towards privacy by design in personal e health systems
play

Towards Privacy by Design in Personal e-Health Systems George - PowerPoint PPT Presentation

Nov 06, 2022 •332 likes •486 views

Towards Privacy by Design in Personal e-Health Systems George Drosatos Pavlos S. Efraimidis, Garrath Williams and Eleni Kaldoudi School of Medicine Dept. of Electric and Computer Engineering Democritus University of Thrace This work was

  1. Towards Privacy by Design in Personal e-Health Systems George Drosatos Pavlos S. Efraimidis, Garrath Williams and Eleni Kaldoudi School of Medicine Dept. of Electric and Computer Engineering Democritus University of Thrace This work was supported by the FP7-ICT project CARRE (No. 611140), co-funded by the European Commission.

  2. First step towards privacy by design ‒ Analyze the personal e-Health systems  Modeling their functionalities ‒ Identify the arising privacy issues  Based on modeled system’s functionality ‒ Present some possible privacy-enhancing techniques  e.g. encryption, anonymization, pseudonyms … Next steps:  Develop a methodology for engineering privacy  Organize practical guidelines HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 2

  3. CARRE Project https://www.carre-project.eu ‒ It is a EU co-funded project in the area of cardiorenal with focus to provide personalized health ‒ Personal data: Sensor data (e.g. activity and blood pressure), PHR and patient’s intentions (travel, diet, diseases, etc) HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 3

  4. Privacy principles and concerns Privacy concerns: Privacy ≡ The right to  User identification informational self-determination  Personal data leakage  Individual consent Privacy principles:  Individual control  Data minimization  Data protection by design  Data protection by default 1. Directive 95/46/EC. In Official Journal L 281, 0031-0050 (1995) 2. Green Paper on Mobile Health (“mHealth”) (SWD(2014) 135 Final) HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 4

  5. Data requirements for a personal e-Health system public data on the web educational resources for patients medical evidence quantified self personal health records electronic personal health medical records e-health system intentions, environmental plans, etc. sensors cognitive health geolocation insurance data environmental financial personal data in personal data in personal systems institutional systems

  6. Basic personal e-Health systems functionalities personal data from basic e-health system ‘bulletin’ board 2 5 1 personal systems private personal institutional announcements interface data storage systems user to third parties private public data responses to personal data from 3 processing anonymous individual public online databases personal data 4 to external services and data bases (e.g. registries or statistical pooling) HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 6

  7. (1) Personal data storage and processing Privacy issues arise when these operations happens on remote service ‒ Countermeasures of data storage:  Cryptographic techniques basic e-Health system ‒ Countermeasures of processing: personal data storage  There is not general solution interface user  Processing in encrypted data personal data require a lot of assumptions processing  Pre-processing before encryption  Computational cost  Not possible to be applied to all cases HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 7

  8. (2) Personal data exchange with 3 rd party systems ‒ Privacy issues:  Linkability among the different user’s accounts  Linkability with the physical person (in case of personal data from interaction with institutional systems) personal systems  Increase privacy concerns when combine institutional systems partial personal data together basic e-Health system ‒ Countermeasures: personal  There is not direct measures to this problem interface data storage user  An obvious solution involves building personal dedicated middleware in the user-side that data processing will act as a proxy for all personal systems HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 8

  9. (3) Integration of personalized public data ‒ Privacy issues :  Linking particular public data to specific user  Revealing the user’s needs to public service public data from ‒ Countermeasures: public online  Altering (expanding or generalizing) the databases initial request  Cooperation of a group of users in the basic e-Health system system to conceal one another’s requests personal interface data storage  Using anonymous network technologies user (such as TOR) personal data processing HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 9

  10. (4) Exporting personal data for public use ‒ Privacy issues:  Medical registries: User identification of ‘critical mass’ of pooled anonymized personal data  Statistical data pooling: User identification if number of participants is small basic e-Health system personal ‒ Countermeasures: interface data storage user  Medical registries: Minimizing and stripping all personal the identifiable parts data processing  Statistical data pooling:  Privacy preserving cryptographic techniques personal data to  The appropriate technique depends on the location of external services and data bases storage and the form of statistical processing (e.g. registries or statistical pooling) HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 10

  11. (5) Exchange of private personal data messages ‒ Privacy issues: ‘bulletin’ board  Conceal the user’s identity from the system and private (selectively) from the receiver of the message announcements to third parties  Conceal the actual message from the system private responses to anonymous ‒ Countermeasures: individual  Anonymous credential techniques  Cryptographic techniques basic e-Health system  Unlinkably exchanging messages personal interface data storage user personal data processing HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 11

