Proceedingsofthe2018HealthITWorkshop

on

DevelopmentsinICT&Healthcare:Legal,Ethical&SocialAspects

8th&9thMarch2018MiddlesexUniversity,London,UK

Proceedingsofthe2018HealthITWorkshopon

DevelopmentsinICT&Healthcare:

Legal,Ethical&SocialAspects

8th&9thMarch2018MiddlesexUniversity,London

Editors:

CarlisleGEORGE(MiddlesexUniversity,UK),DianeWHITEHOUSE(TheCastlegateConsultancy,UK),

KennethGOODMAN(UniversityofMiami,USA),PennyDUQUENOY(MiddlesexUniversity,UK).

ISBN978-1-64713-306-1

ContentsWelcomefromtheVice-Chancellor...................................................................................................................1

InMemoriam-DrSamanthaAdams................................................................................................................2

WorkshopIntroduction........................................................................................................................................3

Programme..............................................................................................................................................................4

IT,Health,EthicaluseofPublicHealthDatainthecontextofUniversalHealthCoverageDrJoanaNamorado,ScientificOfficer,EuropeanCommission,Brussels........................................................6

ICTandHealthcare:TheChallengeforSocialTheoryDrMalcolmJFisk,SeniorResearchFellow,CCSR,DeMontfortUniversity....................................................7

UnderstandingBlockchainTechnologyandApplicationsintheHealthcareDomainMsSukhvinderHara,SeniorLecturer,MiddlesexUniversity...........................................................................9

TheGeneralDataProtectionDirective:SomeImplicationsfortheHealthcareSectorDrCarlisleGeorge,AssociateProfessor&Barrister,MiddlesexUniversity.................................................11

Cross-BorderExchangeofeHealthDataintheEUDrIoannisKomnios,ProjectCoordinator,TheKONFIDOProject..................................................................13

Ownit.PersonalDataTradingasanAlternativeModelMsMitziLászló,NeuroscientistandSocialEntrepreneur,OWN....................................................................15

EnhancingtheSCIROCCOmaturitymodel:Scaling-upintegratedcareinEuropeMsDianeWhitehouse,DrTamaraAlhambra-Borrás&MsCristinaAlexandru............................................17

Big(Health)Data,ArtificialIntelligenceandBlackBoxAlgorithms:TimeforGlobalStandardsProfKennethGoodman,Director,InstituteforBioethicsandHealthPolicy,UniversityofMiami,USA..19

ErrorismorecomplexthanEthicsProfHaroldThimbleby,ProfessorofComputerScience,SwanseaUniversity............................................20

HowCanWeAssuretheTrustworthinessofFederatedBigHealthDataEcosystems?ProfDipakKalra,President,TheEuropeanInstituteforInnovationforHealthData.................................22

CrowdHEALTH:AggregatingandAnalysingBigHealthDataforPolicyMakingDrUsmanWajid,SeniorResearcher,InformationCatalyst.............................................................................24

PromotingHealthAppsorAssessingTheirQuality?AReflectiononCurrentAttemptstoGovernmHealthDrFedericaLucivero,SeniorResearcherinEthicsandData,TheEthoxCentre,UniversityofOxford....26

TheCertificationofAppsinAnEraofInnovationDrMayoniRanasinghe&DrCeliaBoyer(ExecutiveDirector),HealthontheNet(HON)Foundation....28

UpdateonProgresswiththeNationalSummaryCareRecordsProgrammeinEnglandDrEmyrWynJones,SummaryCareRecord-ClinicalLead,NHSDigital,England......................................30

mHealthandtheManagementofChronicDiseases:TheRationaleforDevelopingaSuitableFrameworkMrFaradJusob,DrCarlisleGeorge&DrGlenfordMapp,MiddlesexUniversity..........................................31

ProposingaNovelComprehensiveInformationSecurityFrameworkformHealthMsNattaruedeeVithanwattana,DrGlenfordMapp&DrCarlisleGeorge,MiddlesexUniversity..............33

BuildingAdvancedMedicalPlatforms:BenefitsandPossibleThreatsforDataStorageManagementDrGlenfordMapp,AssociateProfessor,MiddlesexUniversity......................................................................35

AuthorIndex..........................................................................................................................................................36

ListofParticipants...............................................................................................................................................37

1

WelcomefromtheVice-ChancellorEthical practice is intrinsic tohealthcare. Complex challenges arisewhen considering thehugevaluethat information and communication technology can bring to achieving better healthcare in bothdevelopedanddevelopingcountries.Therearemanyissuesthatneedexpertunderstandingbutbringsolutions that are acceptable to the public, and often involve trade-offs rather than having clearsolutions. These include: privacy in an age of constant cybersecurity threats; patients’ rights andabilities to manage and control data about themselves in an age of clever algorithms and cloudcomputing;politicaldecisionsonnationaland international regulatory frameworks;andquestionsofequityinaccesstocareandinformation.Universitieshavean important role toplayamid this complexity, since they can createplatforms fordiscussionandexchange thatbring togetherdifferentdisciplinary insights,nationaland internationalperspectives,theoryandpractice,andknowledgeofthelatestandlikelyfuturedevelopmentsinbothhealthcareandICT.MiddlesexUniversity,withourreputationforeducatingthehealthcarepractitionersofthefutureandfor innovating in computer anddata science, is an ideal venue forbringing together thought leaderswhoaregrapplingwiththesechallenges.IamverygratefultoDrCarlisleGeorge,MsDianeWhitehouse,ProfKennethGoodmanandDrPennyDuquenoyfororganisingthisworkshopandassemblingthisgroupofexpertanddistinguishedspeakersforthetwodays.Ihopethatyouhaveanenjoyableandstimulatingeventinoneoftheworld’smostexcitingcitiesandatoneoftheUK’smostprogressiveandinternationaluniversities. ProfessorTimBlackmanVice-Chancellor,MiddlesexUniversity

