Protecting Personal Health Data through Privacy Awareness

2022 ◽  
Vol 6 (GROUP) ◽  
pp. 1-22
Author(s):  
Melanie Duckert ◽  
Louise Barkhuus
Keyword(s):  
Conceptual Framework ◽  
Data Protection ◽  
Data Privacy ◽  
Digital Health ◽  
Health Data ◽  
Design Guidelines ◽  
Personal Health ◽  
Health Records ◽  
Perception Of Security ◽  
Health Care Records

Digital health data is important to keep secure, and patients' perception around the privacy of it is essential to the development of digital health records. In this paper we present people's perceptions of the communication of data protection, in relation to their personal health data and the access to it; we focused particularly on people with chronic or long-term illness. Based on their use of personally accessible health records, we inquired into their explicit perception of security and sense of data privacy in relation to their health data. Our goal was to provide insights and guidelines to designers and developers on the communication of data protection in health records in an accessible way for the users. We analyzed their approach to and experience with their own health care records and describe the details of their challenges. A conceptual framework called "Privacy Awareness' was developed from the findings and reflects the perspectives of the users. The conceptual framework forms the basis of a proposal for design guidelines for Digital Health Record systems, which aim to address, facilitate and improve the users' awareness of the protection of their online health data.

scholarly journals The Policy Effect of the General Data Protection Regulation (GDPR) on the Digital Public Health Sector in the European Union: An Empirical Investigation

2019 ◽  
Vol 16 (6) ◽  
pp. 1070 ◽  
Author(s):  
Bocong Yuan ◽  
Jiannan Li
Keyword(s):  
European Union ◽  
Financial Performance ◽  
Data Protection ◽  
Digital Health ◽  
Rapid Development ◽  
Health Data ◽  
Personal Health ◽  
The European Union ◽  
General Data Protection Regulation ◽  
General Data

The rapid development of digital health poses a critical challenge to the personal health data protection of patients. The European Union General Data Protection Regulation (EU GDPR) works in this context; it was passed in April 2016 and came into force in May 2018 across the European Union. This study is the first attempt to test the effectiveness of this legal reform for personal health data protection. Using the difference-in-difference (DID) approach, this study empirically examines the policy influence of the GDPR on the financial performance of hospitals across the European Union. Results show that hospitals with the digital health service suffered from financial distress after the GDPR was published in 2016. This reveals that during the transition period (2016–2018), hospitals across the European Union indeed made costly adjustments to meet the requirements of personal health data protection introduced by this new regulation, and thus inevitably suffered a policy shock to their financial performance in the short term. The implementation of GDPR may have achieved preliminary success.

The Anonymisation of Research Data — A Pyric Victory for Privacy that Should Not Be Pushed Too Hard by the eu Data Protection Framework?

2017 ◽  
Vol 24 (4) ◽  
pp. 347-367 ◽  
Author(s):  
Paul Quinn
Keyword(s):  
Data Protection ◽  
Scientific Research ◽  
Health Data ◽  
Research Data ◽  
Point Of View ◽  
Personal Health ◽  
Legal Basis ◽  
Health Records ◽  
The Public ◽  
The Eu

Abstract Personal health data is essential to many forms of scientific research. Such data may come from a large variety of sources including electronic health records (ehrs), datasets used for previous research and from data linked to biobanks. European data protection law recognises that in addition to using consent as a legal basis for the processing of personal health data for scientific research, such data may be used without consent where it is in the ‘public interest’. Despite the existence of such a legal option, ethics bodies in a number of states have shown reticence to utilise it, often pushing researchers into either obtaining consent or anonymising the data in question. Whilst the latter option may be appealing from a legal point of view, if carried out properly, the result may be that the research value of the data is reduced or even destroyed.

scholarly journals Public Interest, Health Research and Data Protection Law: Establishing a Legitimate Trade-Off between Individual Control and Research Access to Health Data

Laws ◽  
2020 ◽  
Vol 9 (1) ◽  
pp. 6 ◽  
Author(s):  
Mark J. Taylor ◽  
Tess Whitton
Keyword(s):  
Public Interest ◽  
Data Protection ◽  
Health Research ◽  
Health Data ◽  
Personal Health ◽  
Positive Contribution ◽  
Data Governance ◽  
The Public ◽  
Individual Control ◽  
Data Protection Law

