Publications by authors named "Pekka Ruotsalainen"

40 Publications

Privacy Is Dead - Solutions for Privacy-Enabled Collections and Use of Personal Health Information in Digital Era.

Stud Health Technol Inform 2020 Sep;273:63-74

Medical Faculty, University of Regensburg, Regensburg, Germany.

Today's digital information systems and applications collect every day a huge amount of personal health information (PHI) from sensor and surveillance systems, and every time we use personal computers or mobile phones. Collected data is processed in clouds, platforms and ecosystems by digital algorithms and machine learning. Pervasive technology, insufficient and ineffective privacy legislation, strong ICT industry and low political will to protect data subject's privacy have together made it almost impossible for a user to know what PHI is collected, how it is used and to whom it is disclosed. Service providers' and organizations' privacy policy documents are cumbersome and they do not guarantee that PHI is not misused. Instead, service users are expected to blindly trust in privacy promises made. In spite of that, majority of individuals are concerned of their privacy, and governments' assurance that they meet the responsibility to protect citizens in real life privacy is actually dead. Because PHI is probably the most sensitive data we have, and the authors claim it cannot be a commodity or public good, they have studied novel privacy approaches to find a way out from the current unsatisfactory situation. Based on findings got, the authors have developed a promising solution for privacy-enabled use of PHI. It is a combination of the concept of information fiduciary duty, Privacy as Trust approach, and privacy by smart contract. This approach shifts the onus of privacy protection onto data collectors and service providers. A specific information fiduciary duty law is needed to harmonize privacy requirements and force the acceptance of proposed solutions. Furthermore, the authors have studied strengths and weaknesses of existing or emerging solutions.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.3233/SHTI200616DOI Listing
September 2020

Why Interoperability at Data Level Is Not Sufficient for Enabling pHealth?

Stud Health Technol Inform 2020 Sep;273:3-20

Deutsche Telekom Healthcare and Security Solutions GmbH, Essen, Germany.

Multidisciplinary and highly dynamic pHealth ecosystems according to the 5P Medicine paradigm require careful consideration of systems integration and interoperability within the domains knowledge space. The paper addresses the different aspects or levels of knowledge representation (KR) and management (KM) from cognitive theories (theories of knowledge) and modeling processes through notation up to processing, tooling and implementation. Thereby, it discusses language and grammar challenges and constraints, but also development process aspects and solutions, so demonstrating the limitation of data level considerations. Finally, it presents the ISO 23903 Interoperability and Integration Reference Architecture to solve the addressed problems and to correctly deploy existing standards and work products at any representational level including data models as well as data model integration and interoperability.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.3233/SHTI200611DOI Listing
September 2020

Autonomous Systems and Artificial Intelligence in Healthcare Transformation to 5P Medicine - Ethical Challenges.

Stud Health Technol Inform 2020 Jun;270:1089-1093

The European Organization for Nuclear Research, Geneva, Switzerland.

The paper introduces a structured approach to transforming healthcare towards personalized, preventive, predictive, participative precision (P5) medicine and the related organizational, methodological and technological requirements. Thereby, the deployment of autonomous systems and artificial intelligence is inevitably. The paper discusses opportunities and challenges of those technologies from a humanistic and ethical perspective. It shortly introduces the essential concepts and principles, and critically discusses some relevant projects. Finally, it offers ways for correctly representing, specifying, implementing and deploying autonomous and intelligent systems under an ethical perspective.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.3233/SHTI200330DOI Listing
June 2020

Health Information Systems in the Digital Health Ecosystem-Problems and Solutions for Ethics, Trust and Privacy.

Int J Environ Res Public Health 2020 04 26;17(9). Epub 2020 Apr 26.

Medical Faculty, University of Regensburg, 93053 Regensburg, Germany.

Digital health information systems (DHIS) are increasingly members of ecosystems, collecting, using and sharing a huge amount of personal health information (PHI), frequently without control and authorization through the data subject. From the data subject's perspective, there is frequently no guarantee and therefore no trust that PHI is processed ethically in Digital Health Ecosystems. This results in new ethical, privacy and trust challenges to be solved. The authors' objective is to find a combination of ethical principles, privacy and trust models, together enabling design, implementation of DHIS acting ethically, being trustworthy, and supporting the user's privacy needs. Research published in journals, conference proceedings, and standards documents is analyzed from the viewpoint of ethics, privacy and trust. In that context, systems theory and systems engineering approaches together with heuristic analysis are deployed. The ethical model proposed is a combination of consequentialism, professional medical ethics and utilitarianism. Privacy enforcement can be facilitated by defining it as health information specific contextual intellectual property right, where a service user can express their own privacy needs using computer-understandable policies. Thereby, privacy as a dynamic, indeterminate concept, and computational trust, deploys linguistic values and fuzzy mathematics. The proposed solution, combining ethical principles, privacy as intellectual property and computational trust models, shows a new way to achieve ethically acceptable, trustworthy and privacy-enabling DHIS and Digital Health Ecosystems.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.3390/ijerph17093006DOI Listing
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC7246854PMC
April 2020

How Does GDPR Support Healthcare Transformation to 5P Medicine?