2

InMemoriam-DrSamanthaAdams

DrSamanthaAdamsdiedon13December2017,aged41.SamwasanAssociateProfessorattheTilburgInstituteforLaw,Technology,andSociety(TILT)responsibleforthee-healthresearchteamatTILT.She was very supportive of our activities in Health IT at Middlesex and attended our previousworkshopsin2016and2014,atwhichshewasanactiveparticipant.Shehadalsovolunteeredtobeamemberoftheorganisingteamforthis2018workshop,butsoonafterbecameill.Onthefirstdayoftheworkshop,wewillhaveasessiondedicatedtoSamantha’smemory. SeveraloftheattendeeswhoknewSamwellwillpaytributetoherlife,andrememberthevaluablecontributionthatshemadetothefieldsofethicsandregulationinhealthIT.

3

WorkshopIntroduction

Aswecontinuetoexplorenewtechnologiesandregulatoryframeworkstoenablehealthcare,wemustalsoseektoidentifyandaddresstheconcernsandchallengesassociatedwiththesenewtechnologies.

This workshop focuses on the legal, ethical and social aspects ofnew and emerging technologiesinhealthcareaswellasdevelopmentsregardingregulatoryandethical frameworks thataffecthealthandcare.

Thetopicscoveredduringthetwodaysinclude:

• Theimportanceofsocietal,socialandethicalissuesintheprovisionofuniversalhealthcoverage,

andhealthandcare,andservicesforolderadults.

• Useofnewtechnologiesinhealthcare(e.g.blockchain,cloudstorage).

• ThenewGeneralDataProtectionRegulationorotherregulatorydevelopmentsandthe

implicationsfortheuseofICTinhealthcareorotherregulatorydevelopments.

• Wideraccessto(personal)healthdata(e.g.,intermsofpersonalisedhealth;populationhealth).

• MobileHealth(mHealth)Apps–thedevelopmentofguidelinesandregulatoryframeworks.

• Intelligentenvironmentstoassistintheprovisionofhealthcareservices.

• Trustworthinessandtrustdevelopmentinthefieldsofhealthandcare.

• ThreatstohealthcareITinfrastructure(e.g.,cybersecurity,networksecurity).

• Cross-bordercollaborationineHealth,mHealth,telemedicine,telecareandtelehealth,andsocial

care.

WorkshopOrganisers

• DrCarlisleGeorge:AssociateProfessor&Barrister,MiddlesexUniversity.• MsDianeWhitehouse:eHealthConsultant&Director,TheCastlegateConsultancy,UK.• ProfKennethGoodman:Director,InstituteforBioethics&HealthPolicy,UniversityofMiami,USA.• DrPennyDuquenoy:Chair-BCSICTEthicsSpecialistGroup,AssociateProfessor,MiddlesexUniversity,UK

WorkshopSponsors• FacultyofScienceandTechnology,MiddlesexUniversity,London.http://www.mdx.ac.uk/about-us/our-faculties/faculty-of-science-and-technology• InstituteforBioethicsandHealthPolicy,MillarSchoolofMedicine,UniversityofMiami,USA.https://bioethics.miami.edu• TheCastlegateConsultancy,UnitedKingdom.http://www.thecastlegateconsultancy.com• TheEuropeanCentrefortheStudyofEthics,LawandGovernanceinHealthInformationTechnology(Online)

http://ecelghit.org

4

ProgrammeDay1–Thursday,8thMarch2018

TIME

ITEM PAGE Reference

12:00-13.00 Registration, mix-and-mingle (Light refreshments available).

*

13.00-13.05 WelcomeProfRichardComley,DirectorofResearch,MiddlesexUniversity.

*

13.05-13.10 Workshop Introduction Dr Carlisle George/ Dr Penny Duquenoy, Middlesex University.

03

13.10-13.40 IT, Health, Ethical use of Public Health Data in the context of Universal Health Coverage. Dr Joana Namorado, Scientific Officer, European Commission.

06

13:40-14:00 ICT and Healthcare: The Challenge for Social Theory. Dr Malcolm Fisk, Senior Research Fellow, CCSR, De Montfort University.

07

14:00-14:20 Understanding Blockchain Technology & Applications in the Healthcare Domain. Ms Sukhvinder Hara, Senior Lecturer, Middlesex University.

09

14:20-14:40 The General Data Protection Directive – Some Implications for the Healthcare Sector. Dr Carlisle George, Associate Professor & Barrister, Middlesex University.

11

14:40-15:00 Special Session: Tribute in Memory of Dr Samantha Adams (Tilburg University)

* (02)

15.00-15.20 Afternoon coffee/tea break (20 mins) * 15.20-15:40 Cross-Border Exchange of eHealth Data in the EU.

Dr Ioannis Komnios, Project Coordinator for the KONFIDO Project. 13

15.40-16:00 Own it. Personal Data Trading as an Alternative Model Ms Mitzi László, Neuroscientist and Social Entrepreneur, OWN.

15

16:00-16:20 SCIROCCO: Directions in Integrating Care – 12 Dimensions for Scaling-up Ms Diane Whitehouse, eHealth Consultant, The Castlegate Consultancy.

