android for healthcare - droidcon london 2013

Androidby Linden Darlingfor Healthcare

About me● lead Android dev on Australia’s

first (public) eHealth app project

● redesigned and developing Premature Baby Journal for Android

● inspired to help people via healthcare

disrupting healthcare

opportunities galore

know therisks

Androiddesign

Healing Healthcare● paper-based legacy systems● procedures that aren’t ideal, limited

effectiveness● slow moving industry● awesome new technologies● massive mobile adoption rates

= an industry right for disruption!

disrupting healthcare

opportunities galore

know therisks

Androiddesign

patientdental veterinary

monitoringremote

federation

EMRcostaudits

nursessharing

processes pharmacists

emergencyquality

doctors

homeeducation

miniaturisation

safetytranslationanalysis orchestrationcommunication

Bluetooth LEsupply

New devices, new opportunities● Tablets

○ Kiosks● Google Glass● SmartWatches

○ Omate TrueSmart○ Galaxy Gear○ Sony Smartwatch 2○ Google Gem (?)

○ Pearl AW414○ Qualcomm Toq

Contraction Timerby Ian Lake

Healthcare industry● define: eHealth● how is it in Australia?● and the rest of the world?● what of the future?

eBlueBookNSW Ministry of Health

● iOS & Android adaptation of legacy paper-based process

● integrated with PCEHR

Helping patients & their families● monitoring at home● EMR access● patient education

patient engagement: better outcomesreduced cost

Helping healthcare workers● EMR access● paperless hospital● faster data entry & higher accuracy

less hassle: better outcomesreduced cost

Overhelping | clash of interests● Sharing too much info● Non-medical wording in EMR● losing that personal touch● Adoption rates? ROI?

Future?● the reach of mobile● we’ll all be more dependant with age● “reHealth” / eHealth 3.0

○ tighter control of data (locking)○ AI systems to aid quality data input○ federate records internationally

disrupting healthcare

opportunities galore

know therisks

Androiddesign

So what could go wrong?● fail to satisfy = fail to help● compromise patient privacy● cause ripple effect in value-chain

Privacy matters● Medical Records = subset of sensitive

information● Privacy legislation...● Data breach

○ bad press, brand damage○ massive fines○ costs in cleanup

health information means: (a) information or an opinion about: (i) the health or a disability (at any time) of an individual; or (ii) an individual’s expressed wishes about the future provision of health

services to him or her; or (iii) a health service provided, or to be provided, to an individual; that is also personal information; or (b) other personal information collected to provide, or in providing, a health

service; or (c) other personal information about an individual collected in connection with the

donation, or intended donation, by the individual of his or her body parts, organs or body substances; or

(d) genetic information about an individual in a form that is, or could be, predictiveof the health of the individual or a genetic relative of the individual.

extract from Australia’s Privacy Act 1988

sensitive information means: (a) information or an opinion about an individual’s: (i) racial or ethnic origin; or (ii) political opinions; or (iii) membership of a political association; or (iv) religious beliefs or affiliations; or (v) philosophical beliefs; or (vi) membership of a professional or trade association; or (vii) membership of a trade union; or (viii) sexual preferences or practices; or (ix) criminal record; that is also personal information; or

(b) health information about an individual; or (c) genetic information about an individual that is not otherwise health

information.

extract from Australia’s Privacy Act 1988

Identify risks● security & privacy

○ Know your data○ OWASP Top Ten Mobile/Web/Cloud

● compliance○ Accessibility○ HIPPA○ hygeine, health & safety

● environmental constraints

M1: Insecure Data StorageM2: Weak Server Side ControlsM3: Insufficient Transport Layer ProtectionM4: Client Side InjectionM5: Poor Authorisation and AuthenticationM6: Improper Session HandlingM7: Security Decisions Via Untrusted InputsM8: Side Channel Data LeakageM9: Broken CryptographyM10: Sensitive Information Disclosure

OWASP Top Ten Mobile Risks

Environmental constraints● hospitals: poor wifi

○ store now, sync later○ elegantly deal with stale data

● radio signal interference● sound interference &

priority● healthcare: sterility

○ disease spreading

Mitigate risks● encrypt all sensitive information!

○ drop-in solutions, e.g. SQLcipher● Proguard● lockup keystores & passwords

○ be ready for an audit● verify controls

○ define & test NFRs

disrupting healthcare

opportunities galore

know therisks

Androiddesign

Design like you care● Android Design Guidelines● custom, stylised iconography● sociability● truly responsive design● know your users

Design for everyone● Accessibility; Internationalisation● Colour blind● Power users vs. lightweights● battery; bandwidth costs● please don’t lock in

portrait orientation...○ but do it if TalkBack

is on!

optimised form flows

tuned-in to the OS-wide experience

Data input● validation and feedback

○ Android-formidable-validation○ Crouton (say NO to Toast)

● “submitting”○ Done & Discard○ Contextual Action Bar

(CAB)

Thanks to● Awesome Android Devs● Paul Hamilton @ CSC Australia● Stuart Moncrieff @ JDS Australia● Chris Vukin @ Team(evermed)● http://www.stockpicturesforeveryone.com/

Ende