Top

Published in:

01-08-2018 | Mobile & Wireless Health

Evaluating the Privacy Policies of Mobile Personal Health Records for Pregnancy Monitoring

Authors: Mariam Bachiri, Ali Idri, José Luis Fernández-Alemán, Ambrosio Toval

Published in: Journal of Medical Systems | Issue 8/2018

Abstract

A mobile personal health record (mPHR) for pregnancy monitoring allows the pregnant woman to track and manage her personal health data. However, owing to the privacy and security issues that may threaten the exchange of this sensitive data, a privacy policy should be established. The aim of this study is to evaluate the privacy policies of 19 mPHRs for pregnancy monitoring (12 for iOS and 7 for Android) using a template covering the characteristics of privacy, security, and standards and regulations. The findings of this study show that none of the privacy policies evaluated entirely comply with the characteristics studied. The developers of mPHRs for pregnancy monitoring are, therefore, requested to improve and pay more attention to the structure and the content of the privacy policies of their apps.

Available only for authorised users

Hung, P., Towards a privacy access control model for e-healthcare services. Third Annu. Conf. Privacy, Secur. Trust. 17799:12–14, 2005.

Ancker, J. S., Hafeez, B., and Kaushal, R., Socioeconomic disparities in adoption of personal health records over time. Am. J. Manag. Care. 22(8):539–540, 2016.PubMedPubMedCentral

Ford, E. W., Hesse, B. W., and Huerta, T. R., Personal health record use in the United States: Forecasting Future Adoption Levels. J. Med. Internet Res. 18(3):e73, 2016.CrossRefPubMedPubMedCentral

Fernández-Alemán, J. L., Seva-Llor, C. L., Toval, A., Ouhbi, S., and Fernández-Luque, L., Free web-based personal health records: An analysis of functionality. J. Med. Syst. 37(6):9990, 2013.CrossRefPubMed

Meingast, M., Roosta, T., and Sastry, S., Security and privacy issues with health care information technology. Conf. Proc. IEEE Eng. Med. Biol. Soc. 1:5453–5458, 2006.PubMed

Malin, B. A., El Emam, K., and O’Keefe, C. M., Biomedical data privacy: problems, perspectives, and recent advances. J. Am. Med. Informatics Assoc. 20(1):2–6, 2013.CrossRef

Ouhbi, S., Fernández-Alemán, J. L., Toval, A., Idri, A., and Pozo, J. R., Free blood donation mobile applications. J. Med. Syst. 39(5):52, 2015.CrossRefPubMed

Sardi, L., Idri, A., and Fernández-Alemán, J. L., Gamified mobile blood donation applications. Int. Conf. Bioinform. Biomed. Eng. 1:165–176, 2017.CrossRef

Idri, A., Bachiri, M., Fernandez-Aleman, J. L., and Toval, A., ISO/IEC 25010 based evaluation of free mobile personal health records for pregnancy monitoring. Proc. - Int. Comput. Softw. Appl. Conf. 1:262–267, 2017.

10.

Bouri, N., and Ravi, S., Going mobile: How mobile personal health records can improve health care during emergencies. JMIR Mhealth Uhealth. 2(1):e89, 2014.CrossRef

11.

Ouhbi, S., Idri, A., Fernandez-Aleman, J. L., and Toval, A., Mobile personal health records for cardiovascular patients. In: 2015 Third World Conf. Complex Syst., pp. 1–6, 2015.

12.

Chavez, S. et al., Mobile apps for the management of diabetes. Diabetes Care. 40(10):e145–e146, 2017.CrossRefPubMedPubMedCentral

13.

Liu, L. S., Shih, P. C., and Hayes, G. R., Barriers to the adoption and use of personal health record systems. In: Proc. 2011 iConference - iConference ‘11, pp. 363–370, 2011.

14.

Zapata, B. C., Hernández Niñirola, A., Fernández-Alemán, J. L., and Toval, A., Assessing the privacy policies in mobile personal health records. IEEE Eng. Med. Biol. Soc. 2014:4956–4959, 2014.

15.

Martinez-Pérez, B., de la Torre-Diez, I., and Lopez-Coronado, M., Privacy and security in mobile health apps: A Review and Recommendations. J. Med. Syst. 39(1):181, 2015.CrossRefPubMed

16.

Leino-Kilpi, H. et al., Privacy:a review of the literature. Int. J. Nurs. Stud. 38(6):663–671, 2001.CrossRefPubMed

17.

Haas, S., Wohlgemuth, S., Echizen, I., Sonehara, N., and Müller, G., Aspects of privacy for electronic health records. Int. J. Med. Inform. 80(2):e26–e31, 2011.CrossRefPubMed

18.