17

16.20-17:00 Discussion/Panel Session and Roundup (40 mins) New Developments in Health IT - Opportunities & Challenges Ahead Chair: Prof Kenneth Goodman

*

17.00-19.00 An opportunity to relax or have drinks. * 19.00 Dinner - Sheridan Suite, Hendon Hall Hotel. *

5

Day2–Friday,9thMarch2018

TIME

ITEM PAGE Reference

09.00-09.05 Welcome and introduction to the day, Dr Carlisle George/ Dr Penny Duquenoy

*

09:05-09:35 Big (Health) Data, Artificial Intelligence and Black Box Algorithms: Time for Global Standards. Prof Kenneth Goodman, Professor of Medicine, University of Miami, USA

19

09:35–10:05 Error is more complex than Ethics. Prof Harold Thimbleby, Professor of Computer Science at Swansea University, Wales (UK)

20

10:05–10:25 How Can We Assure the Trustworthiness of Federated Big Health Data Ecosystems? Prof Dipak Kalra, Professor of Health Informatics, University College London. President - The European Institute for Innovation for Health Data.

22

10:25-10:45 CrowdHEALTH: Aggregating and Analysing Big Health Data for Policy Making. Dr Usman Wajid, Senior Researcher, Information Catalyst

24

10:45–11:00 Coffee Break (15 mins break) 11:00–11:20 Promoting Health Apps or Assessing Their Quality? A Reflection on

Current Attempts to Govern mHealth. Dr Federica Lucivero, Senior Researcher in Ethics and Data, The Ethox Centre, University of Oxford.

26

11:20–11:40 The Certification of Apps and other Connected Objects. Dr Celia Boyer, Executive Director, Health on the Net (HON) Foundation

28

11:40–12:00 Update on Progress with the National Summary Care Records Programme in England. Dr Emyr Wyn Jones, Summary Care Record - Clinical Lead - NHS Digital

30

12:00–12:40 Discussion/Panel Session (40 mins) Trust development as a basis for ethical data sharing – the EU experience. Chair: Dr Joana Namorado

*

12:40–13:40 Lunch 13:40–14:00 mHealth and the Management of Chronic Diseases: The Rationale for

Developing a Suitable Framework. Mr Farad Jusob, PhD Student, Middlesex University, London

31

14:00–14:20 Ms Nattaruedee Vitanwattana, PhD Student, Middlesex University. Proposing a Novel Comprehensive Information Security Framework for mHealth

33

14:20–14:40 Building Advanced Medical Platforms: Benefits and Possible Threats for Data Storage Management. Dr Glenford Mapp, Associate Professor, Middlesex University.

35

14:40–15:20 Discussion/Panel Session (40 mins) The future and promise of mHealth. Chair: Dr Carlisle George

*

15:20–15:30 Coffee Break (10 mins break) * 15:30-15:55 Overview of the workshop and next steps.

Ms Diane Whitehouse *

16:55–16:00 Thanks and farewell (workshop organisers) *

6

IT,Health,EthicaluseofPublicHealthDatainthecontextofUniversalHealthCoverage

DrJoanaNamorado,ScientificOfficer,EuropeanCommission,Brussels

(joana.namorado@ec.europa.eu)Ethics is very important in information technology (IT), particularly when used in the provision ofhealthservicesandthemanagementofhealthcarerecords.InthecontextofthenewEuropeanUnion(EU)GeneralDataProtectionRegulation(GDPR),ethicsiscentraltotheexplorationanduseofpublichealth records. For this reason, the EU is developing an ethics strategy forHealth SystemResearch,particularly in the context of theHealth Research and Innovation Cloud -where the strictest ethicalstandards are required – and, as a trust builder, essential for pooling health-relevant data acrossmember states and for international studies using comparable methodologies. The strategy alsoestablishes the conditions of research under which innovative solutions from one context can beimplemented elsewhere – for networking between health and research authorities, ministries, andregulatoryenvironments.TheGDPR,inthecontextofdigitalhealthinfrastructures,canbeinstrumentalinsettingthesceneforanopen dialogue and possible cooperation with and among the health research and innovation stake-holders, and the digital health community/users. However, a robust ethics component has to bedevelopedforthetechnological,governance,managementandethicalrequirementsofhealthresearchdata,aswellasforthedevelopmentofpublictrustandsupportforthisfield.

7

ICTandHealthcare:TheChallengeforSocialTheoryDrMalcolmJFisk,

SeniorResearchFellow,CCSR,DeMontfortUniversity(malcolm.fisk@dmu.ac.uk)