Stud Health Technol Inform 2019 Aug;264:1135-1139

Tampere University, Tampere, Finland.

Health systems advance towards personalized, preventive, predictive, participative precision (5P) medicine, considering the individual's health status, contexts and conditions. This results in fully distributed, highly dynamic, highly complex business systems and processes with multiple, comprehensively cooperating actors from different specialty and policy domains, using their specific methodologies, terminologies, ontologies, knowledge and skills. Rules and regulations governing the business process as well as the organizational, legal and individual conditions, thereby controlling the behavior of the system, are called policies. Trust and confidence needed for running such system are strongly impacted by security and privacy concerns controlled by corresponding policies. The most comprehensive policy dealing with security and privacy requirements and principles in any business collecting, processing and sharing personal identifiable information (PII) is the recently implemented European General Data Protection Regulation (GDPR). This paper investigates how GDPR supports healthcare transformation and how this can be implemented based on international standards and specifications.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.3233/SHTI190403DOI Listing
August 2019

Digital pHealth - Problems and Solutions for Ethics, Trust and Privacy.

Stud Health Technol Inform 2019 ;261:31-46

Medical Faculty, University of Regensburg, Germany.

The penetration of digital platforms and ecosystem based business-model together with the use algorithm and machine leaning are changing the environment where pHealth takes place. Traditional pHealth is changing to Digital pHealth. This development brings new ethical, privacy and trust problems which have to solve to make Digital pHealth successful. In this paper ethical, privacy and trust problems in Digital pHealth are studied at conceptual level. Concerns caused by the use novel ICT-technology and regulatory environment are also discussed. The starting point is that the Digital pHealth as a system and its applications and algorithms should be ethically acceptable, trustworthy and enable the service user to set own context-aware privacy policies. Mutual trust is needed between application and all stakeholders. Solution proposed for trustworthy Digital pHealth include ethical design, policy based privacy management and on-line calculation of privacy and trust levels using proven mathematical methods. In the future, novel solutions such as algorithm based access control and data sharing, and algorithm based privacy prediction together with cryptography based blockchain seems to have potential to change the way privacy is managed in Digital pHealth. Technology alone cannot solve current privacy and trust problems. New regulations which not only give users of the Digital pHealth right to set personal privacy polies but also force pHealth service providers and platform owners to prove regulatory compliance of their services are needed.
View Article and Find Full Text PDF

Download full-text PDF

Source
September 2019

Healthcare Transformation Towards Personalized Medicine - Chances and Challenges.

Stud Health Technol Inform 2019 ;261:3-21

Faculty of Information Technology and Communication Sciences (ITC), Tampere University, Finland.

The paper introduces a structured approach to transforming healthcare towards personalized, preventive, predictive, participative precision (P5) medicine. It highlights the promising methodological paradigm changes, accompanied by related organizational and technological ones. In the latter context, the deployment of artificial intelligence and autonomous systems is crucial beside miniaturization and mobility. Beside their opportunities, those advanced technologies also bear risks to be managed. Beside the relationships between technology and human actors, the behavior of intelligent and autonomous systems from a humanistic and ethical perspective is in the center of considerations. The different existing approaches for guaranteeing the intended properties are presented and compared for deriving a common set of necessary principles to be met for P5 medicine.
View Article and Find Full Text PDF

Download full-text PDF

Source
September 2019

A Model for Calculated Privacy and Trust in pHealth Ecosystems.

Stud Health Technol Inform 2018 ;249:29-37

Medical Faculty, University of Regensburg, Germany.

