Poster

SoK: Analysis of User-Centered Studies Focusing on Healthcare Privacy & Security

Authors:
To read the file of this research, you can request a copy directly from the authors.

Abstract

Sensitive information is intrinsically tied to interactions in healthcare, and its protection is of paramount importance for achieving high-quality patient outcomes. Research in health-care privacy and security is predominantly focused on understanding the factors that increase the susceptibility of users to privacy and security breaches. To understand further, we systematically review 26 research papers in this domain to explore the existing user studies in healthcare privacy and security. Following the review, we conducted a card-sorting exercise, allowing us to identify 12 themes integral to this subject such as "Data Sharing," "Risk Awareness," and "Privacy." Further to the identification of these themes, we performed an in-depth analysis of the 26 research papers report on the insights into the discourse within the research community about healthcare privacy and security, particularly from the user perspective.

No file available

Request Full-text Paper PDF

To read the file of this research,
you can request a copy directly from the authors.

... To address this, we evaluated the privacy policies of 28 healthcare apps predominantly used by older adults by creating the Privacy Risk Assessment Framework (PRAF). This framework was established on regulations such as the Health Insurance Portability and Accountability Act (HIPAA) [39], [50], [51], [55] and General Data Protection Regulation (GDPR) [1], [35], [43], [46], aiming to identify any concern in the privacy policies that could impact older adults. Our findings reveal significant variability in the comprehensibility and transparency of privacy policies and key privacy principles such as data minimization, retention period, and breach protocol were unevenly implemented across the apps. ...
Preprint
Full-text available
The widespread adoption of telehealth systems has led to a significant increase in the use of healthcare apps among older adults, but this rapid growth has also heightened concerns about the privacy of their health information. While HIPAA in the US and GDPR in the EU establish essential privacy protections for health information, limited research exists on the effectiveness of healthcare app privacy policies, particularly those used predominantly by older adults. To address this, we evaluated 28 healthcare apps across multiple dimensions, including regulatory compliance, data handling practices, and privacy-focused usability. To do this, we created a Privacy Risk Assessment Framework (PRAF) and used it to evaluate the privacy risks associated with these healthcare apps designed for older adults. Our analysis revealed significant gaps in compliance with privacy standards to such, only 25% of apps explicitly state compliance with HIPAA, and only 18% mention GDPR. Surprisingly, 79% of these applications lack breach protocols, putting older adults at risk in the event of a data breach.
... To address this, we evaluated the privacy policies of 28 healthcare apps predominantly used by older adults by creating the Privacy Risk Assessment Framework (PRAF). This framework was established on regulations such as the Health Insurance Portability and Accountability Act (HIPAA) [39], [50], [51], [55] and General Data Protection Regulation (GDPR) [1], [35], [43], [46], aiming to identify any concern in the privacy policies that could impact older adults. Our findings reveal significant variability in the comprehensibility and transparency of privacy policies and key privacy principles such as data minimization, retention period, and breach protocol were unevenly implemented across the apps. ...
Conference Paper
The widespread adoption of telehealth systems has led to a significant increase in the use of healthcare apps among older adults, but this rapid growth has also heightened concerns about the privacy of their health information. While HIPAA in the US and GDPR in the EU establish essential privacy protections for health information, limited research exists on the effectiveness of healthcare app privacy policies, particularly those used predominantly by older adults. To address this, we evaluated 28 healthcare apps across multiple dimensions, including regulatory compliance, data handling practices, and privacy-focused usability. To do this, we created a Privacy Risk Assessment Framework (PRAF) and used it to evaluate the privacy risks associated with these healthcare apps designed for older adults. Our analysis revealed significant gaps in compliance with privacy standards to such, only 25% of apps explicitly state compliance with HIPAA, and only 18% mention GDPR. Surprisingly, 79% of these applications lack breach protocols, putting older adults at risk in the event of a data breach.
ResearchGate has not been able to resolve any references for this publication.