Usable privacy and security in personal health records

Authors:
Inma Carrión;Jose L. Fernández-Alemán;Ambrosio Toval
Affiliations:
Department of Informatics and Systems, University of Murcia, Spain;Department of Informatics and Systems, University of Murcia, Spain;Department of Informatics and Systems, University of Murcia, Spain
Venue:
INTERACT'11 Proceedings of the 13th IFIP TC 13 international conference on Human-computer interaction - Volume Part IV
Year:
2011

Citing 10
Cited 0

Electronic Medical Records: A Review Comparing the Challenges in Developed and Developing Countries

HICSS '08 Proceedings of the Proceedings of the 41st Annual Hawaii International Conference on System Sciences
Privacy preservation and information security protection for patients' portable electronic health records

Computers in Biology and Medicine
Enhancing research into usable privacy and security

Proceedings of the 27th ACM international conference on Design of communication
A privacy framework for mobile health and home-care systems

Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
Evaluation Framework for Personal Health Records: Microsoft HealthVault Vs. Google Health

HICSS '10 Proceedings of the 2010 43rd Hawaii International Conference on System Sciences
An attribute-based authorization policy framework with dynamic conflict resolution

Proceedings of the 9th Symposium on Identity and Trust on the Internet
Social networking applications in health care: threats to the privacy and security of health information

Proceedings of the 2010 ICSE Workshop on Software Engineering in Health Care
Deriving consumer-facing disease concepts for family health histories using multi-source sampling

Journal of Biomedical Informatics
Ethical, legal and social issues for personal health records and applications

Journal of Biomedical Informatics
Privacy policies of personal health records: an evaluation of their effectiveness in protecting patient information

Proceedings of the 1st ACM International Health Informatics Symposium

Quantified Score

Hi-index	0.00

Visualization

Abstract

PHRs (Personal Health Records) store individuals' personal health information. Access to this data is controlled by the patient, rather than by the health care provider. Companies such as Google and Microsoft are establishing a leadership position in this emerging market. In this context, the need for psychological acceptability in privacy and security protection mechanisms is essential. Any privacy and security mechanism must be acceptable from a usability perspective. This paper presents a study of the privacy policies of 22 free web-based PHRs. Security and privacy characteristics have been extracted according to the ISO/TS 13606-4 standard. In general, quite a good level was observed in the characteristics analyzed. Nevertheless, some improvements could be made to current PHR privacy policies to enhance the management of other users' data, the notification of changes to the privacy policy to users and the audit of accesses to users' PHRs.