Feasibility analysis of the privacy attributes of the

personal wellness information model

Pirkko Nykänen, Antto Seppälä, Pekka Ruotsalainen, Bernd Blobel

- Introduction- Privacy and privacy attributes- User wellness scenario with privacy attributes- Details of component walk-through- Conclusions

Introduction

• Feasibility study– Outline and clarify things and factors connected to developed

models and solutions– Proof-of-concept

• Wellness information model

Privacy

• Personal health information – confidential, needs to be protected from un-authorised use, access and disclosure

- Person’s ability to control the collection, use and dissemination of

one’s personal information– Persons, groups, institutions to determine themselves WHEN,

HOW and TO WHAT EXTENT information about them is communicated to others

– Privacy is personal and situation dependent concept

• Privacy metrics - to assess the degree to which a particular application complies with privacy requirements– no control, control over one kind of information, control over two kinds of

information or three kinds - Contents, location, identity• TRUST- mediating between privacy and willingness to disclose

private information

Privacy attributes

• Context– Type of domain, phenomena that exist, time(when), location (where), occupation

(who), culture (with whom), rationale (why)• Capability

– ability of the information entity to show the attribute values• Competence

– Level of privacy demonstration• Reliability

– How reliable information or source is considered by the person• Benefit

– Privacy benefits• Benevolance

– Extent to which an individual is perceived to have good intention towards others without profit motive

• Confidence– How confident the user is with the information

• Value– How valuable privacy is considered by a person in action/activity.

User wellness scenario with privacy attributes

Lifestyle

Health care

Social networks

Emotional and mental wellness

Receives treatment, medication and guidance for home care of DM T2

Starts to improve his lifestyle, uses a personal wellness diary system in PC

Searches for peer-support in the Internet, and for information on DM T2

Searches for recovery from depressed moods and support for higher spirits

Case – A 50-year old healthy, employed male, diagnosed recently on Diabetes Mellitus T2

Privacy attributes:Component - health care

Context Regulated

Capability Capable to provide privacy and trust

Competence Assumed to be high

Reliability Organisation-based trust

Benefit High personal benefit

Benevolance Good intention

Confidence Required procedures, standards and safeguards have been implemented

Health care

Receives treatment, medication and guidance for home care of DM T2

Privacy attribute Contents

Privacy attributes: Component lifestyle

Lifestyle

Starts to improve his lifestyle, uses a personal wellness diary system in PC

Context Non-regulated

Confidence Reputation-based

Reliability Past history-based

Benefit High personal benefit

Value High personal value

Privacy attribute Contents

Details of lifestyle component walk-through

Person searches for information on DM T2,on medication and treatment, on healthy lifestyle, on peer-support in the Internet

Privacy attribute – one’s ability to control

Context - Internet, non-regulated, Ability to control: only with certified sites which provide trust, other sites: no control

Confidence – Certified sites provide some confidence, otherwise confidence does not exist

Reliability – Certified sites are considered somewhat reliable, otherwise no reliability

Benefit – Considered high, controlled by a person

Value – Information value is high, very meaningful for the person, value is determined and controlled by a person

Details of lifestyle component walk-through

Person starts a healthy diet and documents his eating and blood sugar levelsin his own wellness diary in a PC

Privacy attribute – one’s ability to control

Context – Non-regulated, control by the person – what to document, where and when to document

Confidence – The person may or may not be confident, depending his abilities and on the security status of his PC

Reliability – PC diary system reliability is controlled normally by PC security service provider, sometimes by a person. Blood glucose meter reliability is not controlled by a person

Benefit – Benefit is considered high, controlled by a person

Value – High value for the person’s DM management and healthy lifestyle

Details of lifestyle component walk-through

Person stores the datahe receives from a doctor in health care into his PC diary system for his Personal use

Privacy attribute – one’s ability to control

Context – data is coming from a regulated context, stored in a non-regulated context, person controls (where, what)

Confidence – the person may, or may not, be confident

Reliability – Data is considered reliable, high trust by a person, data is transferred from an organisational trusted source

Benefit – Considered high, controlled by a person

Value – Information value is high, important for home care, DM management and for healthy lifestyle

How to achieve good privacy status

• Integration of regulated and non-regulated domains– Person has to be aware and have means to control

• Need to develop privacy services for non-regulated environments– To monitor and control privacy attributes

• Trust-building measures– Thirs-party certificates, branding, owner disclosure, self-

regulating policies– Pervasive health > Self-regulating policies– For each model concept the privacy attributes are defined,

made known, controllable and measurable

Trust building measures and processes

• Processes for pervasive ubiquitous health– Predictive - reputation-based trust building– Intentionality – trust is developed if we have perceptions on

the intensions of the service, provider– Capability – person is able to evaluate the ability of the

service, provider– Transference – information is transferred from regulated

context to non-regulated pervasive context

Conclusions

• Privacy management is important– Citizens are reluctant to adopt personal health and wellness

systems– Privacy is a driver for non-regulated health service business

model– Many existing personal health systems do not cover privacy and

security regulations

• Privacy attributes defined to each model concept help citizens to be aware of and to control the privacy of his/her personal health information– Technical solutions are needed to implement the privacy

attributes, to make them known, available and controllable by a person

Thank you!Pirkko.Nykanen@uta.fi

• Seppälä A, Nykänen P, Ruotsalainen P (2012), Development of personal wellness information model for pervasive healthcare. Journal of Computer Networks and Communication, article 596749, 10 pages

• Ruotsalainen P, Blobel B, Seppälä A, Sorvari H, Nykänen P (2012), A Conceptual Framework and Principles for Trusted Pervasive Health. J Med Internet Res 14(2):e52

• Nykänen P and Seppälä A (2012), Collaborative approach for sustainable citizen-centered health care. In: N Wickramasinghe, R K Bali, S Kirn and R Suomi (eds.), Critical issues of sustainable E-health solutions. Health care delivery in the information age. Springer Verlag, 115-134

• Seppälä A, Nykänen P (2011), Contextual analysis and modeling of personal wellness. In: Joaquim Filipe and Jan L. G. Dietz (Eds.) KEOD 2011, Proceedings of the International Conference Knowledge Engineering and Ontology Development - Paris, France, 26-29 October 2011: SciTePress - Science and Technology Publications, 202-207

• P Ruotsalainen, B Blobel, P Nykänen, A Seppälä, H Sorvari (2011), Framework model and principles for trusted information sharing in pervasive health. In: A Moen, SK Andersen, J Aarts and P Hurlen (eds.), User Centred Networked Health Care. Proccedings of MIE2011, Oslo. IOS Press, Amsterdam, 497-501

• Nykänen P, Ruotsalainen P, Blobel B and Seppälä A (2009), Research on trusted personal health and wellness information in ubiquitous health information space. In: O. Dössel and WC Schlegel (Eds.): World Congress 2009, IFMBE Proceedings 25/XII, 432–435