment rather than calculating a single risk score. In addition, we quantify the original PRIAM categories into a calculus for risk assessment. The article presents our modified PRIAM which is the result of these modifications. Our overall contribution is the collection of actual harms and consequences of e-health data breaches that complement the overly theoretical discussion in publications. With our operationalization of PRIAM and by providing a catalog of real harms examples, we focus privacy impact assessment on actual harms to persons.

sted, utgiver, år, opplag, sider
Association for Computing Machinery (ACM), 2022
Serie
ACM International Conference Proceeding Series
Emneord
Calculations, Data privacy, Health care, Consequence, Data breach, Data subjects, Harm, Medical data, Patient experiences, Personal health informations, Privacy, Privacy impact, Risks assessments, Risk assessment
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-91872 (URN)10.1145/3538969.3544462 (DOI)2-s2.0-85136920878 (Scopus ID)978-1-4503-9670-7 (ISBN)
Konferanse
17th International Conference on Availability, Reliability and Security, ARES 2022
Merknad

Detta paper var publicerat som manuskript med titeln Modelling Privacy Impact of Compromised Personal Medical Data: Beyond Data Breach i Wairimus licentiatuppsats Privacy and Security Analysis: Assessing Risks and Harm to Patients (2022).

Tilgjengelig fra: 2022-09-13 Laget: 2022-09-13 Sist oppdatert: 2024-09-25bibliografisk kontrollert
5. On the Evaluation of Privacy Impact Assessment and Privacy Risk Assessment Methodologies: A Systematic Literature Review
Åpne denne publikasjonen i ny fane eller vindu >>On the Evaluation of Privacy Impact Assessment and Privacy Risk Assessment Methodologies: A Systematic Literature Review
2024 (engelsk)Inngår i: IEEE Access, E-ISSN 2169-3536, Vol. 12, s. 19625-19650Artikkel, forskningsoversikt (Fagfellevurdert) Published
Abstract [en]

Assessing privacy risks and incorporating privacy measures from the onset requires a comprehensive understanding of potential impacts on data subjects. Privacy Impact Assessments (PIAs) offer a systematic methodology for such purposes, which are closely related to Data Protection Impact Assessments (DPIAs), particularly outlined in Article 35 of the General Data Protection Regulation (GDPR). The core of a PIA is a Privacy Risk Assessment (PRA). PRAs can be integrated as part of full-fledged PIAs or independently developed to support PIA processes. Although these methodologies have been identified as essential enablers of privacy by design, their effectiveness has been criticized because of the lack of evidence of their rigorous and systematic evaluation. Hence, we conducted a Systematic Literature Review (SLR) to identify published PIA and PRA methodologies and assess how and to what extent they have been scientifically validated or evaluated. We found that these methodologies are rarely evaluated for their performance in practice, and most of them have only been validated in limited studies. Most validation evidence is found with PRA methodologies. Of the evaluated methodologies, PIAs were the most evaluated, where case studies were the predominant evaluation method. These evaluated methodologies can be easily transferred to an industrial setting or used by practitioners, as they provide evidence of their use in practice. In addition, the findings in this study can be used to inform researchers of the current state-of-the-art, and practitioners can understand the benefits and current limitations of the methodologies and adopt evidence-based practices. 

sted, utgiver, år, opplag, sider
IEEE, 2024
Emneord
Privacy impact assessment, data protection impact assessment, general data protection regulation, privacy by design, privacy, review, threat modeling, privacy risks, validity, maturity.
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-98433 (URN)10.1109/access.2024.3360864 (DOI)001161062400001 ()2-s2.0-85184332904 (Scopus ID)
Prosjekter
Digital Health Innovation (DHINO) ProjectDigitalWell Arena Project
Forskningsfinansiär
Region Värmland, RUN/220266Vinnova, 2018-03025
Tilgjengelig fra: 2024-02-09 Laget: 2024-02-09 Sist oppdatert: 2024-09-25bibliografisk kontrollert
6. Operationalizing Privacy Harms for Enhanced Risk Assessments: Understanding the Practitioners' Adoption, Perceptions and Practices
Åpne denne publikasjonen i ny fane eller vindu >>Operationalizing Privacy Harms for Enhanced Risk Assessments: Understanding the Practitioners' Adoption, Perceptions and Practices
(engelsk)Manuskript (preprint) (Annet vitenskapelig)
Abstract [en]

Privacy Impact Assessments (PIAs), also known as Data Protection Impact Assessments (DPIAs) under the EU GDPR, and Privacy Risk Assessments (PRAs) have emerged as prominent privacy engineering methodologies, aiding developers and data controllers to systematically identify privacy risk sources and assign appropriate controls. As part of such methodologies, the concept of privacy harms has been proposed as a valuable, well-structured taxonomy that contributes to the rationalization and justification of assessment decisions made by practitioners. Although some PRA methodologies have integrated privacy harms, the evidence that such inclusions improve the assessors' decision-making remains incipient. This study aims to understand whether adhering to and integrating privacy harm concepts can enhance PRA outcomes by investigating PIA/DPIA and PRA practitioner's perspectives on practical operationalization aspects. A qualitative approach based on semi-structured interviews, including a workable PRA exercise, was used to elicit the practitioner's opinions and experiences concerning the use of privacy harms, with the data interpretation process following a reflexive thematic analysis. In total, 17 privacy practitioners were interviewed, allowing for an extensive range of positive (e.g., informative and educational) and negative opinions (e.g., misleading and too broad) on the practical inclusion and operationalization of privacy harms in PRA methodologies and the conceptualization of privacy harms when conducting assessments. The results indicate a lack of a standardized concept of privacy harm, as differing definitions have been provided. Participants also highlighted that privacy harms are highly context-dependent and vary based on the data subject and hence could result in difficulty quantifying. Nevertheless, privacy harms are a critical addition to PIA/DPIA and PRA methodologies, supporting more rationalized and justifiable decisions when ascertaining risk and severity levels and implementing mitigating controls to prevent the materialization of harm. Yet, some prioritization of harm categories is advisable so that time and resources for assessment are efficiently allocated. 

Emneord
privacy; privacy impact assessment; privacy risk assessment; privacy harms; data protection; DPIA
HSV kategori
Identifikatorer
urn:nbn:se:kau:diva-101712 (URN)
Tilgjengelig fra: 2024-09-25 Laget: 2024-09-25 Sist oppdatert: 2024-09-25

Open Access i DiVA

2024_34_Wairimu(1484 kB)99 nedlastinger
Filinformasjon
Fil FULLTEXT02.pdfFilstørrelse 1484 kBChecksum SHA-512
810d5e9a1a13f9b4194e768a80e502e63825a58351e410cdc2875b1593065bab29415098b314f2d6d4c02819615d51eed4004a20212a3e4e6bf759bc7477b0ca
Type fulltextMimetype application/pdf

Andre lenker

Forlagets fulltekst

Person

Wairimu, Samuel

Søk i DiVA

Av forfatter/redaktør
Wairimu, Samuel
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 102 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

doi
isbn
urn-nbn

Altmetric

doi
isbn
urn-nbn
Totalt: 606 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf