On Privacy Protection of Consumer Data Collected by e-Health Devices

Autor(i)

  • Vladimir Stanisavljevic University North, Croatia
  • Bruno Tekić Sauerborn University North, Croatia

DOI:

https://doi.org/10.54820/entrenova-2023-0013

Ključne riječi:

GDPR, cloud services, e-health, smart-watches, IoT

Sažetak

The non-certified e-health segment is gaining momentum around the world. The trend was significantly advanced by the introduction of several sports and medical measuring devices in the form of smartwatches. There has also been a resurgence of other medical Internet of Things class devices. Several devices connect to a product or platform-specific online (Cloud) service for storing, exchanging, analysing and monitoring the customer-collected e-health data. The devices and the data collected allow the consumers to continuously track their sports achievements, movement, vital signs, essential health state, etc. while receiving some recommendations and warnings based on the measurements. As some recent examples showed, the data collected can contain sensitive information that could be used creatively and unexpectedly, either positively or negatively. Unlike professional healthcare systems, which should comply with the strict GDPR, there is much less pressure on commercial entities in the consumer technological sector to provide more privacy options for data collection through their devices. In this work, we analyse the data typically collected by consumer e-health devices and assess possible risks that commercial entities present to their customer in unauthorised use of the data for their commercial advances. They use obscure legal language to prevent users from consenting to various data usages while providing primary data storing functionality. Moreover, there is a significant risk of using the data for repression in some contexts. We analyse the sector's current state and provide some recommendations to consumers and legislation to improve consumer rights to privacy while enhancing their health. At the same time, we recommend how the professional health sector should benefit from the collected data to improve their operations.

Biografije autora

Vladimir Stanisavljevic, University North, Croatia

Vladimir Stanisavljević is a senior lecturer at the University North in Croatia, and he's also the principal investigator in his private company. He earned his master's degree in computer science from the University of Zagreb's Faculty of Electrical Engineering and Computing. His teaching portfolio includes computer technology, information management, IT technologies, medical informatics, computer programming, and various operating systems. Vladimir possesses extensive research and industry expertise, particularly in computer vision systems, telecommunications, traffic management, and printing. He has worked as a researcher, system implementor, programmer, consultant, and educator. The author can be contacted at vladost@unin.hr.

Bruno Tekić Sauerborn, University North, Croatia

Bruno Tekić Sauerborn was a bachelor student of Nursing at University North. Now, he is a Master of Business Administration student. He is passionate about computers, mobile devices, and wearable technology, especially video games and their development and business management. He has working experience in customer support and as a manager.

Reference

U.S. Department of Health and Human Services, n.d. NIH: National Institute of Diabetes and Digestive and Kidney Diseases. [Online]

Available at: https://www.niddk.nih.gov/health-information/diabetes/overview/managing-diabetes/continuous-glucose-monitoring

David C. Klonoff, K. T. N. N. Y. X. a. M. A. A., 2021. Noninvasive Glucose Monitoring: In God We Trust—All Others Bring Data. Journal of Diabetes Science and Technology, 15(6), pp. 1211-1215.

Hoel, T. & Chen, W., 2018. Privacy and data protection in learning analytics should be motivated by an educational maxim—towards a proposal. Research and Practice in Technology Enhanced Learning, 12.13(12).

Värri, A., 2023. The impact of the EU Digital Services Act and Digital Markets Act on health information systems. Finnish Journal of eHealth and eWelfare, 4.

European parlament, 2022. Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act) (Text with EEA relevance). [Online]

Available at: https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32022R2065

Tekić Sauerborn, B., 2022. Zaštita privatnosti bio-medicinskih podataka prikupljenih pomoću pametnih satova (in Croatian). [Online]

Available at: https://repozitorij.unin.hr/islandora/object/unin:5083

[Accessed 5 2023].

Rawassizadeh, R., Price, B. A. & Petre, M., 2015. Wearables: Has the Age of Smartwatches Finally Arrived?. Communications of the ACM, January, 58(1), pp. 45-47.

World Health Organization, n.d. [Online].

Reeder, B. & David, A., 2016. Health at hand: A systematic review of smart watch uses for health and wellness. Journal of Biomedical Informatics, Volume 63, p. 269–276.

Kenny, G. & Connolly, R., 2016. Drivers of Health Information Privacy Concern: A Comparison Study. San Diego, s.n.

Shastri, S., Wasserman, M. & Chidambaram, V., 2016. The Seven Sins of Personal-Data Processing Systems under GDPR. s.l., s.n.

EU-Lex, 2016. Regulation (EU) 2016/679 Of The European Parliament And Of The Council. Official Journal of the European Union, 27 4.

Utz, C. et al., 2019. (Un)informed Consent: Studying GDPR Consent Notices in the Field.

Guardado, S., Isomursu, M. & Giunti, G., 2022. Health Care Professionals ́ Perspectives on the Uses of Patient-Generated Health Data. In: Challenges of Trustable AI and Added-Value on Health. s.l.:European Federation for Medical Informatics (EFMI) and IOS Press, pp. 750-754.

Laric, M. V., Pitta, D. A., Baltimore & Katsanis, L. P., 2009. Consumer Concerns For Healthcare Information Privacy: A Comparison Of Us And Canadian Perspectives. Research In Healthcare Financial Management, 12(1), pp. 93-111.

Liu, K. et al., 2022. Evaluating the Privacy Policy of Android Apps: A Privacy Policy Compliance Study for Popular Apps in China and Europe. Scientific Programming, Volume 2022.

##submission.downloads##

Objavljeno

2024-05-01

Kako citirati

Stanisavljevic, V. ., & Tekić Sauerborn, B. . (2024). On Privacy Protection of Consumer Data Collected by e-Health Devices. ENTRENOVA - ENTerprise REsearch InNOVAtion, 9(1), 121–131. https://doi.org/10.54820/entrenova-2023-0013

Broj časopisa

Svezak 9 Br. 1 (2023)

Rubrika

Health, Education, and Welfare

Autorska prava

Copyright (c) 2024 Vladimir Stanisavljevic, Bruno Tekić Sauerborn

Creative Commons License

Ovaj rad licenciran je pod Creative Commons Attribution-NonCommercial 4.0 International License.