personal healthcare and patient privacy

Personal Healthcare and Patient

Privacy

Asst. Prof. Dr. Sudsanguan Ngamsuriyaroj

คณะเทคโนโลยสีารสนเทศและการส่ือสาร

มหาวิทยาลยัมหิดล

25 November 2016

National Conference on Medical Informatics 2016, Bangkok, Thailand

Agenda

• Traditional Healthcare Systems

• Personal Healthcare

• IT for Personal Healthcare

• Data Protection in General

• Privacy of Personal Patient Records

NCMedInfo 2016 2

Traditional Healthcare Systems

• Hospitals via HIS usually keep records of individual patients

• During care and diagnosis, individual information is collected, stored, processed, analyzed and used• Operated as a case-by-case basis

• Patient information is collected when a patient visits a hospital

• No information obtained when a patient is away from hospitals

NCMedInfo 2016 3

Traditional Healthcare Systems• How individual healthcare data is collected

• Frequency of collection (symptom, medicine, lab, etc.)

• Hospitals collect transactions of patient visits

• Data generated once a month or 3 months at a time

• Accuracy of data collection ?

• How individual healthcare records are kept• In a hospital information system (HIS)

• Patient privacy – Centralized control at HIS

NCMedInfo 2016 4

Personal Healthcare

• What if:• Symptom of a patient is collected every day

• Other extra information such as exercise activities and dietary intake are now possible to collect

• Data association among patients with similar symptom is analyzed

NCMedInfo 2016 5

Personal Healthcare

NCMedInfo 2016 6

http://www.tacomacc.edu/UserFiles/Servers/Server_6/File/him/HIM125/PurposeANDfunctionklee/PurposeANDfunctionklee_print.html

Personal Health Records

An electronic personal health record is an application used by patients to maintain and manage their health information in a private, secure and confidential environment.

NCMedInfo 2016 7

http://www.slideshare.net/magicalayush/personal-health-records-48040846

Personal Health Records

Benefits

• Accessible anywhere, anytime from any device

• Could be a lifesaver in an emergency as it gives vital information such as blood type, doctor’s contact, drug allergy, previous records of visits, etc.

NCMedInfo 2016 8


Personal Health Records• Doctor’s name and phone number • Allergies, including drug allergies• Medications, including dosages• Chronic health problems such as

high blood pressure or Cholesterol level

• Major surgeries with dates• Family history• Immunization history• Exercise and dietary habits• Health goals such as stopping

smoking and losing weight

NCMedInfo 2016 9http://www.slideshare.net/magicalayush/personal-health-records-48040846

https://itunes.apple.com/us/app/personal-health-record-lite/id586856275?mt=8

Personal Health Record Software

NCMedInfo 2016 10

https://www.healthspek.com/


NCMedInfo 2016 11



NCMedInfo 2016 12

https://play.google.com/store/apps/details?id=com.stabilix.hcandroid.activity


NCMedInfo 2016 13

Microsoft HealthVault connects end users with more than 70 devices, such as blood pressure and blood glucose monitors, weight scales, pedometers, and peak flow meters, enabling consumers to track and share their health information as they wish

https://www.healthvault.com/th/en/overview

NCMedInfo 2016 14

Connection of HIS and PHR

http://e-caremanagement.com/tag/personal-health-information-network/

Arrivals of IT for Personal Healthcare

•Mobile computing via smart phones• Collect and store personal health records

• Give security and privacy protection

• Internet of Things (IoT) via sensors• Collect vital signs from human body

•Cloud computing for data collection• A path to HIS

• A platform to collect and analyze health data

NCMedInfo 2016 15

Personal Health Record

NCMedInfo 2016 16

https://www.webmdhealthservices.com/product/personal-health-record/

PHR Applications on Mobile

NCMedInfo 2016 17

http://www.activdoctorsonline.com/solutions/personal-health-records/

PHR Data Collection via IoT Sensors

NCMedInfo 2016 18

http://www.iotmashups.com/the-internet-of-opportunities-its-just-the-beginning-of-the-iot-era/

IoT in Healthcare

NCMedInfo 2016 19

https://www.cbinsights.com/blog/iot-healthcare-market-map-company-list/

PHR on Cloud

NCMedInfo 2016 20

Deliver

Collaborative

Care for

Prevention and

Wellness

Achieve

Better

Quality And

Outcomes

Improve

Operational

Effectiveness

Healthca

re G

oals

Cloud Computing by

collaborative management

of patient data through

various departments helps

in delivering effective

patient care.

Provides advance

analytics of patient

data thereby enabling

more efficient diagnosis.

Brings Flexibility in

operations to support

cost reduction and

excels both clinical and

business performance.

Clo

ud C

om

pu

ting

Coordinated Work

Enhance Quality

Cost Benefits

http://www.slideshare.net/occamsresearch/cloud-healthcare-ppt-1

In USA, 83% of healthcare organizations using cloud-based applications

Privacy Protection in General

•De-identification/

Anonymization

• Encryption

NCMedInfo 2016 21

http://shop.oreilly.com/product/0636920029229/ViewLarger.do?sortby=publicationDate

Data Anonymization

NCMedInfo 2016 22

Data anonymization is the process applied on data to prevent identification

of individuals, making it possible to

share and analyze data securely

http://www.slideshare.net/KaiX/lions-zebras-and-big-data-anonymization

NCMedInfo 2016 23

Data Anonymization

http://www.slideshare.net/KaiX/lions-zebras-and-big-data-anonymization

Data Anonymization

NCMedInfo 2016 24

http://www.slideshare.net/PrivacyAnalytics_Anonymization/improving-healthcare-outcomes-with-deeper-insight-from-anonymized-data

Data Anonymization

NCMedInfo 2016 25

http://www.slideshare.net/PrivacyAnalytics_Anonymization/improving-healthcare-outcomes-with-deeper-insight-from-anonymized-data

Encryption / Decryption

NCMedInfo 2016 26

Data at rest or Data in transit

https://avraj.wordpress.com/tag/tutorial/

Symmetric KeyEncryptionusing one key

Encryption / Decryption

NCMedInfo 2016 27

Data at rest or Data in transit

https://avraj.wordpress.com/tag/tutorial/

Public KeyEncryptionusing two keys

Data and User Classification• Sensitive data

• HN

• Name

• Symptom

• ICD 10 – Disease Code

• Prescription records

• Doctor name

• Family records

• Non-Sensitive• Address

• Mobile phone

• Emergency contactNCMedInfo 2016 28

• Patient

• Doctor

• Nurse

• Lab technician

• Pharmacist

• Family members

• Insurance company

Secure PHR on Cloud

NCMedInfo 2016 29

Changji Wang, Xuan Liu, Wentao Li, Design and implementation of a secure cloud-based personal health record system using ciphertext-policy attribute-based encryption, International Journal of Intelligent Information and Database Systems, Jan 2013

Secure PHR on Cloud

NCMedInfo 201630

http://www.slideshare.net/naveenbtlit/scalable-and-secure-sharing-of-personal-health-records-in-cloud-computing-using-attribute-based-encryption-21661227

• Data generation

• Data collection

• Data storage

• Data usage

• Data sharing

• Data archive

• Data removal

NCMedInfo 2016 31

Privacy of Personal Patient Records

Data Lifecycle

http://www.spirion.com/us/solutions/data-lifecycle-management

Q & A

THANK YOU

NCMedInfo 2016 32