Developments in Privacy and Data Ownership in Mobile Health Technologies, 2016-2019

Objectives: To survey international regulatory frameworks that serve to protect privacy of personal data as a human right as well as to review the literature regarding privacy protections and data ownership in mobile health (mHealth) technologies between January 1, 2016 and June 1, 2019 in order to identify common themes. Methods: We performed a review of relevant literature available in English published between January 1, 2016 and June 1, 2019 from databases including PubMed, Google Scholar, and Web of Science, as well as relevant legislative background material. Articles out of scope (as detailed below) were eliminated. We categorized the remaining pool of articles and discrete themes were identified, specifically: concerns around data transmission and storage, including data ownership and the ability to re-identify previously de-identified data; issues with user consent (including the availability of appropriate privacy policies) and access control; and the changing culture and variable global attitudes toward privacy of health data. Results: Recent literature demonstrates that the security of mHealth data storage and transmission remains of wide concern, and aggregated data that were previously considered “de-identified” have now been demonstrated to be re-identifiable. Consumer-informed consent may be lacking with regard to mHealth applications due to the absence of a privacy policy and/or to text that is too complex and lengthy for most users to comprehend. The literature surveyed emphasizes improved access control strategies. This survey also illustrates a wide variety of global user perceptions regarding health data privacy. Conclusion: The international regulatory framework that serves to protect privacy of personal data as a human right is diverse. Given the challenges legislators face to keep up with rapidly advancing technology, we introduce the concept of a “healthcare fiduciary” to serve the best interest of data subjects in the current environment.

Download Full-text

Security, Privacy, and Ownership Issues With the Use of Wearable Health Technologies

Wearable Technologies ◽

10.4018/978-1-5225-5484-4.ch048 ◽

2018 ◽

pp. 1068-1083

Author(s):

Don Kerr ◽

Kerryn Butler-Henderson ◽

Tony Sahama

Keyword(s):

Data Privacy ◽

Wearable Technology ◽

Health Data ◽

Security And Privacy ◽

Primary Concern ◽

Health Technologies ◽

State Security ◽

Data Ownership ◽

The Future ◽

Data Theft

When considering the use of mobile or wearable health technologies to collect health data, a majority of users state security and privacy of their data is a primary concern. With users being connected 24/7, there is a higher risk today of data theft or the misappropriate use of health data. Furthermore, data ownership is often a misunderstood topic in wearable technology, with many users unaware who owns the data collected by a device, what that data can be used for and who can receive that data. Many countries are reviewing privacy governance in an attempt to clarify data privacy and ownership. But is it too late? This chapter explores the concepts of security and privacy of data from mobile and wearable technology, with specific examples, and the implications for the future.

Download Full-text

Security, Privacy, and Ownership Issues with the Use of Wearable Health Technologies

Managing Security Issues and the Hidden Dangers of Wearable Technologies - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-1016-1.ch007 ◽

2016 ◽

pp. 161-181 ◽

Cited By ~ 1

Author(s):

Don Kerr ◽

Kerryn Butler-Henderson ◽

Tony Sahama

Keyword(s):

Data Privacy ◽

Wearable Technology ◽

Health Data ◽

Security And Privacy ◽

Primary Concern ◽

Health Technologies ◽

State Security ◽

Data Ownership ◽

The Future ◽

Data Theft

Download Full-text

Security, Privacy, and Ownership Issues With the Use of Wearable Health Technologies

Cyber Law, Privacy, and Security ◽

10.4018/978-1-5225-8897-9.ch079 ◽

2019 ◽

pp. 1629-1644 ◽

Cited By ~ 1

Author(s):

Don Kerr ◽

Kerryn Butler-Henderson ◽

Tony Sahama

Keyword(s):

Data Privacy ◽

Wearable Technology ◽

Health Data ◽

Security And Privacy ◽

Primary Concern ◽

Health Technologies ◽

State Security ◽

Data Ownership ◽

The Future ◽

Data Theft

Download Full-text

A Systematic Mapping Study on Privacy by Design in Software Engineering

CLEI electronic journal ◽

10.19153/cleiej.22.1.4 ◽

2019 ◽

Vol 22 (1) ◽

Cited By ~ 1

Author(s):