A pHealth ecosystem is a community of service users and providers. It is also a dynamic socio-technical system. One of its main goals is to help users to maintain their personal health status. Another goal is to give economic benefit to stakeholders which use personal health information existing in the ecosystem. In pHealth ecosystems, a huge amount of health related data is collected and used by service providers such as data extracted from the regulated health record and information related to personal characteristics, genetics, lifestyle and environment. In pHealth ecosystems, there are different kinds of service providers such as regulated health care service providers, unregulated health service providers, ICT service providers, researchers and industrial organizations. This fact together with the multidimensional personal health data used raises serious privacy concerns. Privacy is a necessary enabler for successful pHealth, but it is also an elastic concept without any universally agreed definition. Regardless of what kind of privacy model is used in dynamic socio-technical systems, it is difficult for a service user to know the privacy level of services in real life situations. As privacy and trust are interrelated concepts, the authors have developed a hybrid solution where knowledge got from regulatory privacy requirements and publicly available privacy related documents is used for calculation of service providers' specific initial privacy value. This value is then used as an estimate for the initial trust score. In this solution, total trust score is a combination of recommended trust, proposed trust and initial trust. Initial privacy level is a weighted arithmetic mean of knowledge and user selected weights. The total trust score for any service provider in the ecosystem can be calculated deploying either a beta trust model or the Fuzzy trust calculation method. The prosed solution is easy to use and to understand, and it can be also automated. It is possible to develop a computer application that calculates a situation-specific trust score, and to make it freely available on the Internet.
View Article and Find Full Text PDF

Download full-text PDF

Source
October 2018

Modeling the Personal Health Ecosystem.

Stud Health Technol Inform 2018 ;249:3-16

School of Information Sciences, University of Tampere, Finland.

Complex ecosystems like the pHealth one combine different domains represented by a huge variety of different actors (human beings, organizations, devices, applications, components) belonging to different policy domains, coming from different disciplines, deploying different methodologies, terminologies, and ontologies, offering different levels of knowledge, skills, and experiences, acting in different scenarios and accommodating different business cases to meet the intended business objectives. For correctly modeling such systems, a system-oriented, architecture-centric, ontology-based, policy-driven approach is inevitable, thereby following established Good Modeling Best Practices. However, most of the existing standards, specifications and tools for describing, representing, implementing and managing health (information) systems reflect the advancement of information and communication technology (ICT) represented by different evolutionary levels of data modeling. The paper presents a methodology for integrating, adopting and advancing models, standards, specifications as well as implemented systems and components on the way towards the aforementioned ultimate approach, so meeting the challenge we face when transforming health systems towards ubiquitous, personalized, predictive, preventive, participative, and cognitive health and social care.
View Article and Find Full Text PDF

Download full-text PDF

Source
October 2018

Ethics Certification of Health Information Professionals.

Yearb Med Inform 2018 Aug 22;27(1):37-40. Epub 2018 Apr 22.

University of Tampere, School of Information Sciences, Tampere, Finland.

Objectives:  To provide a model for ensuring the ethical acceptability of the provisions that characterize the interjurisdictional use of eHealth, telemedicine, and associated modalities of health care deliveiy that are currently in place.

Methods:  Following the approach initiated in their Global Protection of Health Data project within the Security in Health Information Systems (SiHIS) working group of the International Medical Informatics Association (IMIA), the authors analyze and evaluate relevant privacy and security approaches that are intended to stem the erosion of patients' trustworthiness in the handling of their sensitive information by health care and informatics professionals in the international context.

Results:  The authors found that while the majority of guidelines and ethical codes essentially focus on the role and functioning of the institutions that use EHRs and information technologies, little if any attention has been paid to the qualifications of the health informatics professionals (HIPs) who actualize and operate information systems to deal with or address relevant ethical issues.

Conclusion:  The apparent failure to address this matter indicates that the ethical qualification of HIPs remains an important security issue and that the Global Protection of Health Data project initiated by the SiHIS working group in 2015 should be expanded to develop into an internationally viable method of certification. An initial model to this effect is sketched and discussed.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.1055/s-0038-1641196DOI Listing
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC6115227PMC
August 2018

Data Modeling Challenges of Advanced Interoperability.

Stud Health Technol Inform 2018 ;247:860-864

School for Information Science, University of Tampere, Finland.

Progressive health paradigms, involving many different disciplines and combining multiple policy domains, requires advanced interoperability solutions. This results in special challenges for modeling health systems. The paper discusses classification systems for data models and enterprise business architectures and compares them with the ISO Reference Architecture. On that basis, existing definitions, specifications and standards of data models for interoperability are evaluated and their limitations are discussed. Amendments to correctly use those models and to better meet the aforementioned challenges are offered.
View Article and Find Full Text PDF

Download full-text PDF

Source
June 2018

Trust Model for Protection of Personal Health Data in a Global Environment.

Stud Health Technol Inform 2017 ;245:202-206

Medical Faculty University of Regensburg, Germany.