  12. Conclusions & Next steps ‒ Analyze the personal e-Health systems, identify the arising privacy issues and present some possible privacy-enhancing techniques ‒ Based on the arising privacy issues and propose possible countermeasures  Develop a methodology for engineering privacy and present practical guidelines  Apply the developed methodology to CARRE HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 12

  13. Any questions? THANK YOU

  14. Acknowledgement This work was supported by the FP7-ICT project CARRE (No. 611140 ), co-funded by the European Commission . CARRE Project: Personalized patient empowerment and shared decision support for cardiorenal disease and comorbidities. HEALTHINF 2016, part of BIOSTEC, 21-23 Feb 2016 G. Drosatos, Privacy by Design in Personal e-Health: 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Measuring Individual Privacy In the Context of Personal Health Big Data Cinnamon S. Bloss, Ph.D

Measuring Individual Privacy In the Context of Personal Health Big Data Cinnamon S. Bloss, Ph.D

Measuring Individual Privacy In the Context of Personal Health Big Data Cinnamon S. Bloss, Ph.D Assistant Professor University of California, San Diego cbloss@eng.ucsd.edu @CinnamonBloss Justice Scalias Privacy Legacy Privacy of the

641 views • 39 slides
Privacy by Design Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich Privacy by

Privacy by Design Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich Privacy by

Privacy by Design Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich Privacy by Design ETH Zurich, Switzerland www.inf.ethz.ch/~langhein Ubicomp 2001, Atlanta Contents Ubicomp 2001, Atlanta ! Privacy primer Does privacy

680 views • 22 slides
Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario https://www.ipc.on.ca/images/resources/7foundationalprinciples.pdf Privacy by Design Let's have it! Article 25 European

1.32k views • 118 slides
Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data Protecting Personal Data Privacy & Security Project HIPAA: What it is Health Insurance Portability and Accountability Act of 1996 Also known as

445 views • 26 slides
Privacy by Design A technical perspective Carmela Troncoso Gradiant The usual privacy

Privacy by Design A technical perspective Carmela Troncoso Gradiant The usual privacy

PR eparing I ndustry to P rivacy-by-design by supporting its A pplication in RE search Privacy by Design A technical perspective Carmela Troncoso Gradiant The usual privacy scenario Protect personal data from third parties Data

359 views • 9 slides
Personal Privacy in Ubiquitous Personal Privacy in Ubiquitous Computing Marc Langheinrich

Personal Privacy in Ubiquitous Personal Privacy in Ubiquitous Computing Marc Langheinrich

Personal Privacy in Ubiquitous Personal Privacy in Ubiquitous Computing Marc Langheinrich Institute for Pervasive Computing Institute for Pervasive Computing ETH Zurich, Switzerland Approaches to Ubicomp Privacy Disappearing Computer

794 views • 45 slides
Electronic Communication of Personal Health Information A presentation to the Porcupine Health

Electronic Communication of Personal Health Information A presentation to the Porcupine Health

Electronic Communication of Personal Health Information A presentation to the Porcupine Health Unit (Timmins, Ontario) May 11 th , 2017 Nicole Minutti, Health Policy Analyst Agenda 1. Protecting Privacy when Communicating Electronically 2.

636 views • 35 slides
Web and privacy Privacy and protection of personal data specific purpose (to collect and

Web and privacy Privacy and protection of personal data specific purpose (to collect and

Web and privacy Industrial perspectives on Cryptography A. Esterle - ENISA Antwerp 29 May 2008 www.enisa.europa.eu Web and privacy Privacy and protection of personal data specific purpose (to collect and process it) subject

732 views • 7 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
Health Privacy Project at CDT Projects aim: Develop and promote workable privacy and

Health Privacy Project at CDT Projects aim: Develop and promote workable privacy and

12/1/2011 De Identification of De-Identification of Health Data under HIPAA: Potential Paths Forward Deven McGraw Director Health Privacy Project Director, Health Privacy Project November 30, 2011 Health Privacy Project at CDT

510 views • 9 slides
Privacy Engineering Objectives and Risk Model Objective-Based Design for Improving Privacy in

Privacy Engineering Objectives and Risk Model Objective-Based Design for Improving Privacy in

Privacy Engineering Objectives and Risk Model Objective-Based Design for Improving Privacy in Information Systems 1 NIST research has a broad impact shutterstock.com shutterstocom G. Hooijer/ D. Stork/ Facilitates trade and fair Improves

405 views • 18 slides
Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc

Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc

Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc Langheinrich Institute for Pervasive Computing Institute for Pervasive Computing ETH Zurich, Switzerland Approaches to Security & Privacy in

749 views • 39 slides
Privacy by Design Deirdre K. Mulligan Privacy by design, why now? Legal Drivers E- Government

