- Proceedings of the National Academy of Sciences of the United States of America
- Published over 1 year ago
Since 2013, a stream of disclosures has prompted reconsideration of surveillance law and policy. One of the most controversial principles, both in the United States and abroad, is that communications metadata receives substantially less protection than communications content. Several nations currently collect telephone metadata in bulk, including on their own citizens. In this paper, we attempt to shed light on the privacy properties of telephone metadata. Using a crowdsourcing methodology, we demonstrate that telephone metadata is densely interconnected, can trivially be reidentified, and can be used to draw sensitive inferences.
Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients' stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting.
With rising smartphone ownership, mobile health applications (mHealth apps) have the potential to support high-need, high-cost populations in managing their health. While the number of available mHealth apps has grown substantially, no clear strategy has emerged on how providers should evaluate and recommend such apps to patients. Key stakeholders, including medical professional societies, insurers, and policy makers, have largely avoided formally recommending apps, which forces patients to obtain recommendations from other sources. To help stakeholders overcome barriers to reviewing and recommending apps, we evaluated 137 patient-facing mHealth apps-those intended for use by patients to manage their health-that were highly rated by consumers and recommended by experts and that targeted high-need, high-cost populations. We found that there is a wide variety of apps in the marketplace but that few apps address the needs of the patients who could benefit the most. We also found that consumers' ratings were poor indications of apps' clinical utility or usability and that most apps did not respond appropriately when a user entered potentially dangerous health information. Going forward, data privacy and security will continue to be major concerns in the dissemination of mHealth apps.
- Journal of the American Medical Informatics Association : JAMIA
- Published about 3 years ago
Mobile health (mHealth) customers shopping for applications (apps) should be aware of app privacy practices so they can make informed decisions about purchase and use. We sought to assess the availability, scope, and transparency of mHealth app privacy policies on iOS and Android. Over 35 000 mHealth apps are available for iOS and Android. Of the 600 most commonly used apps, only 183 (30.5%) had privacy policies. Average policy length was 1755 (SD 1301) words with a reading grade level of 16 (SD 2.9). Two thirds (66.1%) of privacy policies did not specifically address the app itself. Our findings show that currently mHealth developers often fail to provide app privacy policies. The privacy policies that are available do not make information privacy practices transparent to users, require college-level literacy, and are often not focused on the app itself. Further research is warranted to address why privacy policies are often absent, opaque, or irrelevant, and to find a remedy.
To examine the ethical and legal issues physicians face when evaluating and managing athletes with sports-related concussions, and to offer guidance to physicians as they navigate these situations.RESULTS: This position paper reviews and compares the components of sports-related concussion laws, including education, removal from play, and clearance for return to play. It highlights the challenges privacy laws present relevant to providing care to concussed athletes and suggests ways to help physicians overcome these obstacles. The report also explores the ethical considerations physicians should bear in mind as they evaluate and manage concussed athletes, addressing them through a framework that includes considerations of professionalism, informed decision-making, patient autonomy, beneficence, nonmaleficence, conflicts of interest, and distributive justice.CONCLUSIONS: Physicians caring for concussed athletes have an ethical obligation to ensure that their primary responsibility is to safeguard the current and future physical and mental health of their patients. Physicians have a duty to provide athletes and their parents with information about concussion risk factors, symptoms, and the risks for postconcussion neurologic impairments. Physicians should facilitate informed and shared decision-making among athletes, parents, and medical teams while protecting athletes from potential harm. Additionally, including concussion evaluation and management training in neurology residency programs, as well as developing a national concussion registry, will benefit patients by the development of policies and clinical guidelines that optimize prevention and treatment of concussive head injury.
- Journal of the American Medical Informatics Association : JAMIA
- Published over 1 year ago
We describe use cases and an institutional reference architecture for maintaining high-capacity, data-intensive network flows (e.g., 10, 40, 100 Gbps+) in a scientific, medical context while still adhering to security and privacy laws and regulations.
This study aims to understand the influence of the ethical and legal issues on cloud computing adoption in the field of genomics research. To do so, we adapted Diffusion of Innovation (DoI) theory to enable understanding of how key stakeholders manage the various ethical and legal issues they encounter when adopting cloud computing. Twenty semi-structured interviews were conducted with genomics researchers, patient advocates and cloud service providers. Thematic analysis generated five major themes: 1) Getting comfortable with cloud computing; 2) Weighing the advantages and the risks of cloud computing; 3) Reconciling cloud computing with data privacy; 4) Maintaining trust and 5) Anticipating the cloud by creating the conditions for cloud adoption. Our analysis highlights the tendency among genomics researchers to gradually adopt cloud technology. Efforts made by cloud service providers to promote cloud computing adoption are confronted by researchers' perpetual cost and security concerns, along with a lack of familiarity with the technology. Further underlying those fears are researchers' legal responsibility with respect to the data that is stored on the cloud. Alternative consent mechanisms aimed at increasing patients' control over the use of their data also provide a means to circumvent various institutional and jurisdictional hurdles that restrict access by creating siloed databases. However, the risk of creating new, cloud-based silos may run counter to the goal in genomics research to increase data sharing on a global scale.
Digital health services empower people to track, manage, and improve their own health and quality of life while delivering a more personalized and precise health care, at a lower cost and with higher efficiency and availability. Essential for the use of digital health services is that the treatment of any personal data is compatible with the Patient Data Act, Personal Data Act, and other applicable privacy laws.
Research on large shared medical datasets and data-driven research are gaining fast momentum and provide major opportunities for improving health systems as well as individual care. Such open data can shed light on the causes of disease and effects of treatment, including adverse reactions side-effects of treatments, while also facilitating analyses tailored to an individual’s characteristics, known as personalized or “stratified medicine.” Developments, such as crowdsourcing, participatory surveillance, and individuals pledging to become “data donors” and the “quantified self” movement (where citizens share data through mobile device-connected technologies), have great potential to contribute to our knowledge of disease, improving diagnostics, and delivery of -healthcare and treatment. There is not only a great potential but also major concerns over privacy, confidentiality, and control of data about individuals once it is shared. Issues, such as user trust, data privacy, transparency over the control of data ownership, and the implications of data analytics for personal privacy with potentially intrusive inferences, are becoming increasingly scrutinized at national and international levels. This can be seen in the recent backlash over the proposed implementation of care.data, which enables individuals' NHS data to be linked, retained, and shared for other uses, such as research and, more controversially, with businesses for commercial exploitation. By way of contrast, through increasing popularity of social media, GPS-enabled mobile apps and tracking/wearable devices, the IT industry and MedTech giants are pursuing new projects without clear public and policy discussion about ownership and responsibility for user-generated data. In the absence of transparent regulation, this paper addresses the opportunities of Big Data in healthcare together with issues of responsibility and accountability. It also aims to pave the way for public policy to support a balanced agenda that safeguards personal information while enabling the use of data to improve public health.
- Genetics in medicine : official journal of the American College of Medical Genetics
- Published almost 2 years ago
The implementation of genomic-based medicine is hindered by unresolved questions regarding data privacy and delivery of interpreted results to health-care practitioners. We used DNA-based prediction of HIV-related outcomes as a model to explore critical issues in clinical genomics.