Successful health care, eHealth, digital health, and personal health systems increasingly take place in cross-jurisdictional, dynamic and risk-encumbered information space. They require rich amount of personal health information (PHI). Trust is and will be the cornerstone and prerequisite for successful health services. In global environments, trust cannot be expected as granted. In this paper, health service in the global environment is perceived as a meta-system, and a trust management model is developed to support it. The predefined trusting belief currently used in health care is not transferable to global environments. In the authors' model, the level of trust is dynamically calculated from measurable attributes. These attributes describe trust features of the service provider and its environment. The calculated trust value or profile can be used in defining the risk service user has to accept when disclosing PHI, and in definition of additional privacy and security safeguards before disclosing PHI and/or using services.
View Article and Find Full Text PDF

Download full-text PDF

Source
June 2018

Trust - Essential Requirement and Basis for pHealth Services.

Stud Health Technol Inform 2017 ;237:25-33

Medical Faculty, University of Regensburg, Germany.

Trust is a social code and glue between persons and organizations in any business domain including health. pHealth is a complex concept that is built around health service providers, individuals and artefacts such as sensors, mobile devices, networks, computers, and software applications. It has many stakeholders such as organizations, persons, patients, customers, and tele-operators. pHealth services are increasingly offered in insecure information space, and used over organizational, geographical and jurisdictional borders. This all means that trust is an essential requirement for successful pHealth services. To make pHealth a successful business, organizations offering pHealth services should establish inter-organizational trust and trusted relationship between their customers. Before starting to use services, the pHealth user should have a possibility to define how much it trusts on the service provider and on the surrounding information infrastructure. The authors' analysis show that trust models used in today's health care and e-commerce are insufficient for networked pHealth. Calculated trust as proposed by the authors is stronger than the predefined dispositional trust model currently used in health care, other's recommendations used in e-commerce and risk assessment. Until now, caused by the lack of business incentive, lack of regulatory and political pressure, pHealth providers have not demonstrated meaningful interest in moving from the current unsatisfactory situation to trust calculation by making information necessary for this methodology available. To make pHealth successful, a combination of legal, political, organizational, technological and educational efforts is needed to initiate the paradigm change and start the era of trust-based pHealth services.
View Article and Find Full Text PDF

Download full-text PDF

Source
April 2018

Requirements and Solutions for Personalized Health Systems.

Stud Health Technol Inform 2017 ;237:3-21

Deutsche Telekom Healthcare and Security Solutions GmbH; Mülheim, Germany.

Organizational, methodological and technological paradigm changes enable a precise, personalized, predictive, preventive and participative approach to health and social services supported by multiple actors from different domains at diverse level of knowledge and skills. Interoperability has to advance beyond Information and Communication Technologies (ICT) concerns, including the real world business domains and their processes, but also the individual context of all actors involved. The paper introduces and compares personalized health definitions, summarizes requirements and principles for pHealth systems, and considers intelligent interoperability. It addresses knowledge representation and harmonization, decision intelligence, and usability as crucial issues in pHealth. On this basis, a system-theoretical, ontology-based, policy-driven reference architecture model for open and intelligent pHealth ecosystems and its transformation into an appropriate ICT design and implementation is proposed.
View Article and Find Full Text PDF

Download full-text PDF

Source
April 2018

Privacy Management and Networked PPD Systems - Challenges Solutions.

Stud Health Technol Inform 2015 ;211:271-9

APICA, Malmö, Sweden.

Modern personal portable health devices (PPDs) become increasingly part of a larger, inhomogeneous information system. Information collected by sensors are stored and processed in global clouds. Services are often free of charge, but at the same time service providers' business model is based on the disclosure of users' intimate health information. Health data processed in PPD networks is not regulated by health care specific legislation. In PPD networks, there is no guarantee that stakeholders share same ethical principles with the user. Often service providers have own security and privacy policies and they rarely offer to the user possibilities to define own, or adapt existing privacy policies. This all raises huge ethical and privacy concerns. In this paper, the authors have analyzed privacy challenges in PPD networks from users' viewpoint using system modeling method and propose the principle "Personal Health Data under Personal Control" must generally be accepted at global level. Among possible implementation of this principle, the authors propose encryption, computer understandable privacy policies, and privacy labels or trust based privacy management methods. The latter can be realized using infrastructural trust calculation and monitoring service. A first step is to require the protection of personal health information and the principle proposed being internationally mandatory. This requires both regulatory and standardization activities, and the availability of open and certified software application which all service providers can implement. One of those applications should be the independent Trust verifier.
View Article and Find Full Text PDF

Download full-text PDF

Source
January 2018

The new role of patients in future health settings.

Stud Health Technol Inform 2015 ;211:71-8

Medical Faculty, University of Regensburg, Germany.

