Security Considerations for E-Mental Health Interventions

Security considerations are an often overlooked and underfunded aspect of the development, delivery, and evaluation of e-mental health interventions although they are crucial to the overall success of any eHealth project. The credibility and reliability of eHealth scientific research and the service delivery of eHealth interventions rely on a high standard of data security. This paper describes some of the key methodological, technical, and procedural issues that need to be considered to ensure that eHealth research and intervention delivery meet adequate security standards. The paper concludes by summarizing broad strategies for addressing the major security risks associated with eHealth interventions. These include involving information technology (IT) developers in all stages of the intervention process including its development, evaluation, and ongoing delivery; establishing a wide-ranging discourse about relevant security issues; and familiarizing researchers and providers with the security measures that must be instituted in order to protect the integrity of eHealth interventions.

[1]  Matt Bishop,et al.  What Is Computer Security? , 2003, IEEE Secur. Priv..

[2]  Herbert H. Thompson,et al.  Why Security Testing Is Hard , 2003, IEEE Secur. Priv..

[3]  Chris Anley,et al.  Advanced SQL Injection In SQL Server Applications , 2002 .

[4]  G. Andersson Using the Internet to provide cognitive behaviour therapy. , 2009, Behaviour research and therapy.

[5]  Joan Hash,et al.  Building an Information Technology Security Awareness and Training Program , 2003 .

[6]  P. Shekelle,et al.  Systematic Review: Impact of Health Information Technology on Quality, Efficiency, and Costs of Medical Care , 2006, Annals of Internal Medicine.

[7]  Alec Holt,et al.  Consumers are ready to accept the transition to online and electronic records if they can be assured of the security measures. , 2007, MedGenMed : Medscape general medicine.

[8]  Donald Firesmith,et al.  Engineering Security Requirements , 2003, J. Object Technol..

[9]  T. Frieden,et al.  Ethics in public health research: privacy and public health at risk: public health confidentiality in the digital age. , 2008, American journal of public health.

[10]  Jennifer L. Pomeranz,et al.  The Delivery of Public Health Interventions via the Internet: Actualizing Their Potential , 2011 .

[11]  Laurie Williams,et al.  The costs and benefits of pair programming , 2001 .

[12]  Giuseppe A. Di Lucca,et al.  Identifying cross site scripting vulnerabilities in Web applications , 2004, Proceedings. Sixth IEEE International Workshop on Web Site Evolution.

[13]  C. Fisher,et al.  Internet-mediated psychological services and the American Psychological Association Ethics Code. , 2003 .

[14]  C. Matthew Curtin,et al.  Using Science to Combat Data Loss: Analyzing Breaches by Type and Industry , 2008 .

[15]  R. Perlman,et al.  An overview of PKI trust models , 1999, IEEE Netw..

[16]  Gary McGraw,et al.  Risk Analysis in Software Design , 2004, IEEE Secur. Priv..

[17]  Claudia Pagliari,et al.  Design and Evaluation in eHealth: Challenges and Implications for an Interdisciplinary Field , 2007, Journal of medical Internet research.