In2008,theEuropeanCommissionreceivedthepreliminaryfindingsofareporton‘ICTandAgeing’[1].ThecontextwasonewheretheEuropeanCommissionwasreportedaswanting‘betterleveragingofthepotentialgenerallyprovidedbyICTforindependentlivinginanageingsociety’.Thiswasseenas‘bothasocialnecessityandaneconomicopportunity’.Thefocuswas,perhaps,unsurprisinglyaroundwhatwasseen as a demographic challenge - a key aspect of which was answering the question as to how‘independent living’couldbepromoted foragrowingnumberofpeoplemanyofwhomwereseenashavinghealthandsupportneeds.Thecontextwasone,however,where‘widermainstreamingofICT-enabledsolutionswithinrealworldservicesettingshastoalargeextentyettooccur’andwherecertainbarriers toadoptionwerenoted.These included shortcomings in the communications infrastructure,thecapacity(andknowledge)ofserviceproviderorganisationsand‘medico-legaluncertainties’.Moreimportantly fromthepoint of viewof thisappraisal the reportsignalled someethicaland regulatoryconcernsthatrelatedtothemonitoringcapacityofsomeofthetechnologiesconcerned(thisfocusing,inthemain,onsocialalarmsandhometelehealth).2008 provides us, therefore, with a benchmark. There was clearly the desire to seek ICT based‘solutions’(thisterm,ofcourse,betrayingaviewoftheageingpopulationasa‘problem’)buttherewasanascenceofconcernaroundtheirethicalimplications.However,noreferencewasmadeinthereporttosocialtheoriesthatmighthavebeencorralledtosupportanethically-basedapproachwherebyICTcouldbeharnessedintheareaofhealthcareinethicallyappropriateways.Now,adecadelater,therehasbeenconsiderabledevelopmentintheworldofICTandhealthcare.Thishasbeen,inpart,facilitatedthroughthedevelopmentofbettercommunicationsinfrastructuresthatisevident in all EU countries. As part of its work to promote the ‘digital economy’, the EuropeanCommission has recently undertaken consultation on ‘Health and Care in the Digital Single Market’(outcomesareawaited).TheDigitalEconomyandSocietyIndex(DESI),meanwhile,bearstestimonytosteady, year on year, increases in the use of the Internet, the integration of digital technology (inbusinessandcommerce)andtherangeofdigitalpublicservices[2].Some‘market’opportunitiesaroundICTare,therefore,beingdeveloped.Formanyofthesetheethicalissuesarefocusedaroundgoodgovernanceandthe‘dimensions’associatedwith‘responsibleresearchand innovation’ (RRI) (itself a European Commission initiative) [3]. A cross-over that includesconsiderationoftheneedsofproductandserviceusers(patients)canbenoted,however,witharecentRRI oriented project (Responsible Industry) specifically having examined products ‘for an ageingsociety’thatrelatetothe‘delivery’(sic)‘ofhealthandsocialcaretoanageingsociety’.Muchofthefocusforthelatterwasontheuseofsensorstogatherpersonaldata–forwhichanumberofethicalconcernswere identified.Thereport inquestionaffirmedthat theapplicationofnewICT-basedsystems ‘whilereinforcing the person’s autonomy at home, may also lead to more control being taken by familyrelativesovertheprivatelifeoftheolderperson’[4].GeneralprinciplesthatshouldbeconsideredforICTproductsforolderpeopleinneedofcare(deemed‘vulnerableconsumers’)werelistedinthereportas follows: individual rights and liberties; personal safety and health; autonomy, authenticity andidentity;qualityoflife;socialisolation;integrityanddignity;bodilyintegrity;socialsafety;distributivejustice,equalityand‘dualuse’ofdevelopedtechnologies.HereliesthebeginningofanethicalframeworkthatmayhaveitsplaceinrelationtoICTandhealthcare.This iscomplementedby initialworkoftheEuropeanCommission fundedPROGRESSIVEproject that(in a preliminary report) identifies nine ‘ethical tenets’ as follows [5]: accessibility and usability;affordability; autonomy and empowerment; beneficence and non-maleficence; care, protection andsupport;equality,equityandjustice; inclusion,non-discriminationandsocial impact; interoperability;andprivacy,safetyandsecurity.Armedwiththisrangeofprinciplesandethicalissues,itbecomespossibletoexaminewhether,andtheextent to which, these resonate with the work of a small range of social theorists. Expectations inrelation to this are low insofar asmany of the social theories around ageing and health relate to a

8

contextwhereICTswerepoorlydeveloped.Indeed,the ‘lead’intermsofideasandinnovationaroundICT and health has been taken by technologists and others who have been quick to consider thecommercialopportunities thatcouldarisewithinwhat theymightrecogniseas the ‘SilverEconomy’ -notedbytheEuropeanCommission(inrelationtoadefinitionfromOxfordEconomics)as‘thesumofalleconomicactivityservingtheneedsofthoseaged50andoverincludingboththeproductsandservicestheypurchasedirectlyandthefurthereconomicactivitythisspendinggenerates’[6].The perspective explored in this paper, however, has less to dowithmarkets andmore to do withrights.Referencepointsfortheethicaldimensionsrelate,inthemain,totheResponsibleIndustryandthePROGRESSIVEprojects.Theseare then linkedwiththeworkof fivesocialtheorists(or, rather, foursocial theories)and theirethicaltouchstones.ThetheoristsareTomBeauchampandJamesChildress;GeorgeAgich,JoanTrontoandPeter-PaulVerbeek [7, 8, 9, 10].The respectivemerits of their approaches are considered,mostnotablyaroundtheissuesofautonomy,agency,observationandresponsibility.Importantlyaspectsoftheirwork,particularlythoseespousedbyTrontoandVerbeek,carryresonancewiththeethicalissuesandsomerelatedtensionsthatrelatetoICTandhealthcareandmayhelpinthere-examinationofsocialtheoriesinthisrapidlydevelopingdigitalcontext.References[1]KubitschkeL,GareisK,MűlllerS,CullenK,DelaneyS,TaylorLQ,WynneRandRauhalaM(2008)‘ICTand Ageing: European study onUsers,Markets and Technologies’ empirica (Bonn) /Work ResearchCentre(Dublin).[2]Seehttps://digital-agenda-data.eu/charts[3]WilfordS,FiskMandStahlB(2016)‘GuidelinesforResponsibleResearchandInnovation’,CentreforSocialResearchandInnovation,DeMontfortUniversity,Leicester.[4]PorcariA,BorsellaEandMantovaniE(2015)‘ResponsibleIndustry:AFrameworkforImplementingResponsible Research and Innovation in ICT for an Ageing Society’ Italian Association for IndustrialResearch,Rome.[5]Seewww.progressivestandards.orgforaprojectdescription.[6]EuropeanCommission(2015)‘GrowingtheEuropeanSilverEconomy’BackgroundPaper.[7]BeauchampTandChildressJ(1985)‘PrinciplesofBiomedicalEthics’OxfordUniversityPress;[8]TontoJC(1993)‘MoralBoundaries:APoliticalArgumentforanEthicofCare’,Routledge,Oxford;[9]AgichGJ(2003)‘DependenceandAutonomyinOldAge:AnEthicalFrameworkforLong-TermCare’CambridgeUniversityPress(updatedfromoriginalin1947);[10]VerbeekPP(2005)‘WhatThingsDo:PhilosophicalReflectionsonTechnology,AgencyandDesign’PennsylvaniaStateUniversityPress.