The United Kingdom’s Data Protection Act 2018 introduces a new public interest test applicable to the research processing of personal health data. The need for interpretation and application of this new safeguard creates a further opportunity to craft a health data governance landscape deserving of public trust and confidence. At the minimum, to constitute a positive contribution, the new test must be capable of distinguishing between instances of health research that are in the public interest, from those that are not, in a meaningful, predictable and reproducible manner. In this article, we derive from the literature on theories of public interest a concept of public interest capable of supporting such a test. Its application can defend the position under data protection law that allows a legal route through to processing personal health data for research purposes that does not require individual consent. However, its adoption would also entail that the public interest test in the 2018 Act could only be met if all practicable steps are taken to maximise preservation of individual control over the use of personal health data for research purposes. This would require that consent is sought where practicable and objection respected in almost all circumstances. Importantly, we suggest that an advantage of relying upon this concept of the public interest, to ground the test introduced by the 2018 Act, is that it may work to promote the social legitimacy of data protection legislation and the research processing that it authorises without individual consent (and occasionally in the face of explicit objection).

Exploring Type-and-Identity-Based Proxy Re-Encryption Scheme to Securely Manage Personal Health Records

2010 ◽  
Vol 1 (2) ◽  
pp. 1-21
Author(s):  
Luan Ibraimi ◽  
Qiang Tang ◽  
Pieter Hartel ◽  
Willem Jonker
Keyword(s):  
Access Control ◽  
Health Data ◽  
Third Party ◽  
Personal Health ◽  
Encryption Scheme ◽  
Health Records ◽  
Web Based ◽  
The Third ◽  
Access Control Policies ◽  
Identity Based

Commercial Web-based Personal-Health Record (PHR) systems can help patients to share their personal health records (PHRs) anytime from anywhere. PHRs are very sensitive data and an inappropriate disclosure may cause serious problems to an individual. Therefore commercial Web-based PHR systems have to ensure that the patient health data is secured using state-of-the-art mechanisms. In current commercial PHR systems, even though patients have the power to define the access control policy on who can access their data, patients have to trust entirely the access-control manager of the commercial PHR system to properly enforce these policies. Therefore patients hesitate to upload their health data to these systems as the data is processed unencrypted on untrusted platforms. Recent proposals on enforcing access control policies exploit the use of encryption techniques to enforce access control policies. In such systems, information is stored in an encrypted form by the third party and there is no need for an access control manager. This implies that data remains confidential even if the database maintained by the third party is compromised. In this paper we propose a new encryption technique called a type-and-identity-based proxy re-encryption scheme which is suitable to be used in the healthcare setting. The proposed scheme allows users (patients) to securely store their PHRs on commercial Web-based PHRs, and securely share their PHRs with other users (doctors).

Personal Health Records: New Means to Safely Handle Health Data?

Computer ◽  
2012 ◽  
Vol 45 (11) ◽  
pp. 27-33 ◽  
Author(s):  
Inmaculada Carrion Senor ◽  
Jose Luis Fernandez Aleman ◽  
Ambrosio Toval
Keyword(s):  
Health Data ◽  
Personal Health Records ◽  
Personal Health ◽  
Health Records

scholarly journals COVID-19: Putting the General Data Protection Regulation to the Test (Preprint)

2020 ◽  
Author(s):  
Stuart McLennan ◽  
Leo Anthony Celi ◽  
Alena Buyx
Keyword(s):  
Health Care ◽  
Data Protection ◽  
Health Research ◽  
Health Care Organizations ◽  
Digital Health ◽  
Health Data ◽  
Individual Risk ◽  
Risk Minimization ◽  
General Data Protection Regulation ◽  
General Data

UNSTRUCTURED The coronavirus disease (COVID-19) pandemic is very much a global health issue and requires collaborative, international health research efforts to address it. A valuable source of information for researchers is the large amount of digital health data that are continuously collected by electronic health record systems at health care organizations. The European Union’s General Data Protection Regulation (GDPR) will be the key legal framework with regard to using and sharing European digital health data for research purposes. However, concerns persist that the GDPR has made many organizations very risk-averse in terms of data sharing, even if the regulation permits such sharing. Health care organizations focusing on individual risk minimization threaten to undermine COVID-19 research efforts. In our opinion, there is an ethical obligation to use the research exemption clause of the GDPR during the COVID-19 pandemic to support global collaborative health research efforts. Solidarity is a European value, and here is a chance to exemplify it by using the GDPR regulatory framework in a way that does not hinder but actually fosters solidarity during the COVID-19 pandemic.

Sign in / Sign up

Export Citation Format

Share Document