Tag Archives: security

Ownership of Health Data

I’ve been thinking about ideas for the upcoming HealthHack (nwhealthhack.com). In addition to participatory design (see last post), I’m also interested in transparency and accountability of eHealth infrastructure.¬†Health apps and devices often record real-time data. ¬†Examples include “ecological momentary interventions” that ask patients how they are feeling, and smart sensing devices that transmit data on activity or physiological states.

If I am using a device that produces real-time data, I would like an app that can provide the following information:
(a) What is happening to the data produced by the device? Where does it go, and where is it stored? Which service providers are involved? What are the estimated risks to integrity and privacy in each case?
(b) Which humans can see the data and why? What decisions can they make?
(c) How is the data processed? What algorithms are applied to the data and why? E.g. visualisation, decision support. In each case, what are the risks of error?

Some important points:
1. This is not only about data, but also about processes and organisations.
2. It’s not just about privacy, but also about integrity and reliability.
3. The client or patient need not understand the information in detail, but they may consult an independent expert who can understand it – just as with open source software.
4. Ideally we need modelling on multiple levels of abstraction (e.g. a component can be a secure wireless connection, or it can be an algorithm).

Although this requires some challenging modelling, I think we can start to make the first steps by tracking the data, showing where it is going, and what algorithms or organisations are using it. The next challenge would be ensuring that only acceptable things are happening. More on this later…

Advertisements