Health is wide concept covering a person's physical, mental and social well-being. Traditionally, regulated healthcare has been the main source for curative and preventive service offered to patients. Healthcare is in transition, however. Paradigms such as patient empowerment and patient in the centre as well as in-home care service are changing processes and locations healthcare services are offered. Parallel to healthcare, new service models such as pHealth, ubiquitous healthcare, and digital medicine are developing. In the near future, technology enables the creation of a personal digital health dossier (e.g. digital patient and virtual patient model) for any individual. This dossier is stored and used in the unsecure information space. This all means that the traditional paternalistic patient model where patient is a passive object for regulated healthcare services will not work in future pHealth and digital health anymore. Instead, the new patient role (e.g. pHealth user or health consumer role) is dynamic, context-aware and participatory. The pHealth user can also have many roles at the same time, such as the role of informed chooser, decision maker, and personal health coordinator. This requires that the pHealth user can make information-based meaningful decisions before starting to use health services, and that he or she can trust on service providers by having evidence-based and reliable information about the quality and health impact of the services offered. A big challenge is that pHealth and digital health take place in unsecure information space where current healthcare specific laws, regulations, and medical ethics are insufficient to guarantee users' autonomy and privacy as well as the application of fair information and ethical principles when processing personal health information. A new ethical, legal and technical framework is needed. One of the prerequisites successful pHealth and digital health has to meet is the possibility to create information based on trustworthy relationship between service user and service providers. Furthermore, a trusted information platform is inevitable.
View Article and Find Full Text PDF

Download full-text PDF

Source
April 2017

Policy-driven management of personal health information for enhancing interoperability.

Stud Health Technol Inform 2014 ;205:463-7

eHealth Competence Center Bavaria, Deggendorf Institute of Technology, Germany.

Based on a system-theoretical approach, aspects of real world systems have been introduced. In this context, the relations between a system's architecture, i.e. its components, their functions and relations, formally represented by domain-specific ontologies considering all domains relevant in the system's use case on the one hand and the system's behaviour ruled by the applied policies on the other hand have been described. A refinement of policies ruling a clinical setting has been exemplified. It could be shown that ubiquitous health systems must be designed and managed following a thoroughly systems-oriented, architecture-centric, ontology-based and policy-driven approach. The feasibility of the approach has been practically demonstrated.
View Article and Find Full Text PDF

Download full-text PDF

Source
May 2015

Trust-based information system architecture for personal wellness.

Stud Health Technol Inform 2014 ;205:136-40

University of Regensburg, eHealth Competence Center, Germany.

Modern eHealth, ubiquitous health and personal wellness systems take place in an unsecure and ubiquitous information space where no predefined trust occurs. This paper presents novel information model and an architecture for trust based privacy management of personal health and wellness information in ubiquitous environment. The architecture enables a person to calculate a dynamic and context-aware trust value for each service provider, and using it to design personal privacy policies for trustworthy use of health and wellness services. For trust calculation a novel set of measurable context-aware and health information-sensitive attributes is developed. The architecture enables a person to manage his or her privacy in ubiquitous environment by formulating context-aware and service provider specific policies. Focus groups and information modelling was used for developing a wellness information model. System analysis method based on sequential steps that enable to combine results of analysis of privacy and trust concerns and the selection of trust and privacy services was used for development of the information system architecture. Its services (e.g. trust calculation, decision support, policy management and policy binding services) and developed attributes enable a person to define situation-aware policies that regulate the way his or her wellness and health information is processed.
View Article and Find Full Text PDF

Download full-text PDF

Source
May 2015

Privacy-related context information for ubiquitous health.

JMIR Mhealth Uhealth 2014 Mar 11;2(1):e12. Epub 2014 Mar 11.

Center for Information and Systems, School of Information Sciences, University of Tampere, Tampere, Finland.

Background: Ubiquitous health has been defined as a dynamic network of interconnected systems. A system is composed of one or more information systems, their stakeholders, and the environment. These systems offer health services to individuals and thus implement ubiquitous computing. Privacy is the key challenge for ubiquitous health because of autonomous processing, rich contextual metadata, lack of predefined trust among participants, and the business objectives. Additionally, regulations and policies of stakeholders may be unknown to the individual. Context-sensitive privacy policies are needed to regulate information processing.

Objective: Our goal was to analyze privacy-related context information and to define the corresponding components and their properties that support privacy management in ubiquitous health. These properties should describe the privacy issues of information processing. With components and their properties, individuals can define context-aware privacy policies and set their privacy preferences that can change in different information-processing situations.

Methods: Scenarios and user stories are used to analyze typical activities in ubiquitous health to identify main actors, goals, tasks, and stakeholders. Context arises from an activity and, therefore, we can determine different situations, services, and systems to identify properties for privacy-related context information in information-processing situations.