Privacy by Design Deirdre K. Mulligan Privacy by design, why now? Legal Drivers E- Government

Privacy by Design Deirdre K. Mulligan Privacy by design, why now? Legal Drivers E- Government Act of 2002 and OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002 Resolution on Privacy by Design, Data Protection

556 views • 41 slides
Personal Privacy in Ubiquitous Computing Computing Marc Langheinrich Institute for Pervasive

Personal Privacy in Ubiquitous Computing Computing Marc Langheinrich Institute for Pervasive

Personal Privacy in Ubiquitous Computing March 11, 2008 Personal Privacy in Ubiquitous Computing Computing Marc Langheinrich Institute for Pervasive Computing ETH Zurich, Switzerland Approaches to Ubicomp Privacy Disappearing Computer

532 views • 23 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s

245 views • 20 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 11, 2014 y & c S a e v c i u r P r i t e y l b L a a s

555 views • 21 slides
Centralised versus Decentralised Management of Patients Medical Records Catherine QUANTIN 1 ,

Centralised versus Decentralised Management of Patients Medical Records Catherine QUANTIN 1 ,

Centralised versus Decentralised Management of Patients Medical Records Catherine QUANTIN 1 , Gouenou COATRIEUX, Maniane FASSA, Vincent BRETON, David-Olivier JAQUET-CHIFFELLE, Paul de VLIEGER, Norbert LYPSZYC, Jean-Yves BOIRE, Christian ROUX,

482 views • 23 slides
Arevir University of Cologne Institute of Virology Analysis of resistance mutations of HI-Virus

Arevir University of Cologne Institute of Virology Analysis of resistance mutations of HI-Virus

Arevir University of Cologne Institute of Virology Analysis of resistance mutations of HI-Virus Bioinformatics analysis of relations between mutations of the HIV genome and phenotypical drug resistance for the optimization of anti-retroviral

262 views • 22 slides
Unlinking Private Data Unlinking Private Data Alex Vaynberg Alex Vaynberg 04/11/2006

Unlinking Private Data Unlinking Private Data Alex Vaynberg Alex Vaynberg 04/11/2006

Unlinking Private Data Unlinking Private Data Alex Vaynberg Alex Vaynberg 04/11/2006 04/11/2006 Yale University Yale University Sensitive Information in the Wired World Sensitive Information in the Wired World Privacy and Privacy Loss

551 views • 18 slides
Quaderni del Dipartimento di Matematica e Informatica Universit` a degli Studi di Parma

Quaderni del Dipartimento di Matematica e Informatica Universit` a degli Studi di Parma

Quaderni del Dipartimento di Matematica e Informatica Universit` a degli Studi di Parma Gianfranco Rossi 1 , Federico Bergenti 2 Nondeterministic Programming in Java with JSetL 29 gennaio 2013 n. 510 Il presente lavoro ` e stato finanziato

325 views • 30 slides
The Determinants of Youth Activity Status in Mexico City. A Mixed Methods Analysis Gabriela

The Determinants of Youth Activity Status in Mexico City. A Mixed Methods Analysis Gabriela

The Determinants of Youth Activity Status in Mexico City. A Mixed Methods Analysis Gabriela Snchez-Soto Andrea Bautista Len Department of Demography The University of Texas at San Antonio Contact: gabriela.sanchez-soto@utsa.edu Paper

731 views • 37 slides
Investor Presentation 31 March 2019 Contents 1. Overview of Masraf Al Rayan 2. Key Financial

Investor Presentation 31 March 2019 Contents 1. Overview of Masraf Al Rayan 2. Key Financial

Investor Presentation 31 March 2019 Contents 1. Overview of Masraf Al Rayan 2. Key Financial Highlights 2.1 Profitability 2.2 Balance Sheet 2.3 Asset Quality 2.4 Capitalisation 3. Overview of Qatar 4. Key Contacts 2 1. Overview

309 views • 15 slides
APSG Family, Welcome YOU ! APSGS MISSION To provide a platform for Andersonian parents to be

APSG Family, Welcome YOU ! APSGS MISSION To provide a platform for Andersonian parents to be

APSG Family, Welcome YOU ! APSGS MISSION To provide a platform for Andersonian parents to be involved in activities that would grow them as supportive partners in their teens journey, both at school and at home. APSGS VISION - To

573 views • 5 slides
Shenandoah National Park Big Meadows Example of data available with Park Tiles API Shenandoah

Shenandoah National Park Big Meadows Example of data available with Park Tiles API Shenandoah

Shenandoah National Park Big Meadows Example of data available with Park Tiles API Shenandoah National Park Big Meadows

561 views • 15 slides

More recommend