GDPR and Systems for Health Behavior Change: A Systematic Review

eHealth systems for behavior change need to cope with a wide variety of privacy requirements specified by governmental and other regulations. We conducted a systematic review of scientific articles. Analysis of the articles revealed General Data Protection Regulation (GDPR) compliant eHealth technologies, challenges posed by GDPR as well as early solutions for them. In addition, we highlight key GDPR issues to be considered when designing persuasive technologies.

[1]  K Mohammad Hossein,et al.  Blockchain-Based Privacy-Preserving Healthcare Architecture , 2019, 2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE).

[2]  Stelvio Cimato,et al.  Are mHealth Apps Secure? A Case Study , 2018, 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC).

[3]  Leonie Ruth Simpson,et al.  Security and Privacy in eHealth: Is it possible? , 2013, 2013 IEEE 15th International Conference on e-Health Networking, Applications and Services (Healthcom 2013).

[4]  Klaus-Robert Müller,et al.  Explainable Artificial Intelligence: Understanding, Visualizing and Interpreting Deep Learning Models , 2017, ArXiv.

[5]  R. Neame,et al.  Privacy protection for personal health information and shared care records. , 2014, Informatics in primary care.

[6]  Ravikiran Vatrapu,et al.  Blockchain-based Personal Health Data Sharing System Using Cloud Storage , 2018, 2018 IEEE 20th International Conference on e-Health Networking, Applications and Services (Healthcom).

[7]  Rainer Lutze,et al.  Digital Twins in eHealth – : Prospects and Challenges Focussing on Information Management , 2019, 2019 IEEE International Conference on Engineering, Technology and Innovation (ICE/ITMC).

[8]  Dimitrios Tzovaras,et al.  Secure IoT e-Health Applications using VICINITY Framework and GDPR Guidelines , 2019, 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS).

[9]  Jarkko Hyysalo,et al.  Consent Management Architecture for Secure Data Transactions , 2016, ICSOFT-EA.

[10]  L. Miclea,et al.  New Era for Technology in Healthcare Powered by GDPR and Blockchain , 2019, 6th International Conference on Advancements of Medicine and Health Care through Technology; 17–20 October 2018, Cluj-Napoca, Romania.

[11]  Luciano Floridi,et al.  Transparent, explainable, and accountable AI for robotics , 2017, Science Robotics.

[12]  Cheng Chang,et al.  Automated and Personalized Privacy Policy Extraction Under GDPR Consideration , 2019, WASA.

[13]  T. Greenhalgh,et al.  Why Do Evaluations of eHealth Programs Fail? An Alternative Set of Guiding Principles , 2010, PLoS medicine.

[14]  Ahmed Bouabdallah,et al.  A Privacy Safeguard Framework for a WebRTC/WoT-Based Healthcare Architecture , 2018, 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC).

[15]  Patty Kostkova Disease surveillance data sharing for public health: the next ethical frontiers , 2018, Life sciences, society and policy.

[16]  Robbert-Jan Beun,et al.  Improving Adherence in Automated e-Coaching - A Case from Insomnia Therapy , 2016, PERSUASIVE.

[17]  Ana Ferreira,et al.  Translating GDPR into the mHealth Practice , 2018, 2018 International Carnahan Conference on Security Technology (ICCST).

[18]  Julia E.W.C. van Gemert-Pijnen,et al.  CeHRes Roadmap to Improve Dementia Care , 2015 .

[19]  Harri Oinas-Kukkonen,et al.  Personalization Myopia: A Viewpoint to True Personalization of Information Systems , 2018, MindTrek.

[20]  Sotiris Ioannidis,et al.  Cyber Insurance of Information Systems: Security and Privacy Cyber Insurance Contracts for ICT and Helathcare Organizations , 2019, 2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD).

[21]  Rossana Ducato,et al.  Cloud computing for s-health and the data protection challenge: Getting ready for the General Data Protection Regulation , 2016, 2016 IEEE International Smart Cities Conference (ISC2).

[22]  Giorgia Bincoletto A Data Protection by Design Model for Privacy Management in Electronic Health Records , 2019, APF.

[23]  Wanda Pratt,et al.  How to evaluate technologies for health behavior change in HCI research , 2011, CHI.

[24]  Antonio Jesús Díaz-Honrubia,et al.  An Overview of the CUREX Platform , 2019, 2019 IEEE 32nd International Symposium on Computer-Based Medical Systems (CBMS).

[25]  Janet Davis Design methods for ethical persuasive computing , 2009, Persuasive '09.

[26]  Yvonne O'Connor,et al.  Privacy by Design: Informed Consent and Internet of Things for Smart Health , 2017, EUSPN/ICTH.

[27]  Daniel Slamanig,et al.  Privacy Aspects of eHealth , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[28]  A. Jadad,et al.  What Is eHealth (3): A Systematic Review of Published Definitions , 2005, Journal of medical Internet research.

[29]  Paula J. Durlach,et al.  Data Privacy and Security Considerations for Personal Assistants for Learning (PAL) , 2015, IUI Companion.

[30]  Paolo Guarda "Ok Google, am I sick?": artificial intelligence, e-health, and data protection regulation , 2019 .

[31]  Harri Oinas-Kukkonen,et al.  Persuasive Systems Design: Key Issues, Process Model, and System Features , 2009, Commun. Assoc. Inf. Syst..

[32]  M. Johansen,et al.  Factors Determining the Success and Failure of eHealth Interventions: Systematic Review of the Literature , 2018, Journal of medical Internet research.

[33]  S. Sastry,et al.  Security and Privacy Issues with Health Care Information Technology , 2006, 2006 International Conference of the IEEE Engineering in Medicine and Biology Society.

[34]  Jarkko Paavola,et al.  Privacy Preserving and Resilient Cloudified IoT Architecture to Support eHealth Systems , 2017, InterIoT/SaSeIoT.

[35]  Nicol Nijland,et al.  A Holistic Framework to Improve the Uptake and Impact of eHealth Technologies , 2011, Journal of medical Internet research.

[36]  G. Eysenbach What is e-health? , 2001, Journal of Medical Internet Research.

[37]  Harri Oinas-Kukkonen,et al.  How Does GDPR (General Data Protection Regulation) Affect Persuasive System Design: Design Requirements and Cost Implications , 2019, PERSUASIVE.

[38]  Eckhard Pflügel,et al.  A Novel Privacy Framework for Secure M-Health Applications: The Case of the GDPR , 2019, 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3).

[39]  David Manset,et al.  Enabling trust in healthcare data exchange with a federated blockchain-based architecture , 2019, WI.

[40]  Rabah Attia,et al.  A GDPR Controller for IoT Systems: Application to e-Health , 2019, 2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE).

[41]  Harri Oinas-Kukkonen,et al.  A foundation for the study of behavior change support systems , 2012, Personal and Ubiquitous Computing.