Ryan K
From Digital Culture & Society
Contents |
[edit] Health and Mobile Apps
[edit] About this subject
[edit] Articles
[edit] Article 1: Laying the digital and analytical foundations for Canada’s future health care system
[edit] Article 2: There’s an App for That! The FDA Offers a Framework for Regulating Mobile Health
[edit] Summary
[edit] Article 3: Privacy and security issues for mobile health platforms
[edit] Summary
Privacy and security issues for mobile health platforms Research on the use of mobile technologies for alcohol use problems is a developing field, this data have the potential to yield new insights into the factors that lead to disease. Although the research literature in this area is sparse, lessons can be borrowed from other communities, such as cybersecurity or Internet security, which offer many techniques to reduce the potential risk of data breaches or tampering in mHealth. This article focuses on privacy, confidentiality, and security in mHealth, areas ripe with research questions and opportunities whose times are overdue. Research has shown that a majority of Americans (78 percent) consider information stored on their mobile phones to be as or even more private than the information stored in their personal computers (Urban et al. 2012). This apparent disconnect between perception of privacy in daily life compared with research settings is important. It suggests that broad efforts at enhancing technological literacy are needed, or researchers risk making mHealth applications seem less safe than other protected mobile activities, such as banking. Instead of voicing concerns about highlighting the risks in health research and care, the scientific community should support overall efforts to increase the public’s knowledge of privacy and security risks regarding technology. This article proposes changes to mobile health apps by including the addition of specific data management processes for individual security and privacy. Key findings suggest that standardizing requirements will improve uniformity in research and provide more clarity for researchers as they design research protocols to support digital privacy and security.
The Department of Health and Human Services—specifically the Office for Civil Rights—introduced the Health Insurance Portability and Accountability Act (HIPAA) which provides defined policies and guidelines for maintaining privacy and security of a patient’s health information. Within the Act the Privacy Rule sets national standards for protecting every individual’s health information, and the Security Rule, which sets national standards for protecting personal health information in an electronic format. In addition to HIPAA, researchers must abide by the Federal Policy for the Protection of Human Subjects, also known as the Common Rule. The Common Rule was introduced in 1991 to protect individuals participating in research activities. The Common Rule sets out detailed policies and guidelines about informed consent, adverse events, handling of biological data, and vulnerable populations, among other issues. Base on the lack of current regulations, this article proposed changes to the researchers in mHealth to develop systems that enhance participant privacy.
This article suggests changes such as; a simple electronic or paper checklist of possible data points administered before data collection and/or a patient-facing data dashboard that will allow participants to exercise their rights to control and access their data. Another option is to create a context-aware system that the participant controls, specifically the privacy options should change based on factors such as location and who is accessing the data to match the participant’s level of trust. Other suggestions include; creating a security protocol, simple ways to increase data security should be considered first, for example, enabling WPA2 encryption on a wireless device enhances the security of information transmitted over wireless networks. The addition of VPNs or authentication factors can also be applied to networks to protect data that can be transferred.
Many of the strengths of mHealth research are within its ability to reach large and broad samples of consumers, and that they are able to collect and continuously stream data on a range of potentially sensitive and possibly illegal behaviors and events.
The ability to continuously stream data also drive privacy and security concerns. These topics, as well as confidentiality, are all separate yet connected issues that researchers must address in protecting research participants. These issues are further complicated by Federal regulations governing personal health information, as well as sensitive information concerning alcohol, drug use or mental health. There also are many legal and ethical concerns about mHealth, especially when used to study alcohol, drug use or mental health. Among these issues is safety of participants and liability of researchers if a study participant experiences an emergency during the study. There are also continued legal and ethical considerations that should be considered further by the mHealth
Although security and privacy are critical, no system involving humans will be completely secure. Breaches will happen. Thus, a balance must be struck between security, subject usability and research cost based on the requirements of the mHealth research. The goal should be to mitigate security risks without impeding use and to set up a system that recovers from potential breaches. Improving awareness and offering training in technological literacy are ways to reduce privacy and security risks caused by participants and increase involvement in mHealth. Many security features require input from the end user, and therefore education can help ensure the security of mHealth. Security training can also be included with training for using mHealth tools and with education on the benefits of mHealth
Please consider the environment before
printing this page.