Results: Privacy-related context information components are situation, environment, individual, information technology system, service, and stakeholder. Combining our analyses and previously identified characteristics of ubiquitous health, more detailed properties for the components are defined. Properties define explicitly what context information for different components is needed to create context-aware privacy policies that can control, limit, and constrain information processing. With properties, we can define, for example, how data can be processed or how components are regulated or in what kind of environment data can be processed.

Conclusions: This study added to the vision of ubiquitous health by analyzing information processing from the viewpoint of an individual's privacy. We learned that health and wellness-related activities may happen in several environments and situations with multiple stakeholders, services, and systems. We have provided new knowledge regarding privacy-related context information and corresponding components by analyzing typical activities in ubiquitous health. With the identified components and their properties, individuals can define their personal preferences on information processing based on situational information, and privacy services can capture privacy-related context of the information-processing situation.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.2196/mhealth.3123DOI Listing
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC4114417PMC
March 2014

Trust Information and Privacy Policies - Enablers for pHealth and Ubiquitous Health.

Stud Health Technol Inform 2014 ;200:133-9

Medical Faculty, University of Regensburg, Germany.

pHealth occurs in uncontrolled and unsecure environment where predefined organizational trust does not exist. To be accepted by users, pHealth requires a privacy model where privacy is a personal property, i.e., a person can perform own will and define policies which regulate how personal health information (PHI) is used. Privacy and trust are interconnected concepts. Therefore, before beginning to use pHealth services, the person needs practical and reliable information that enables her or him to determine the trustworthiness level of services. To avoid the use of blind trust, organizations, researchers, policymakers, and standardization organizations have proposed the use of dynamic context-aware policies for privacy management in pHealth. To make meaningful privacy decision, a person should understand the impact of selected policy rules on the processing of PHI in different situations. In this paper, the use of computational trust information for defining privacy polies and reducing their number is proposed. A trust value and understandable trust attributes enable a person to tailor privacy policies requested for trustworthy use of pHealth services. Trust attributes proposed are derived from privacy concerns existing in open ubiquitous environment. These attributes also force pHealth services providers to publish information needed for trust calculation and in this way to support openness and transparency.
View Article and Find Full Text PDF

Download full-text PDF

Source
January 2018

Policy Management Standards Enabling Trustworthy pHealth.

Stud Health Technol Inform 2014 ;200:8-21

University of Tampere, Finland.

Current paradigm changes for improving safety, quality and efficiency of care processes under massive deployment of information and communication technologies (ICT) place high requirements on privacy and security. These mainly focus on privilege management and access control harmonized in international standards and their further evolution. NIST and ISO, but especially HL7 play a prominent role in this context. Starting with classic role-based access control (RBAC) foundations to new specifications for security and privacy labeling of segmented health information, HL7 security is presented as a scalable intermediate solution on the way to comprehensive privilege management and access control by explicit, ontology-based, formal and therefore machine-processable policies. The successfully balloted HL7 labeling specification supports context-sensitive communication and cooperation between different stakeholders and processes with different purposes of use, based on meta-data of information, actors and processes involved. Basics of policy management and practical solutions are discussed.
View Article and Find Full Text PDF

Download full-text PDF

Source
January 2018

Feasibility analysis of the privacy attributes of the personal wellness information model.

Stud Health Technol Inform 2013 ;192:219-23

School of Information Sciences, Center for Information and Systems, University of Tampere, Finland.

A feasibility analysis has been performed to study the applicability of privacy attributes with a developed wellness information model. Information privacy concerns specifically access to individually identifiable personal information and one's ability to control information about oneself. We carried out a user scenario walk-through of the privacy attributes related to the wellness components. The walk-through showed a need to relate self-regulating privacy policies to the pervasive context so that during various trust-building processes, a person is aware and can control the use, disclosure and even secondary use of his personal, private wellness information.
View Article and Find Full Text PDF

Download full-text PDF

Source
April 2015

Trust information-based privacy architecture for ubiquitous health.

JMIR Mhealth Uhealth 2013 Oct 8;1(2):e23. Epub 2013 Oct 8.

School of Information Sciences, Center for Information and Systems, University of Tampere, Tampere, Finland.

Background: Ubiquitous health is defined as a dynamic network of interconnected systems that offers health services independent of time and location to a data subject (DS). The network takes place in open and unsecure information space. It is created and managed by the DS who sets rules that regulate the way personal health information is collected and used. Compared to health care, it is impossible in ubiquitous health to assume the existence of a priori trust between the DS and service providers and to produce privacy using static security services. In ubiquitous health features, business goals and regulations systems followed often remain unknown. Furthermore, health care-specific regulations do not rule the ways health data is processed and shared. To be successful, ubiquitous health requires novel privacy architecture.