9

UnderstandingBlockchainTechnologyandApplicationsintheHealthcareDomain

MsSukhvinderHara,SeniorLecturer,MiddlesexUniversity

(s.hara@mdx.ac.uk)The blockchain protocol was first described by Satoshi Nakamoto in 2008 (Nakamoto 2008) in thecontextofpaymentsystems,mostnotably“Bitcoin”.Atitscore,theBitcoinnetworkmaintainsaledgercalled the blockchain.Within this public ledger are the records of all transactions (and grouping oftransactionsintoblocks)thathavebeencommitteduponsatisfactionoftheprotocolrequirementsandnetworkconsensus(Bonneauetal.2015).Thesetransactionrecordsareplacedintotheblockchainbyavalidationprocesscalledmining,whichhas twomainobjectives: tocommitvalid transactionsandtogeneratenewBitcoins.Thisprocessisincentivisedbyprovidingminerswithafinancialrewardforeachmined block. Any node in the Bitcoin network may participate in this process by committing theirresourcesneededtomine(computerpowerandenergy).To improve theirchanceofsuccess,minersoftenjoinminingpoolstherebycombiningtheirresourcestosolvetheproofofworkalgorithmproblem(Teutschetal.2017).Oncetransactionsarecommittedintotheblockchaintheycannotbemodifiedi.e.blockchainsareimmutable.Blockchains once traditionally affiliated with payments systems, have piqued the interest of manydomains. One specific context inwhich blockchain technologies have been applied are in healthcareapplications. This is because any healthcare treatment involves a number of transactions, and thepresentmethodofprocessingtransactionspotentiallyleadstotransactionalinefficiencies(e.g.needingthirds parties to verify transactions). Use of the blockchain removes many of these transactionalinefficiencies and allows transactions to be processed efficiently. The distributed nature of theblockchainmakesdatasharingwithinthehealthcaredomainmoreefficient.UnliketheBitcoinnetwork,healthcare blockchains can be closed and permission based with “controlled ownership of mining”betweenstakeholders(Yuanetal.2016),thusprovidingsecurityandconfidentiality.Useofblockchainsinhealthcareprovidesnumerousbenefits especially over the currentoutdated legacy systemswhichareoftenincompatiblebetweenhealthcareprovidingstakeholders.Recognisingthispotential,anumberofinitiativesandproof-of-conceptshavebeenpresented.Blockchaintechnologyhasbeenusedinmanyhealthcareapplications forexample:managingelectronichealthrecords(Yuanetal.2016),managingthe treatment of patients between different stakeholders (Ekblaw et al. 2016), and dispensing ofprescriptionstoreduce“overprescribingandprescriptionfraud”(Blockmedx2017).Despite all the benefits, concerns have been raised about distributed ledger technology in terms ofscalability issues, cost of systems, andwhether return on investment at a larger scale is realistic orachievable(Angraaletal.2017).Furthermore,theGeneralDataProtectionRegulation2018(GDPR)hasintroducedtherightoferasure(righttobeforgotten)thatwillobligedatacontrollertoerasepersonaldatawherecertaingroundsgiveninArticle17apply.Thesegroundsincludethatthedataarenolongernecessary in relation to the purposes forwhich they were collected/processed or that there are nooverridinglegitimategroundsforprocessing.TheimmutablenatureofthebitcoinmayposeaconflictwiththeGDPR,however,inmosthealthcareapplications,thegroundsforexercisingtherightoferasuremaynotapply.ReferencesAngraal,S.,Krumholz,H.M.&Schulz,W.L.,2017.Blockchaintechnology:Applicationsinhealthcare.Circulation:CardiovascularQualityandOutcomes,10(9),pp.1–4.

Blockmedx,2017.CombatingPrescriptionDrugAbusewithaSecureDecentralizedApplicationBuiltonEthereum.Availableat:https://www.blockmedx.com/doc/BlockMedxWhitepaper.pdf.

Bonneau,J.etal.,2015.SoK:ResearchPerspectivesandChallengesforBitcoinandCryptocurrenciesJoseph.

Ekblaw,A.etal.,2016.(MedRec)ACaseStudyforBlockchaininHealthcare:“MedRec”prototypeforelectronichealthrecordsandmedicalresearchdata.ProceedingsofIEEEOpen&BigDataConference.Availableat:https://www.healthit.gov/sites/default/files/5-56-onc_blockchainchallenge_mitwhitepaper.pdf.

10

Mukhopadhyay,U.etal.,2016.AbriefsurveyofCryptocurrencysystems.201614thAnnualConferenceonPrivacy,SecurityandTrust(PST),pp.745–752.Availableat:http://ieeexplore.ieee.org/document/7906988/.

Nakamoto,S.,2008.Bitcoin:APeer-to-PeerElectronicCashSystem.Consulted,pp.1–9.Availableat:http://s.kwma.kr/pdf/Bitcoin/bitcoin.pdf.

Teutsch,J.,Jain,S.&Saxena,P.,2017.Whencryptocurrenciesminetheirownbusiness.InLectureNotesinComputerScience(includingsubseriesLectureNotesinArtificialIntelligenceandLectureNotesinBioinformatics).pp.499–514.

Yuan,B.,Lin,W.&Mcdonnell,C.,2016.Blockchainsandelectronichealthrecords.MassachusettsInstituteofTechnologywebsite,pp.1–23.Availableat:http://mcdonnell.mit.edu/blockchain_ehr.pdf.