Bachiri, M., Idri, A., Fernández-Alemán, J. L., and Toval, A., Mobile personal health records for pregnancy monitoring functionalities: Analysis and potential. Comput. Methods Programs Biomed. 134:121–135, 2016.CrossRefPubMed

19.

Shaw, E. et al., Access to web-based personalized antenatal health records for pregnant women: a randomized controlled trial. J. Obstet. Gynaecol. Can. 30(1):38–43, 2008.CrossRefPubMed

20.

Lee, Y., and Moon, M., Utilization and content evaluation of mobile applications for pregnancy, birth, and child care. Healthc. Inform. Res. 22(2):73–80, 2016.CrossRefPubMedPubMedCentral

21.

Dehling, T., Gao, F., Schneider, S., and Sunyaev, A., Exploring the far side of mobile health: Information Security and Privacy of Mobile Health Apps on iOS and Android. JMIR mHealth uHealth. 3(1):e8, 2015.CrossRefPubMedPubMedCentral

22.

Adhikari, R., Richards, D., and Scott, K., Security and privacy issues related to the use of mobile health apps. In: 25th Australas. Conf. Inf. Syst. (ACIS 2014), no. Schulke 2013, pp. 1–11, 2014.

23.

Señor, I. C., Fernández-Alemán, J. L., and Toval, A., Are personal health records safe? A review of free web-accessible personal health record privacy policies. J. Med. Internet Res. 14(4):1–13, 2012.

24.

Healthcare Mobile App Development and mHealth Apps, 2017. Available: https://medium.com/@Adoriasoft_Com/healthcare-mobile-app-development-and-mhealth-apps-in-2017-eb307d4cad36. [Accessed: 24-Sep-2017].

25.

Privacy Policy Guidance, 2017. Available: https://developers.google.com/actions/policies/privacy-policy-guide. [Accessed: 24-Sep-2017].

26.

App Store Review Guidelines, 2017. Available: https://developer.apple.com/app-store/review/guidelines/#health-and-health-research. [Accessed: 24-Sep-2017].

27.

International Organization for Standardization, 2011. ISO/TS 13606–4:2009: Health informatics -- Electronic Health Record Communication -- Part 4: Security. Available: https://www.iso.org/standard/50121.html. [Accessed: 29-Oct-2017].

28.

Yee, G., and Korba, L. Personal privacy policies. In: Vacca, J. R, (Ed.), Computer and Information Security Handbook. Amsterdam: Morgan Kaufmann, pp. 487–505, 2009.

29.

Denzin, N. K., Sociological Methods: A Sourcebook. New Brunswick, NJ: Aldine Transaction, 2006.

30.

Arora, S., Yttri, J., and Nilsen, W., Privacy and Security in Mobile Health (mHealth) Research. Alcohol Res. Curr. Rev. 36(1):143–152, 2014.

31.

Zubaydi, F., Saleh, A., Aloul, F., and Sagahyroon, A., Security of mobile health (mHealth) systems. In: 2015 IEEE 15th Int. Conf. Bioinforma. Bioeng. BIBE 2015, 2015.

32.

WebMD - Better information. Better health, 2018. Available: https://www.webmd.com. [Accessed: 04-Jun-2018].

33.

WebMD Privacy policy, 2017. Available: http://www.webmd.com/about-webmd-policies/about-privacy-policy. [Accessed: 01-Aug-2017].

34.

The commitment to reliable health and medical information on the internet, 2017. Available: http://www.hon.ch/HONcode/Patients/Visitor/visitor.html. [Accessed: 25-Sep-2017].

35.

Health On the Net Foundation, 2018. Available: https://www.hon.ch/HONcode/Patients/Visitor/visitor.html. [Accessed: 04-Jun-2018].

36.

Luxton, D. D., Kayl, R. A., and Mishkind, M. C., mHealth data security: The Need for HIPAA-Compliant Standardization. Telemed. e-Health. 18(4):284–288, 2012.CrossRef

37.

2018 reform of EU data protection rules, 2018. Available: https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en#abouttheregulationanddataprotection. [Accessed: 05-Jun-2018].

38.

Carrión, I., Fernández-Alemán, J. L., Jayne, C., Palmer-Brown, D., Toval, A., and Carrillo-De-Gea, J. M., Evaluation and neuronal network-based classification of the PHRs privacy policies. Proc. Annu. Hawaii Int. Conf. Syst. Sci. 1:2840–2849, 2011.

39.

