Change search
ReferencesLink to record
Permanent link

Direct link
Secure and Privacy-aware Data Collection and Processing in Mobile Health Systems
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (Privacy and Security)ORCID iD: 0000-0001-9005-0543
2016 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Healthcare systems have assimilated information and communication technologies in order to improve the quality of healthcare and patient's experience at reduced costs. The increasing digitalization of people's health information raises however new threats regarding information security and privacy. Accidental or deliberate data breaches of health data may lead to societal pressures, embarrassment and discrimination. Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance. This thesis consists of publications contributing to mHealth security and privacy in various ways: with a comprehensive literature review about mHealth in Brazil; with the design of a security framework for MDCSs (SecourHealth); with the design of a MDCS (GeoHealth); with the design of Privacy Impact Assessment template for MDCSs; and with the study of ontology-based obfuscation and anonymisation functions for health data.

Abstract [en]

Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2016. , 28 p.
Series
Karlstad University Studies, ISSN 1403-8099 ; 2016:47
Keyword [en]
Mobile health, information security, data privacy, data collection, personal health data
National Category
Computer and Information Science
Research subject
Computer Science; Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-46982ISBN: 978-91-7063-730-8OAI: oai:DiVA.org:kau-46982DiVA: diva2:1043735
Presentation
2016-12-13, 21A342 - Eva Erikssonsalen, Karlstads universitet, 651 88, Karlstad, 15:15 (English)
Opponent
Supervisors
Available from: 2016-11-22 Created: 2016-10-31 Last updated: 2016-11-22Bibliographically approved
List of papers
1. Mobile health in emerging countries: a survey of research initiatives in Brazil.
Open this publication in new window or tab >>Mobile health in emerging countries: a survey of research initiatives in Brazil.
Show others...
2013 (English)In: International Journal of Medical Informatics, ISSN 1386-5056, E-ISSN 1872-8243, Vol. 82, no 5, 283-298 p.Article in journal (Refereed) Published
Abstract [en]

OBJECTIVE: To conduct a comprehensive survey of mobile health (mHealth) research initiatives in Brazil, discussing current challenges, gaps, opportunities and tendencies.

METHODS: Systematic review of publicly available electronic documents related to mHealth, including scientific publications, technical reports and descriptions of commercial products. Specifically, 42 projects are analyzed and classified according to their goals. This analysis considers aspects such as security features provided (if any), the health condition that are focus of attention, the main providers involved in the projects development and deployment, types of devices used, target users, where the projects are tested and/or deployed, among others.

RESULTS: The study shows a large number (86%) of mHealth solutions focused on the following categories: health surveys, surveillance, patient records and monitoring. Meanwhile, treatment compliance, awareness raising and decision support systems are less explored. The main providers of solutions are the universities (56%) and health units (32%), with considerable cooperation between such entities. Most applications have physicians (55%) and Community Health Agents (CHAs) (33%) as targeted users, the latter being important elements in nation-wide governmental health programs. Projects focused on health managers, however, are a minority (5%). The majority of projects do not focus on specific diseases but rather general health (57%), although solutions for hearth conditions are reasonably numerous (21%). Finally, the lack of security mechanisms in the majority of the surveyed solutions (52%) may hinder their deployment in the field due to the lack of compliance with general regulations for medical data handling.

CONCLUSION: There are currently many mHealth initiatives in Brazil, but some areas have not been much explored, such as solutions for treatment compliance and awareness raising, as well as decision support systems. Another research trend worth exploring refers to creating interoperable security mechanisms, especially for widely explored mHealth categories such as health surveys, patient records and monitoring. Challenges for the expansion of mHealth solutions, both in number and coverage, include the further involvement of health managers in the deployment of such solutions and in coordinating efforts among health and research institutions interested in the mHealth trend, possibly exploring the widespread presence of CHAs around the country as users of such technology.

National Category
Computer and Information Science
Identifiers
urn:nbn:se:kau:diva-40062 (URN)10.1016/j.ijmedinf.2013.01.003 (DOI)000318998000016 ()23410658 (PubMedID)
Available from: 2016-02-12 Created: 2016-02-12 Last updated: 2016-10-31Bibliographically approved
2. SecourHealth: a delay-tolerant security framework for mobile health data collection.
Open this publication in new window or tab >>SecourHealth: a delay-tolerant security framework for mobile health data collection.
Show others...
2015 (English)In: IEEE journal of biomedical and health informatics, ISSN 2168-2194, E-ISSN 2168-2208, Vol. 19, no 2, 761-772 p.Article in journal (Refereed) Published
Abstract [en]

Security is one of the most imperative requirements for the success of systems that deal with highly sensitive data, such as medical information. However, many existing mobile health solutions focused on collecting patients' data at their homes that do not include security among their main requirements. Aiming to tackle this issue, this paper presents SecourHealth, a lightweight security framework focused on highly sensitive data collection applications. SecourHealth provides many security services for both stored and in-transit data, displaying interesting features such as tolerance to lack of connectivity (a common issue when promoting health in remote locations) and the ability to protect data even if the device is lost/stolen or shared by different data collection agents. Together with the system's description and analysis, we also show how SecourHealth can be integrated into a real data collection solution currently deployed in the city of Sao Paulo, Brazil.