11

TheGeneralDataProtectionDirective:SomeImplicationsfortheHealthcareSector

DrCarlisleGeorge,AssociateProfessor&Barrister,MiddlesexUniversity

(c.george@mdx.ac.uk)

InMay2018,Regulation(EU)2016/679,theGeneralDataProtectionRegulation(GDPR), isscheduledtocomeintoeffectintheEuropeanUnion(EU)updatingandreplacingtheEUDataProtectionDirective95/46/EC (aimed at protecting the privacy of individuals and the use of personal data). The GDPRplaces specific obligations on data controllers and data processors in organisations (that processpersonaldata)eitherwithintheEUoroutsidetheEUbutofferinggoods/servicesintheEU.ThelattergivestheGDPRextraterritorialeffect,whichimpliesthatnon-EUbasedorganisationsinthehealthcaresector(e.g.organisationscarryingoutresearchorclinicaltrials)willbesubjecttotheGDPR.WhilethekeyprinciplesandconceptsofthecurrentDataProtectionDirective95/46/ECremain,theGDPRaimstostrengthenexistingindividualrights,createsnewrights (e.g. theright toerasureofpersonaldata)andplacesgreateraccountabilityonorganisations.Datacontrollersmustputappropriatetechnicalandorganisationalmeasures inplace toensure thatallprocessingcomplieswithrequirementsunder theregulation.Dataprocessorsmustbe able todemonstrate compliancebymaintaining recordsof theirprocessingactivities.TheRegulationhasastrongerfocusondataprivacyandsecurity,mandatingdataprotection by design and default, including the use of privacy enhancing technologies such aspseudonymisation and encryption. Further pseudonymised data (often used in the healthcare sectorwhen conducting clinical trials) is now classed as personal data if it can be used to re-identifyindividuals.Organisationsarenowmandatedtocarryoutdataprotectionimpactassessmentsinsomecircumstances. In relation to thehealthcare sector these circumstanceswill includewhenprocessinglarge amounts of health-related data (such as in clinical trials) or when processing data using newtechnologies.Intheeventofanydatabreach,organisationsarenowobligedtonotifytheappropriatesupervisory authoritywithin 72 hours and tonotify affected individualswithout undue delay (if thebreachwillposeahighrisktotherightsandfreedomsoftheseindividuals).Withregard todatarelating tohealth, theRegulation introduces threenewdefinitionsnamely: “dataconcerninghealth”,“geneticdata”and“biometricdata”.Thesethreeformsofdataareincludedinthecategory of “sensitive personal data” hence requiring a higher standard of protection than ordinarypersonal data. Specifically the processing of sensitive personal data is prohibited subject to someexemptionsincludinghealth-specificconditions.Anyprocessinginthehealthcaresectormustthereforebeawareofhowtheseexemptionsapply.TheRegulationalsoenablesMemberStatestoimposefurtherconditionsontheprocessingofgenetic,biometricorhealthdata.ArelatedissueisthattheGDPRhasstrengthened the definition of consent and the recording of consent for the processing of sensitivepersonaldata.Consenthastobefreelygiven,specific,informed,anunambiguousindicationofthedatasubject’sagreementandmustbecapableofbeingwithdrawnwithoutdetriment.Scientificresearch isautomaticallydeemedtobea lawfulcompatiblepurpose,meaning thatpersonaldata initially collected for any purpose can be processed for scientific research purposes. Wherepersonaldata isprocessed forscientificresearchpurposes, theGDPRprovidesexemptions tovarioussubjects’ rights if organisations implement appropriate safeguards (e.g. “technical and organisationalmeasurestoensuredataminimization”).The GDPR imposes harsh fines for non-compliance/infringements, i.e. up to 4% of an organisation’sannualturnover,animportantdevelopmentinlightoftherelativelyhighnumberofsecurityincidentsreportedintheUKhealthcaresectorcomparedtoothersectors(Raywood,2017).ThispaperdiscussessomeimportantimplicationsoftheGDPRforthehealthcaresector.Thepreviousdiscussions suggest that organisations in thehealthcare sectormust review theirpresent operationsandprocedures tobe incompliancewith theGDPR,especiallyensuringthat: the legalbasisexists fortheprocessingofdatarelatingtohealth;anyfurtherrestrictionsontheprocessingofdatarelatingtohealthinaparticularMemberStateiscompliedwith;datacontrollersanddataprocessorsunderstandtheir responsibilities; the forms and wording requirements for obtaining/recording consent areupdated;adataprotectionbydesignanddefaultapproachistaken,includingimplementingappropriatetechnical and organisational measures for processing activities (e.g. pseudonymisation, and

12

encryption);pseudonymiseddatathatcanleadtotheidentificationofanindividualcomplieswiththeGDPRrequirements;dataprotectionimpactassessmentsarecarriedoutwhenthecircumstancesapply;andsubjects’rightsandwhentheyapplyareunderstoodandcompliedwith.ReferencesEUGDPR(2018),GDPRPortalSiteOverview,https://www.eugdpr.org/Raywood, D (2017). UK Healthcare Accounts for 43% of all Breaches. InfoSecurity Magazine,https://www.infosecurity-magazine.com/news/uk-healthcare-43-breaches/

13

Cross-BorderExchangeofeHealthDataintheEUDrIoannisKomnios,

ProjectCoordinator,TheKONFIDOProject(i.komnios@exus.co.uk)

Abstract: In order to facilitate cross-border exchange of eHealth data in the EU, the OpenNCPcommunity has designed and developed a set of open source components that can be adopted byparticipatingnations.TheKONFIDOprojectaddressesthechallengesofsecurestorageandexchangeofeHealth data, as well as protection and control over personal data at a systemic level, through theimplementationofsixinnovativetechnologypillars,includinghomomorphicencryptionandblockchain.