Miguel Ehecatl Morales-Trujillo ◽

Gabriel Alberto García-Mireles ◽

Erick Orlando Matla-Cruz ◽

Mario Piattini

Keyword(s):

Software Development ◽

Data Privacy ◽

Theoretical Perspective ◽

Relevant Literature ◽

Personal Data ◽

Software Systems ◽

Systematic Mapping Study ◽

Privacy By Design ◽

Mapping Study ◽

Systematic Mapping

Protecting personal data in current software systems is a complex issue that requires legal regulations and constraints to manage personal data as well as a methodological support to develop software systems that would safeguard data privacy of their respective users. Privacy by Design (PbD) approach has been proposed to address this issue and has been applied to systems development in a variety of application domains. The aim of this work is to determine the presence of PbD and its extent in software development efforts. A systematic mapping study was conducted in order to identify relevant literature that collects PbD principles and goals in software development as well as methods and/or practices that support privacy aware software development. 53 selected papers address PbD mostly from a theoretical perspective with proposals validation based primarily on experiences or examples. The findings suggest that there is a need to develop privacy-aware methods to be integrated at all stages of software development life cycle and validate them in industrial settings.

Download Full-text

International Data Transfers post Schrems – Moving Towards Solutions

Gdańskie Studia Prawnicze ◽

10.26881/gsp.2021.4.02 ◽

2021 ◽

pp. 21-37

Author(s):

Dan Jerker B. Svantesson

Keyword(s):

Data Privacy ◽

Personal Data ◽

Modern World ◽

Human Right ◽

International Data ◽

Data Transfers ◽

International Data Transfers ◽

Selection Of

International data transfers are both essential for the modern world and a major source of risksto the protection of personal data. In this, we can speak of a clash between an important multifacetedobjective and the protection of a complex fundamental human right with implicationsgoing far beyond that right itself.The goal must be to facilitate data privacy respecting international data transfers. However,agreement on this goal – even if widespread – does not necessarily signal agreement on how wereach that goal. To make progress, we must proceed with caution and yet avoid getting boggeddown in the unavoidable challenges, such as definitional challenges, we will face.This article canvasses a selection of key considerations that ought to be kept in mind whenwe discuss approaches to international data transfers. However, to prepare ground for that discussion,it first sets the scene by examining the so-called Schrems II decision, its larger contextand background, as well as some of the reactions we have seen to that decision.

Download Full-text

Trust and The Acquisition and Use of Public Health Information

Health Care Analysis ◽

10.1007/s10728-021-00436-y ◽

2021 ◽

Author(s):

Stephen Holland ◽

Jamie Cawthra ◽

Tamara Schloemer ◽

Peter Schröder-Bäck

Keyword(s):

Public Health ◽

Health Information ◽

Data Privacy ◽

Empirical Work ◽

Personal Data ◽

Health Data ◽

Privacy Concerns ◽

External Threats ◽

Trust In Institutions ◽

The Way

AbstractInformation is clearly vital to public health, but the acquisition and use of public health data elicit serious privacy concerns. One strategy for navigating this dilemma is to build 'trust' in institutions responsible for health information, thereby reducing privacy concerns and increasing willingness to contribute personal data. This strategy, as currently presented in public health literature, has serious shortcomings. But it can be augmented by appealing to the philosophical analysis of the concept of trust. Philosophers distinguish trust and trustworthiness from cognate attitudes, such as confident reliance. Central to this is value congruence: trust is grounded in the perception of shared values. So, the way to build trust in institutions responsible for health data is for those institutions to develop and display values shared by the public. We defend this approach from objections, such as that trust is an interpersonal attitude inappropriate to the way people relate to organisations. The paper then moves on to the practical application of our strategy. Trust and trustworthiness can reduce privacy concerns and increase willingness to share health data, notably, in the context of internal and external threats to data privacy. We end by appealing for the sort of empirical work our proposal requires.