Zapata, B. C., Niñirola, A. H., Fernández-Alemán, J. L., and Toval, A., Seguridad y privacidad en carpetas personales de salud para android e iOS. RISTI - Rev. Iber. Sist. e Tecnol. Inf. 13(1):35–50, 2014.

40.

Huba, N., and Zhang, Y., Designing patient-centered personal health records (PHRs): Health care professionals’ perspective on patient-generated data. J. Med. Syst. 36(6):3893–3905, 2012.CrossRefPubMed

41.

Apple HealthKit, 2017. Available: https://developer.apple.com/documentation/healthkit. [Accessed: 01-Sep-2017].

42.

Avancha, S., Baxi, A., and Kotz, D., Privacy in mobile technology for personal healthcare. ACM Comput. Surv. 45(1):1–54, 2012.CrossRef

43.

Win, K. T., Susilo, W., and Mu, Y., Personal health record systems and their security protection. J. Med. Syst. 30(4):309–315, 2006.CrossRefPubMed

44.

Fernández-Alemán, J. L., Señor, I. C., Lozoya, P. A. O., and Toval, A., Security and privacy in electronic health records: A systematic literature review. J. Biomed. Inform. 46(3):541–562, 2013.CrossRefPubMed

45.

Apple Health App, 2017. Available: https://www.apple.com/ios/health/. [Accessed: 20-Sep-2017].

46.

Zhang, L., Zhang, Y., Tang, S., and Luo, H., Privacy protection for E-Health systems by means of dynamic authentication and three-factor key agreement. IEEE Trans. Ind. Electron. 65(3):2795–2805, 2018.CrossRef

47.

Model Privacy Notice (MPN), 2017. Available: https://www.healthit.gov/policy-researchers-implementers/model-privacy-notice-mpn. [Accessed: 12-Dec-2017].

48.

About the PHR Model Privacy Notice, 2011. Available: https://www.healthit.gov/sites/default/files/phr-model-privacy-notice-backgrounder-final.pdf. [Accessed: 12-Dec-2017].

49.

2016 Model Privacy Notice, 2016. Available: https://www.healthit.gov/sites/default/files/2016_model_privacy_notice.pdf. [Accessed: 12-Dec-2017].

50.

Stone, P. W., Popping the (PICO) question in research and evidence-based practice. Appl. Nurs. Res. 15(3):197–198, 2002.CrossRefPubMed

51.

Wetherall, D., et al., Privacy revelations for web and mobile apps. In: Proc. 13th USENIX Conf. Hot Top. Oper. Syst., pp. 21–21, 2011.

52.

Ouhbi, S., Fernández-Alemán, J. L., Carrillo-de-Gea, J. M., Toval, A., and Idri, A., E-health internationalization requirements for audit purposes. Comput. Methods Programs Biomed. 144:49–60, 2017.CrossRefPubMed

53.

Cruz Zapata, B., Fernández-Alemán, J. L., Toval, A., and Idri, A., Reusable Software usability specifications for mHealth applications. J. Med. Syst. 42(3):1–9, 2018.CrossRef

54.

El-Gayar, O., Timsina, P., Nawar, N., and Eid, W., Mobile applications for diabetes self-management: Status and potential. J. Diabetes Sci. Technol. 7(1):247–262, 2013.CrossRefPubMedPubMedCentral

55.

Kadi, I., Idri, A., and Fernandez-Aleman, J. L., Knowledge discovery in cardiology: A systematic literature review. Int. J. Med. Inform. 97:12–32, 2017.CrossRefPubMed

Title: Evaluating the Privacy Policies of Mobile Personal Health Records for Pregnancy Monitoring
Authors: Mariam Bachiri
Ali Idri
José Luis Fernández-Alemán
Ambrosio Toval
Publication date: 01-08-2018
Publisher: Springer US
Published in: Journal of Medical Systems / Issue 8/2018
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-018-1002-x

At a glance: The STEP trials

Springer Medicine

Evaluating the Privacy Policies of Mobile Personal Health Records for Pregnancy Monitoring

Abstract

At a glance: The STEP trials

Springer Medicine

Abstract

Please log in to get access to this content

Other articles of this Issue 8/2018

MIStore: a Blockchain-Based Medical Insurance Storage System

Secure Cloud-Based EHR System Using Attribute-Based Cryptosystem and Blockchain

Clinical Interest and Economic Impact of Preoperative SMS Reminders before Ambulatory Surgery: A Propensity Score Analysis

Blockchain-Based Data Preservation System for Medical Data

Feature Selection for Automatic Tuberculosis Screening in Frontal Chest Radiographs

Design and Evaluation of a Real Time Physiological Signals Acquisition System Implemented in Multi-Operating Rooms for Anesthesia