National Category
Computer and Information Science
Identifiers
urn:nbn:se:kau:diva-40063 (URN)10.1109/JBHI.2014.2320444 (DOI)000351091200039 ()24801629 (PubMedID)
Available from: 2016-02-12 Created: 2016-02-12 Last updated: 2016-10-31Bibliographically approved
3. Georeferenced and Secure Mobile Health System for Large Scale Data Collection in Primary Care
Open this publication in new window or tab >>Georeferenced and Secure Mobile Health System for Large Scale Data Collection in Primary Care
Show others...
2016 (English)In: International Journal of Medical Informatics, ISSN 1386-5056, E-ISSN 1872-8243, Vol. 94, 91-99 p.Article in journal (Refereed) Published
Abstract [en]

Introduction - Mobile health consists in applying mobile devices and communication capabilities for expanding the coverage and improving the effectiveness of health care programs. The technology is particularly promising for developing countries, in which health authorities can take advantage of the flourishing mobile market to provide adequate health care to underprivileged communities, especially primary care. In Brazil, the Primary Care Information System (SIAB) receives primary health care data from all regions of the country, creating a rich database for health-related action planning. Family Health Teams (FHTs) collect this data in periodic visits to families enrolled in governmental programs, following an acquisition procedure that involves filling in paper forms. This procedure compromises the quality of the data provided to health care authorities and slows down the decision-making process.

Objectives - To develop a mobile system (GeoHealth) that should address and overcome the aforementioned problems and deploy the proposed solution in a wide underprivileged metropolitan area of a major city in Brazil.

Methods - The proposed solution comprises three main components: (a) an Application Server, with a database containing family health conditions; and two clients, (b) a Web Browser running visualization tools for management tasks, and (c) a data-gathering device (smartphone) to register and to georeference the family health data. A data security framework was designed to ensure the security of data, which was stored locally and transmitted over public networks.

Results - The system was successfully deployed at six primary care units in the city of Sao Paulo, where a total of 28,324 families/96,061 inhabitants are regularly followed up by government health policies. The health conditions observed from the population covered were: diabetes in 3.40%, hypertension (age > 40) in 23.87% and tuberculosis in 0.06%. This estimated prevalence has enabled FHTs to set clinical appointments proactively, with the aim of confirming or detecting cases of non-communicable diseases more efficiently, based on real-time information.

Conclusion - The proposed system has the potential to improve the efficiency of primary care data collection and analysis. In terms of direct costs, it can be considered a low-cost solution, with an estimated additional monthly cost of U$ 0.040 per inhabitant of the region covered, or approximately U$ 0.106 per person, considering only those currently enrolled in the system.

Place, publisher, year, edition, pages
Elsevier, 2016
Keyword
Data collection, mobile health, data quality, georeference, primary care, security
National Category
Computer and Information Science
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-44392 (URN)10.1016/j.ijmedinf.2016.06.013 (DOI)000382511500011 ()
Available from: 2016-07-05 Created: 2016-07-05 Last updated: 2016-10-31Bibliographically approved
4. Towards a Privacy Impact Assessment Template for Mobile Health Data Collection Systems
Open this publication in new window or tab >>Towards a Privacy Impact Assessment Template for Mobile Health Data Collection Systems
2016 (English)In: Proceedings of the 5th International Conference on M4D Mobile Communication Technology for Development: M4D 2016, General Tracks / [ed] Orlando P Zacarias and Caroline W. Larsson, 2016, 189-200 p.Conference paper (Refereed)
Series
Karlstad University Studies, ISSN 1403-8099 ; 2016:40
National Category
Engineering and Technology
Identifiers
urn:nbn:se:kau:diva-46978 (URN)978-91-7063-723-0 (ISBN)
Conference
5th International Conference on M4D Mobile Communication Technology for Development
Available from: 2016-10-31 Created: 2016-10-31 Last updated: 2016-10-31
5. Ontology-based Obfuscation and Anonymisation for Privacy: A Case Study on Healthcare
Open this publication in new window or tab >>Ontology-based Obfuscation and Anonymisation for Privacy: A Case Study on Healthcare
Show others...
2015 (English)In: Privacy and Identity Management: Time for a Revolution? / [ed] David Aspinal, Marit Hansen, Jan Camenisch, Simone Fischer-Hübner, Charles Raab, Springer, 2015, 343-358 p.Conference paper (Refereed)
Place, publisher, year, edition, pages
Springer, 2015
Series
, IFIP Advances in Information and Communication Technology, ISSN 2016 ; 1868-4238
National Category
Computer and Information Science
Identifiers
urn:nbn:se:kau:diva-43014 (URN)978-3-319-41762-2 (ISBN)
Conference
10th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6/SIG 9.2.2 International Summer School
Available from: 2016-06-15 Created: 2016-06-15 Last updated: 2016-10-31Bibliographically approved

Open Access in DiVA

fulltext(443 kB)32 downloads
File information
File name FULLTEXT01.pdfFile size 443 kBChecksum SHA-512
b56fcba13d784749caed8a77621ece22b957448d72fade5ef4a3d997522521442cc66701ace9b5f70a125ad79d136369d6289cc00f1ccbf16316c2174bc53713
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Iwaya, Leonardo H.
By organisation
Department of Mathematics and Computer Science
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 32 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 241 hits
ReferencesLink to record
Permanent link

Direct link