Objective: The goal of this study was to develop a privacy management architecture that helps the DS to create and dynamically manage the network and to maintain information privacy. The architecture should enable the DS to dynamically define service and system-specific rules that regulate the way subject data is processed. The architecture should provide to the DS reliable trust information about systems and assist in the formulation of privacy policies. Furthermore, the architecture should give feedback upon how systems follow the policies of DS and offer protection against privacy and trust threats existing in ubiquitous environments.

Methods: A sequential method that combines methodologies used in system theory, systems engineering, requirement analysis, and system design was used in the study. In the first phase, principles, trust and privacy models, and viewpoints were selected. Thereafter, functional requirements and services were developed on the basis of a careful analysis of existing research published in journals and conference proceedings. Based on principles, models, and requirements, architectural components and their interconnections were developed using system analysis.

Results: The architecture mimics the way humans use trust information in decision making, and enables the DS to design system-specific privacy policies using computational trust information that is based on systems' measured features. The trust attributes that were developed describe the level systems for support awareness and transparency, and how they follow general and domain-specific regulations and laws. The monitoring component of the architecture offers dynamic feedback concerning how the system enforces the polices of DS.

Conclusions: The privacy management architecture developed in this study enables the DS to dynamically manage information privacy in ubiquitous health and to define individual policies for all systems considering their trust value and corresponding attributes. The DS can also set policies for secondary use and reuse of health information. The architecture offers protection against privacy threats existing in ubiquitous environments. Although the architecture is targeted to ubiquitous health, it can easily be modified to other ubiquitous applications.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.2196/mhealth.2731DOI Listing
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC4114421PMC
October 2013

A conceptual framework and principles for trusted pervasive health.

J Med Internet Res 2012 Apr 6;14(2):e52. Epub 2012 Apr 6.

National Instutute for Health and Welfare, Department of Information, Helsinki, Finland.

Background: Ubiquitous computing technology, sensor networks, wireless communication and the latest developments of the Internet have enabled the rise of a new concept-pervasive health-which takes place in an open, unsecure, and highly dynamic environment (ie, in the information space). To be successful, pervasive health requires implementable principles for privacy and trustworthiness.

Objective: This research has two interconnected objectives. The first is to define pervasive health as a system and to understand its trust and privacy challenges. The second goal is to build a conceptual model for pervasive health and use it to develop principles and policies which can make pervasive health trustworthy.

Methods: In this study, a five-step system analysis method is used. Pervasive health is defined using a metaphor of digital bubbles. A conceptual framework model focused on trustworthiness and privacy is then developed for pervasive health. On that model, principles and rules for trusted information management in pervasive health are defined.

Results: In the first phase of this study, a new definition of pervasive health was created. Using this model, differences between pervasive health and health care are stated. Reviewed publications demonstrate that the widely used principles of predefined and static trust cannot guarantee trustworthiness and privacy in pervasive health. Instead, such an environment requires personal dynamic and context-aware policies, awareness, and transparency. A conceptual framework model focused on information processing in pervasive health is developed. Using features of pervasive health and relations from the framework model, new principles for trusted pervasive health have been developed. The principles propose that personal health data should be under control of the data subject. The person shall have the right to verify the level of trust of any system which collects or processes his or her health information. Principles require that any stakeholder or system collecting or processing health data must support transparency and shall publish its trust and privacy attributes and even its domain specific policies.

Conclusions: The developed principles enable trustworthiness and guarantee privacy in pervasive health. The implementation of principles requires new infrastructural services such as trust verification and policy conflict resolution. After implementation, the accuracy and usability of principles should be analyzed.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.2196/jmir.1972DOI Listing
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC3376512PMC
April 2012

Framework model and principles for trusted information sharing in pervasive health.

Stud Health Technol Inform 2011 ;169:497-501

National Institute for Health and Welfare, Finland.

Trustfulness (i.e. health and wellness information is processed ethically, and privacy is guaranteed) is one of the cornerstones for future Personal Health Systems, ubiquitous healthcare and pervasive health. Trust in today's healthcare is organizational, static and predefined. Pervasive health takes place in an open and untrusted information space where person's lifelong health and wellness information together with contextual data are dynamically collected and used by many stakeholders. This generates new threats that do not exist in today's eHealth systems. Our analysis shows that the way security and trust are implemented in today's healthcare cannot guarantee information autonomy and trustfulness in pervasive health. Based on a framework model of pervasive health and risks analysis of ubiquitous information space, we have formulated principles which enable trusted information sharing in pervasive health. Principles imply that the data subject should have the right to dynamically verify trust and to control the use of her health information, as well as the right to set situation based context-aware personal policies. Data collectors and processors have responsibilities including transparency of information processing, and openness of interests, policies and environmental features. Our principles create a base for successful management of privacy and information autonomy in pervasive health. They also imply that it is necessary to create new data models for personal health information and new architectures which support situation depending trust and privacy management.
View Article and Find Full Text PDF

Download full-text PDF

Source
December 2011

The recommendations from the 2009 SiHIS working conference in Hiroshima--Issues on trustworthiness of health information and patient safety.