Keywords:Cross-borderexchange;eHealthdata;Security;OpenNCP.

The epSOSproject [1]aimedtodesign,buildandevaluateaservice infrastructure thatdemonstratescross-border interoperabilitybetweenelectronichealth record systems inEurope. In the first phase,epSOStargetedtheexchangeoftwotypesofinformation:

• Patient Summary that provides an overview of the most important medical data for patienttreatmentand;

• ePrescriptionforcross-borderuseofelectronicprescription.

ThetechnicaloutcomeofepSOShasbeentheOpenNCPopensourceproject[2](currentlysupportedbyeHDSI [3]) thataims todesignanddevelopasetofopensourcecomponents thatcanbeadoptedbyparticipating nations to build their own implementation of theNational Contact Point (NCP). In thisway,NCP-B(i.e.theNCPinthecountryoftreatment)cancommunicateandexchangeeHealthdatawithNCP-A(i.e.theNCPinthepatient’scountryofaffiliation).Asfarassecurityisconcerned,OpenNCPhasdefinedthemeasuresthatmustbeputinplacetogranttheconfidentiality, integrity,authenticityandavailabilityofcross-bordercommunicationofeHealthdata[4].

To further enhance security, the European Commission (EC) has funded the KONFIDO project [5] toadvance the state-of-the-art of eHealth technologywith respect to the fourkeydimensionsof digitalsecurity: data preservation, data access and modification, data exchange and interoperability andcompliance.Inparticular,KONFIDOtakesonaholisticapproachbytargetingallarchitecturallayersofanITinfrastructure,suchasstorage,dissemination,processingandpresentation,extendingtheresultsofaseriesofsuccessfulpreviousprojects, suchasepSOS,STORK[6],DECIPHER[7],EXPAND[8]andANTILOPE[9].KONFIDO’simplementationapproachisbaseduponsixtechnologypillars:

• The new security extensions, such as Software Guard eXtension (SGX) [10], provided by themainCPUvendors;

• PhysicalUnclonableFunction(PUF)-basedsecuritysolutionsbasedonphotonictechnologies;• Homomorphicencryptionmechanisms;• CustomizedextensionsofSecurityInformationandEventManagement(SIEM)solutions;• Asetofdisruptiveloggingandauditingmechanismsbasedonblockchain;• AcustomizedeIDAS-complianteIDimplementation.

KONFIDOisworkingonanintegratedprototypebasedontheaforementionedtechnologiestobetestedin threeMember States, namelyDenmark, Italy andSpain. Inparallel to the technical validation, thedevelopedsolutionisalsoassessedinethicalandlegalterms.

From the legalpoint of view,providing cross-borderhealth servicesneeds to adhere to the relevantdirectives and agreements. Directive 2011/24/EU [11] clarifies the legal rights of patients in cross-border healthcare. The Directive covers both public and private healthcare providers, and requiresMemberStatestoprovideinformationtopatientsandthepublicontheirrightsandoptions.AspartofthesameDirective,theeHealthNetworkhasbeencreated,providing“Guidelinesonaminimum/non-exhaustivepatientsummarydatasetforelectronicexchange”[12]in2013andthe“Agreementfortheexchangeofhealthdata”[13]in2017.Cross-borderexchangeofhealthdataisfurthersubmittedtotheapplicationofEuropeanandnationallegalrulesregardingtheprotectionofpersonaldata,includingtheGeneralDataProtectionRegulation(GDPR)[14].

14

Theeffortsthatstartedadecadeagoprovethatprovidingsecurecross-borderexchangeofeHealthdataisacomplexprocess.By2020, theeHDSIOperationsCommunityand theKONFIDOprojectwillhavemadeasignificantsteptowardsthewideimplementationandadoptionofcross-bordereHealthservicesintheEU.

Notes

TheresearchleadingtotheseresultshasreceivedfundingfromtheEuropeanUnion'sHorizon2020researchandinnovation programme under grant agreement No 727528 (KONFIDO - Secure and Trusted Paradigm forInteroperableeHealthServices).Thispaperreflectsonlytheauthors'viewsandtheCommissionisnotliableforanyusethatmaybemadeoftheinformationcontainedtherein.

References

1. epSOSproject(2008-2014),http://www.epsos.eu/home/about-epsos.html2. OpenNCPCommunity,

https://ec.europa.eu/cefdigital/wiki/display/EHNCP/OpenNCP+Introduction3. eHealthDigitalServiceInfrastructure(eHDSI),

https://ec.europa.eu/cefdigital/wiki/display/EHOPERATIONS/eHealth+DSI+Operations+Home4. SecurityservicesoftheeHealthDSI,

https://ec.europa.eu/cefdigital/wiki/display/EHOPERATIONS/Section+II+-+Security+Services5. KONFIDOproject(2016-2019),http://www.konfido-project.eu/konfido/content/what-konfido-

project-about6. STORKIandIIprojects(2008-2015),(https://www.eid-stork2.eu7. DECIPHERproject(2013-2017),http://www.decipherpcp.eu8. EXPANDproject(2014-2015),https://ec.europa.eu/digital-single-market/en/news/expand-

deploying-sustainable-cross-border-ehealth-services-eu9. Antilopeproject(2013-2015),https://www.antilope-project.eu/front/index.html10. Intel®SoftwareGuardExtensions(Intel®SGX),https://software.intel.com/en-us/sgx11. Directive2011/24/EU,http://eur-

lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2011:088:0045:0065:en:PDF12. Guidelinesonaminimum/non-exhaustivepatientsummarydatasetforelectronicexchange,

https://ec.europa.eu/health/sites/health/files/ehealth/docs/guidelines_patient_summary_en.pdf

