Customer privacy on UK healthcare websites

Privacy has been and continues to be one of the key challenges of an age devoted to the accumulation, processing, and mining of electronic information. In particular, privacy of healthcare-related information is seen as a key issue as health organizations move towards the electronic provision of services. The aim of the research detailed in this paper has been to analyse privacy policies on popular UK healthcare-related websites to determine the extent to which consumer privacy is protected. The author has combined approaches (such as approaches focused on usability, policy content, and policy quality) used in studies by other researchers on e-commerce and US healthcare websites to provide a comprehensive analysis of UK healthcare privacy policies. The author identifies a wide range of issues related to the protection of consumer privacy through his research analysis using quantitative results. The main outcomes from the author's research are that only 61% of healthcare-related websites in their sample group posted privacy policies. In addition, most of the posted privacy policies had poor readability standards and included a variety of privacy vulnerability statements. Overall, the author's findings represent significant current issues in relation to healthcare information protection on the Internet. The hope is that raising awareness of these results will drive forward changes in the industry, similar to those experienced with information quality.

[1]  Neha Jain,et al.  Specifying privacy policies with P3P and EPAL: lessons learned , 2004, WPES '04.

[2]  K. LaBar Beyond Fear , 2007, Current directions in psychological science.

[3]  Annie I. Antón,et al.  Analyzing Website privacy requirements using a privacy goal taxonomy , 2002, Proceedings IEEE Joint International Conference on Requirements Engineering.

[4]  Anthony D. Miyazaki,et al.  Internet Seals of Approval: Effects on Online Privacy Policies and Consumer Perceptions , 2002 .

[5]  Matthew W. Vail,et al.  An analysis of web site privacy policy evolution in the presence of HIPAA , 2004 .

[6]  Christos K Georgiadis,et al.  Implementing Context and Team Based Access Control in Healthcare Intranets , 2002, Medical informatics and the Internet in medicine.

[7]  Ravi S. Sandhu,et al.  RBAC on the Web by Secure Cookies , 1999, DBSec.

[8]  D P Mundy,et al.  Security issues in the electronic transmission of prescriptions , 2003, Medical informatics and the Internet in medicine.

[9]  G Pangalos,et al.  Security of medical multimedia , 2002, Medical informatics and the Internet in medicine.

[10]  Lucas D. Introna,et al.  Privacy in the Information Age: Stakeholders, Interests and Values , 1999, Journal of business ethics : JBE.

[11]  Rüdiger Grimm,et al.  Can P3P help to protect privacy worldwide? , 2000, MULTIMEDIA '00.

[12]  Carl Gutwin,et al.  Improving understanding of website privacy policies with fine-grained policy anchors , 2005, WWW '05.

[13]  M. Crawford The Art of Readable Writing , 1969 .

[14]  D. Pothier Patients and the internet: are websites on glue ear readable? , 2005, Clinical otolaryngology : official journal of ENT-UK ; official journal of Netherlands Society for Oto-Rhino-Laryngology & Cervico-Facial Surgery.

[15]  Annie I. Antón,et al.  The role of policy and stakeholder privacy values in requirements engineering , 2001, Proceedings Fifth IEEE International Symposium on Requirements Engineering.

[16]  Maged N Kamel Boulos British internet-derived patient information on diabetes mellitus: is it readable? , 2005, Diabetes technology & therapeutics.

[17]  P Gossman,et al.  All change for research , 1987, British medical journal.

[18]  Lorrie Faith Cranor,et al.  Automated analysis of P3P-enabled Web sites , 2003, ICEC '03.

[19]  Annie I. Antón,et al.  A Taxonomy for Web Site Privacy Requirements , 2001 .

[20]  Axel van Lamsweerde,et al.  Goal-Oriented Requirements Engineering: A Guided Tour , 2001, RE.

[21]  Julie Coiro Reading comprehension on the Internet: Expanding our understanding of reading comprehension to encompass new literacies , 2003 .

[22]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[23]  Clare-Marie Karat,et al.  Usable security and privacy: a case study of developing privacy management tools , 2005, SOUPS '05.