Download Full-text

Present and Future Trends in Consumer Health Informatics and Patient-Generated Health Data

Yearbook of Medical Informatics ◽

10.15265/iy-2017-016 ◽

2017 ◽

Vol 26 (01) ◽

pp. 152-159 ◽

Cited By ~ 29

Author(s):

A. M. Lai ◽

P.-Y. S. Hsueh ◽

Y. K. Choi ◽

R. R. Austin

Keyword(s):

Digital Library ◽

Mobile Health ◽

Health Informatics ◽

Health Data ◽

Current Evidence ◽

Consumer Health Informatics ◽

Consumer Health ◽

Health Technologies ◽

Widespread Availability ◽

The Impact

Summary Objectives: Consumer Health Informatics (CHI) and the use of Patient-Generated Health Data (PGHD) are rapidly growing focus areas in healthcare. The objective of this paper is to briefly review the literature that has been published over the past few years and to provide a sense of where the field is going. Methods: We searched PubMed and the ACM Digital Library for articles published between 2014 and 2016 on the topics of CHI and PGHD. The results of the search were screened for relevance and categorized into a set of common themes. We discuss the major topics covered in these articles. Results: We retrieved 65 articles from our PubMed query and 32 articles from our ACM Digital Library query. After a review of titles, we were left with 47 articles to conduct our full article survey of the activities in CHI and PGHD. We have summarized these articles and placed them into major categories of activity. Within the domain of consumer health informatics, articles focused on mobile health and patient-generated health data comprise the majority of the articles published in recent years. Conclusions: Current evidence indicates that technological advancements and the widespread availability of affordable consumer-grade devices are fueling research into using PGHD for better care. As we observe a growing number of (pilot) developments using various mobile health technologies to collect PGHD, major gaps still exist in how to use the data by both patients and providers. Further research is needed to understand the impact of PGHD on clinical outcomes.

Download Full-text

Perlindungan Privasi Data Pribadi dalam Perspektif Perbandingan Hukum

Jurnal Jatiswara ◽

10.29303/jatiswara.v34i3.218 ◽

2019 ◽

Vol 34 (3) ◽

Author(s):

Fanny Priscyllia

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Private Information ◽

Privacy Protection ◽

Social Life ◽

Data Privacy ◽

Freedom Of Expression ◽

Personal Data ◽

Study Results ◽

Google Drive

Perkembangan teknologi informasi dan komunikasi, salah satunya internet (interconnection networking). Informasi berupa data pribadi menjadi acuan dalam penggunaan aplikasi berbasis internet seperti e-commerce, e-health, e-payment, serta perkembangan cloud computing (ruang penyimpanan data seperti google drive, iCloud, Youtube). Privasi data pribadi merupakan hal penting karena menyangkut harga diri dan kebebasan berekspresi seseorang. Perlindungan privasi data pribadi jika tidak diatur dalam suatu peraturan perundang-undangan dapat mengakibatkan kerugian bagi seseorang atas tersebarnya suatu informasi pribadi. Kajian ini bertujuan untuk mendisukusikan konsep perlindungan privasi data pribadi serta pengaturannya dalam perspektif perbandingan hukum. Kajian ini menggunakan penelitian hukum normatif yang meneliti dan menganalisis sumber-sumber hukum. Hasil studi menunjukkan bahwa konsep perlindungan hak privasi merupakan hak penuh seseorang dan pemenuhannya tidak didasarkan pada hak orang lain, tetapi hak tersebut dapat hilang apabila dikehendaki oleh pemiliknya untuk mempublikasikan informasi yang bersifat pribadi kepada publik dan seseorang berhak untuk tidak membagikan semua informasi mengenai pribadinya dalam kehidupan sosial. Ketiadaan hukum yang mengatur secara komprehensif perlindungan privasi atas data pribadi di Indonesia dapat meningkatkan potensi pelanggaran terhadap hak konstitusional warga negara atas perlindungan privasi data pribadi. The development of information and communication technology, which one is the internet (interconnection networking). Personal data becomes a reference in the use of internet-based applications such as e-commerce, e-health, e-payment, and the development of cloud computing (data storage space such as Google Drive, iCloud, Youtube). The privacy of personal data is very important because it involves the freedom of expression and dignity of each individual. Data privacy protection shall be stipulated under the national law, if it is not, it may harm personal information that leads to any loss of someone. This paper aims to discuss the concept of privacy protection of personal data and legal arrangements from the perspective of comparative law. This article is normative legal research that examines and analyzes legal sources. The study results show that the privacy protection concept of personal data is a person rights and applied not by the others, but the rights can be lost if that person publish private information to the public and it’s a rights to does not share all information about his personality in social life. The absence of a comprehensive law governing privacy protection for personal data as a constitutional right can increase the potential of violations in Indonesia.