Int J Med Inform 2011 Feb 13;80(2):75-80. Epub 2010 Nov 13.

Held on 21st to 23rd November 2009 in Hiroshima, the SiHIS working conference aimed at finding solutions to approach to an idealistic society where (1) the individual can trust information with full understanding and responsibility, (2) the individual can allow the use of information backed by sound legitimated environment, (3) information can play its role for better healthcare and the improvement of medicine. The purpose of this paper is to propose recommendations from this working conference.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.1016/j.ijmedinf.2010.10.014DOI Listing
February 2011

The role of architecture and ontology for interoperability.

Stud Health Technol Inform 2010 ;155:33-9

eHealth Competence Center, University Hospital Regensburg, Regensburg, Germany.

Turning from organization-centric to process-controlled or even to personalized approaches, advanced healthcare settings have to meet special interoperability challenges. eHealth and pHealth solutions must assure interoperability between actors cooperating to achieve common business objectives. Hereby, the interoperability chain also includes individually tailored technical systems, but also sensors and actuators. For enabling corresponding pervasive computing and even autonomic computing, individualized systems have to be based on an architecture framework covering many domains, scientifically managed by specialized disciplines using their specific ontologies in a formalized way. Therefore, interoperability has to advance from a communication protocol to an architecture-centric approach mastering ontology coordination challenges.
View Article and Find Full Text PDF

Download full-text PDF

Source
September 2010

Privacy and security in teleradiology.

Eur J Radiol 2010 Jan 13;73(1):31-5. Epub 2009 Nov 13.

National Institute for Health and Welfare, Helsinki, Finland.

Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.
View Article and Find Full Text PDF

Download full-text PDF

Source
http://dx.doi.org/10.1016/j.ejrad.2009.10.018DOI Listing
January 2010

Portable devices, sensors and networks: wireless personalized eHealth services.

Stud Health Technol Inform 2009 ;150:1012-6

eHealth Competence Center, Regensburg University Hospital, D-93953 Regensburg, Germany.

The 21st century healthcare systems aim at involving citizen and health professionals alike entitling especially the citizens to take over a higher level of responsibility for their own health status. Applied technologies like, e.g., Internet, notebooks, and mobile phones enable patients to actively participate in treatment and rehabilitation. It's not any longer just health cards; it's an ongoing standardized personalization of health services including application of portable devices, sensors and actuators stipulating the personalized health approach while offering chances for practicing high quality wireless personalized shared care. The path from cards to personalized and portable devices tackles aspects like health advisors, RFDI technology, the EHR, chips, and smart objects. It is important to identify criteria and factors determining the application of such personalized devices in a wirelessly operated healthcare and welfare, the paradigm change from cards to secure wireless devices to mobile sensors, and the citizen's acceptance of underlying technologies. The presentations of the workshop jointly organized by EFMI WG "Personal Portable Devices (PPD)" and ISO/IEC JTC 1 "Study Group on Sensor Networks (SGSN)" therefore aim at introducing technical approaches and standardization activities as well as emerging implementations in the addressed domain.
View Article and Find Full Text PDF

Download full-text PDF

Source
December 2009

The role of ontologies for sustainable, semantically interoperable and trustworthy EHR solutions.

Stud Health Technol Inform 2009 ;150:953-7

eHealth Competence Center, Regensburg University Hospital, D-93042 Regensburg, Germany.

As health systems around the world turn towards highly distributed, specialized and cooperative structures to increase quality and safety of care as well as efficiency and efficacy of delivery processes, there is a growing need for supporting communication and collaboration of all parties involved with advanced ICT solutions. The Electronic Health Record (EHR) provides the information platform which is maturing towards the eHealth core application. To meet the requirements for sustainable, semantically interoperable, and trustworthy EHR solutions, different standards and different national strategies have been established. The workshop summarizes the requirements for such advanced EHR systems and their underlying architecture, presents different strategies and solutions advocated by corresponding protagonists, discusses pros and cons as well as harmonization and migration strategies for those approaches. It particularly highlights a turn towards ontology-driven architectures. The workshop is a joint activity of the EFMI Working Groups "Electronic Health Records" and "Security, Safety and Ethics".
View Article and Find Full Text PDF

Download full-text PDF

Source
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC4896069PMC
December 2009