A systematic review of gamification in e-Health

The release of smartphones and tablets, which offer more advanced communication and computing capabilities, has led to the strong emergence of mHealth on the market. mHealth systems are being used to improve patients' lives and their health, in addition to facilitating communication between doctors and patients. Researchers are now proposing mHealth applications for many health conditions such as dementia, autism, dysarthria, Parkinson's disease, and so on. Usability becomes a key factor in the adoption of these applications, which are often used by people who have problems when using mobile devices and who have a limited experience of technology. The aim of this paper is to investigate the empirical usability evaluation processes described in a total of 22 selected studies related to mHealth applications by means of a Systematic Literature Review. Our results show that the empirical evaluation methods employed as regards usability could be improved by the adoption of automated mechanisms. The evaluation processes should also be revised to combine more than one method. This paper will help researchers and developers to create more usable applications. Our study demonstrates the importance of adapting health applications to users' need.

Empirical Studies on Usability of mHealth Apps: A Systematic Literature Review

Cloud computing is emerging as a new computing paradigm in the healthcare sector besides other business domains. Large numbers of health organizations have started shifting the electronic health information to the cloud environment. Introducing the cloud services in the health sector not only facilitates the exchange of electronic medical records among the hospitals and clinics, but also enables the cloud to act as a medical record storage center. Moreover, shifting to the cloud environment relieves the healthcare organizations of the tedious tasks of infrastructure management and also minimizes development and maintenance costs. Nonetheless, storing the patient health data in the third-party servers also entails serious threats to data privacy. Because of probable disclosure of medical records stored and exchanged in the cloud, the patients' privacy concerns should essentially be considered when designing the security and privacy mechanisms. Various approaches have been used to preserve the privacy of the health information in the cloud environment. This survey aims to encompass the state-of-the-art privacy-preserving approaches employed in the e-Health clouds. Moreover, the privacy-preserving approaches are classified into cryptographic and noncryptographic approaches and taxonomy of the approaches is also presented. Furthermore, the strengths and weaknesses of the presented approaches are reported and some open issues are highlighted.

A Review on the State-of-the-Art Privacy-Preserving Approaches in the e-Health Clouds

To achieve confidentiality, authentication, integrity of medical data, and support fine-grained access control, we propose a secure electronic health record (EHR) system based on attribute-based cryptosystem and blockchain technology. In our system, we use attribute-based encryption (ABE) and identity-based encryption (IBE) to encrypt medical data, and use identity-based signature (IBS) to implement digital signatures. To achieve different functions of ABE, IBE and IBS in one cryptosystem, we introduce a new cryptographic primitive, called combined attribute-based/identity-based encryption and signature (C-AB/IB-ES). This greatly facilitates the management of the system, and does not need to introduce different cryptographic systems for different security requirements. In addition, we use blockchain techniques to ensure the integrity and traceability of medical data. Finally, we give a demonstrating application for medical insurance scene.

Secure Cloud-Based EHR System Using Attribute-Based Cryptosystem and Blockchain

A hybrid solution for privacy preserving medical data sharing in the cloud environment

Security and privacy in electronic health records: A systematic literature review

Background: Several obstacles prevent the adoption and use of personal health record (PHR) systems, including users’ concerns regarding the privacy and security of their personal health information. Objective: To analyze the privacy and security characteristics of PHR privacy policies. It is hoped that identification of the strengths and weaknesses of the PHR systems will be useful for PHR users, health care professionals, decision makers, and designers. Methods: We conducted a systematic review using the principal databases related to health and computer science to discover the Web-based and free PHR systems mentioned in published articles. The privacy policy of each PHR system selected was reviewed to extract its main privacy and security characteristics. Results: The search of databases and the myPHR website provided a total of 52 PHR systems, of which 24 met our inclusion criteria. Of these, 17 (71%) allowed users to manage their data and to control access to their health care information. Only 9 (38%) PHR systems permitted users to check who had accessed their data. The majority of PHR systems used information related to the users’ accesses to monitor and analyze system use, 12 (50%) of them aggregated user information to publish trends, and 20 (83%) used diverse types of security measures. Finally, 15 (63%) PHR systems were based on regulations or principles such as the US Health Insurance Portability and Accountability Act (HIPAA) and the Health on the Net Foundation Code of Conduct (HONcode). Conclusions: Most privacy policies of PHR systems do not provide an in-depth description of the security measures that they use. Moreover, compliance with standards and regulations in PHR systems is still low. [J Med Internet Res 2012;14(4):e114]

Are personal health records safe? A review of free web-accessible personal health record privacy policies.

https://scielo.isciii.es/pdf/gs/v26n5/revision1.pdf

Gestión del control de acceso en historiales clínicos electrónicos: revisión sistemática de la literatura

espanolEste trabajo presenta los resultados de una revision sistematica de la literatura (RSL) relacionada con aspectos de seguridad y privacidad de Historias Clinicas Electronicas (HCE) e identifica que enfoques de auditoria de HCEs existen. Se extrajeron 605 articulos usando una cadena de busqueda predefinida y se reviso el resultado de la misma por parte de tres autores, mientras que otro comprobo dicha revision. Se seleccionaron 24 articulos, de los cuales, 17 mencionaban estandares, la mayoria relacionados con la privacidad y proteccion de datos de HCE. Diez de los estudios senalan que se deben encriptar los HCEs. Cuatro trabajos proponen el uso de la tecnica del pseudoanonimato para mantener la privacidad del paciente. Tres de los articulos proponen usar un esquema de firma digital para garantizar la autenticidad e integridad de los datos. Finalmente, once de los estudios incluidos consideran necesario realizar una pista de auditoria del sistema. En los ultimos anos se han disenado estandares y promulgado directivas que intentan conseguir una mayor homogeneidad de los sistemas de HCEs y lograr de esta forma que los sistemas de HCEs sean interoperables. Sin embargo, los desarrolladores de la mayoria de los sistemas de han definido su arquitectura basandose en los estandares actuales, y esto esta suponiendo un agravante a la ya de por si dificil tarea de conseguir la interoperabilidad de los sistemas de HCEs. EnglishThis study reports the results of a Systematic Literature Review (SLR) related to security and privacy of Electronic Health Records (EHRs) and identifies what EHR audit approaches exist. We extracted 605 articles using a predefined search string and review the outcome of this by three authors, while another checks it. In total, we selected 24 papers, of which 17 mentioned standards, the most of them were related to privacy and security of EHR data. Ten studies mention that EHRs must be encrypted. Four studies propose the use of pseudoanonymity technique to maintain patient´s privacy. Three articles propose to use a digital signature scheme to guarantee data authenticity and integrity. Finally, eleven review studies perform a system auditlog. In re cent years standards have been designed and directives have been promulgated in order to reach homogeneous EHR systems and, therefore, interoperable EHR systems. However, EHR systems have not been defined using the actual standards and this hinders the interoperability of them.

https://dialnet.unirioja.es/descarga/articulo/4201628.pdf

Inmaculada Carrión Señor

Papers

Security and privacy in electronic health records: A systematic literature review

Are personal health records safe? A review of free web-accessible personal health record privacy policies.

Gestión del control de acceso en historiales clínicos electrónicos: revisión sistemática de la literatura

Seguridad y Privacidad en Historiales Clínicos Electrónicos: una Revisión Sistemática de la Literatura