Download Full-text

Managing Privacy and Effectiveness of Patient-Administered Authorization Policies

International Journal of Computational Models and Algorithms in Medicine ◽

10.4018/jcmam.2012040103 ◽

2012 ◽

Vol 3 (2) ◽

pp. 43-62

Author(s):

Thomas Trojer ◽

Basel Katt ◽

Ruth Breu ◽

Thomas Schabetsberger ◽

Richard Mair

Keyword(s):

Health Care ◽

Information System ◽

Access Control ◽

Data Privacy ◽

Evaluation Criteria ◽

Control Policy ◽

Health Data ◽

Personal Health ◽

Access Control Policy ◽

Authorization Policies

A central building block of data privacy is the individual right of information self-determination. Following from that when dealing with shared electronic health records (SEHR), citizens, as the identified individuals of such records, have to be enabled to decide what medical data can be used in which way by medical professionals. In this context individual preferences of privacy have to be reflected by authorization policies to control access to personal health data. There are two potential challenges when enabling patient-controlled access control policy authoring: First, an ordinary citizen neither can be considered a security expert, nor does she or he have the expertise to fully understand typical activities and workflows within the health-care domain. Thus, a citizen is not necessarily aware of implications her or his access control settings have with regards to the protection of personal health data. Both privacy of citizen’s health-data and the overall effectiveness of a health-care information system are at risk if inadequate access control settings are in place. This paper refers to scenarios of a case study previously conducted and shows how privacy and information system effectiveness can be defined and evaluated in the context of SEHR. The paper describes an access control policy analysis method which evaluates a patient-administered access control policy by considering the mentioned evaluation criteria.

Download Full-text

Privacy

Computers and Society ◽

10.1093/oso/9780198827085.003.0015 ◽

2019 ◽

Author(s):

Ronald M. Baecker

Keyword(s):

Data Storage ◽

Data Privacy ◽

New Technologies ◽

Personal Data ◽

Information Privacy ◽

Privacy Concerns ◽

Dystopian Literature ◽

Computer Scientists ◽

Government Surveillance ◽

The 1960S

Fears about loss of privacy in computerized societies have been central to dystopian literature. The issue has also concerned thoughtful computer scientists and lawyers since the 1960s. By then, the scope of the computer revolution was making clear that governments and corporations could keep records about almost every aspect of our lives. As data storage became virtually limitless at trivial cost, effective uses of data grew, as did risks to personal privacy. We shall define privacy, look at its manifestations and roles, and discuss current and future threats to it. We shall introduce concepts that are key to understanding privacy, such as informed consent. A major concern is the threats to information privacy or data privacy, in which a person’s confidential information has errors or becomes exposed to people who should not be able to see or use it. We shall examine situations in which privacy can be invaded by governments, organizations, and individuals. Governments amass vast stores of personal data during the everyday course of administration and regulation. Government surveillance in many nations captures information that should be private, a topic we discussed in Chapter 6. Search engines, credit rating organizations, and insurance companies also gather huge amounts of data on consumers. When data is incorrect, or is hacked, there are serious implications for information privacy. Criminals seek to gain leverage by ferreting out computer-based data about personal financial transactions. Health information is a particularly sensitive area in which many people feel especially vulnerable. These are all ‘classical’ privacy concerns, the dangers of which were evident in the 1960s. New technologies have raised more concerns. Social media holds vast quantities of personal data that we have willingly disclosed, including information that could prove embarrassing later in life. A vivid example of a privacy breech was the Cambridge Analytica/Facebook scandal of 2018. New technologies raise new privacy concerns. Chips use GPS to track our location and movements. Recent advances in computer vision and the widespread deployment of video cameras enable face recognition. Chips located in the environment and embedded as sensors and prostheses in our bodies make our activities and even our moods accessible by others.

Download Full-text