Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps

Publication Date

2020-01-17

Country of Publication

Egypt

No. of Pages

Main Subjects

Public Health
Medicine

Abstract EN

Background.

Smartphones can tackle healthcare stakeholders’ diverse needs.

Nonetheless, the risk of data disclosure/breach can be higher when using such devices, due to the lack of adequate security and the fact that a medical record has a significant higher financial value when compared with other records.

Means to assess those risks are required for every mHealth application interaction, dependent and independent of its goals/content.

Objective.

To present a risk assessment feature integration into the SoTRAACE (Socio-Technical Risk-Adaptable Access Control) model, as well as the operationalization of the related mobile health decision policies.

Methods.

Since there is still a lack of a definition for health data security categorization, a Delphi study with security experts was performed for this purpose, to reflect the knowledge of security experts and to be closer to real-life situations and their associated risks.

Results.

The Delphi study allowed a consensus to be reached on eleven risk factors of information security related to mobile applications that can easily be adapted into the described SoTRAACE prototype.

Within those risk factors, the most significant five, as assessed by the experts, and in descending order of risk level, are as follows: (1) security in the communication (e.g., used security protocols), (2) behavioural differences (e.g., different or outlier patterns of behaviour detected for a user), (3) type of wireless connection and respective encryption, (4) resource sensitivity, and (5) device threat level (e.g., known vulnerabilities associated to a device or its operating system).

Conclusions.

Building adaptable, risk-aware resilient access control models into the most generalized technology used nowadays (e.g., smartphones) is crucial to fulfil both the goals of users as well as security and privacy requirements for healthcare data.

American Psychological Association (APA)

Moura, Pedro& Fazendeiro, Paulo& Inácio, Pedro R. M.& Vieira-Marques, Pedro& Ferreira, Ana. 2020. Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps. Journal of Healthcare Engineering،Vol. 2020, no. 2020, pp.1-14.
https://search.emarefa.net/detail/BIM-1186276

Modern Language Association (MLA)

Moura, Pedro…[et al.]. Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps. Journal of Healthcare Engineering No. 2020 (2020), pp.1-14.
https://search.emarefa.net/detail/BIM-1186276

American Medical Association (AMA)

Moura, Pedro& Fazendeiro, Paulo& Inácio, Pedro R. M.& Vieira-Marques, Pedro& Ferreira, Ana. Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps. Journal of Healthcare Engineering. 2020. Vol. 2020, no. 2020, pp.1-14.
https://search.emarefa.net/detail/BIM-1186276

Data Type

Journal Articles

Language

English

Notes

Includes bibliographical references

Record ID

BIM-1186276

SaveSaved Print

Arab Citation & Impact Factor "Arcif"

Largest Arabic Database of Citations Analysis for the Arabic Scholarly Journals Issued in Arab World.

e-Marefa Platform for Arabic Textbook.

"Kashif" for Checking Similarity or Plagiarism in the Arabic Researches. know more