13. Agreementfortheexchangeofhealthdata,http://jasehn.eu/wordpress/wp-content/uploads/2017/10/D6.2.B_RECOMMENDATION_for_the_Governance_and_Implementation_of_the_Agree.._.pdf

14. GeneralDataProtectionRegulation(GDPR),https://www.eugdpr.org

15

Ownit.PersonalDataTradingasanAlternativeModelMsMitziLászló,

NeuroscientistandSocialEntrepreneur,OWN(mitzilaszlo@gmail.com)

TheDataTradingIndustryData is thenewoil. In2011, threeof the five top companiesby stockmarket capitalizationwereoilcompanies,onlyfiveyearslateralltopfivewereAmericadatacompanies(Bloomberg).OPEChasbeenreplacedbyGAFAM:Google,Amazon,Facebook,Apple,andMicrosoft.While the techservices, suchassearchengines,communicationchannels,andmaps,areprovided forfree,thenewcurrencythathasbeenuncoveredintheprocessispersonaldata.TheAttentionEconomyisanapproachtoinformationmanagementthattreatshumanattentionasascarcecommodity.GAFAMuse techniquesexplained in thebookHookedbyNirEyal toensure thatusersmaximisescreen time.ApplestatedthatusersunlocktheiriPhones80timesperdayonaverage.Onaverage,Americansspendmoretimeinfrontofascreenthattheydoasleep(CommonMediaSense,2017).Thisattentionisthensold to those wishing to advertise. These advertisements are targeted using data so as to be moreefficientatconvertingtheattentionintoadesiredoutcome,forexample,spendingmoneyorvotinginaparticularway.Howmuchisthedataofoneindividualworth?AccordingtoStatista, in2016Googlehadarevenueof89.5billiondollarsand1billionGmailusersmeaningthat,eachpersonperyeargeneratesroughly90dollars in ‘data addedvalue’. There aremanyholes tobepicked in this rudimentary calculation: thefinancialfiguresoftaxevadingcompaniesareunreliable,wouldrevenueorprofitbemoreappropriate,howdoyoudefineanactiveuser,youneedalargenumberofindividualsforthedatatobevaluable,wouldtherebeatieredpricefordifferentpeopleindifferentcountries,notallGooglerevenueisfromGmail,etc.Althoughthesecalculationsareundeniablycrude,theexerciseservestomakethemonetaryvalueofdatamoretangible.Theexamplesgivenonlycoveronecase,butifweextendprofitsfromdatasalestootherareassuchashealthcarethemonthlyprofitperindividualwouldincrease.TheChinesegovernmentiswidelyusingfacialrecognitiontechnologyinpublicspacestomatchphysicalidentity with online behaviour. Individuals are given a social index score based on their behaviourwhichdeterminestheextentoftheiraccesstopublicservices.Ultimately thepersonaldata trading industry ispossiblebecause individualsgiveconsentbyclicking‘accept’ on the terms and conditions. However, a negligible number of individuals actually read thetermsandconditionswhichareconstantlychangingandhaveestimatedtotakeamonthofeveryyeartoread.WhyweneedarethinkWhile ethical checks are extensive for research, they are close to non-existent in the data tradingindustry,makingitdifficultforpublicresearchtokeepup.Ithasbecomeincreasinglydifficultforuserstorejectthetermsandconditionsandstillremainanactiveparticipantofsociety.Therighttoprivacyattemptstoprovidesomeresistancetocorporatesurveillance,howeverthebusinessmodelbehindthedatatradingindustrymeansthereisalargeincentivetoidentifyindividualsandprofilethem.Ibarraetal (2018) propose that GAFAM should pay their users for collecting their data,which has also beenproposed in the form of a universal basic income from GAFAM. However, this does not answer thequestionofvoice:aselectwealthyfewwouldstillbedecidingonbehalfoftheirusershowtheirdataisused.Like it or not, the human digital identity is a consumable product and other people are currentlydecidingonbehalf of otherswhat touse theirpersonaldata for. From this standpoint analternativemodelhasbeendesigned.

16

AnAlternativeModel:PersonalDataTradingTheultimategoalsare:

• Moreequitableglobalresourcedistribution• Amorebalancedsayinallocationofglobalresources

Personal Data Trading (PDT) is a framework that gives individuals the ability to own their digitalidentityandcreategranulardatasharingagreementsvia the Internet.Rather than thecurrentmodelwhich tolerates companies sellingpersonaldata forprofit, inPDT, individualswould consciously selltheirpersonaldatatoknownpartiesoftheirchoiceandkeeptheprofit.HowwouldPDTworkfromtheperspectiveoftheindividual?Theindividualwoulddownloadanapp,login,initiatepersonaldatacollectionsthroughsendingdataaccessrequests,andthenrejectoracceptdatasalesproposalspresentedviatheapp.Atthecoreisanefforttore-decentralisetheInternet.Importantly,thisismoreaboutdataownershipratherthandatatransactions.Consideringwedonotyetknowtheexchangerateofdataandthereforewould not be able to define a unit, or token, blockchain is not a silver bullet solution to enablingpersonaldatatrading.There are approximately thirtypersonaldata trading initiativesglobally.Notable, the inventorof theWorldWideWeb,SirTimBerners-Leeisleadingoneoftheseinitiatives.Own(www.ownyourdata.xyz)was founded in 2014 by Mitzi László in Amsterdam and is one of the first personal data tradinginitiatives.ThegoverningprincipleofPDT isthat individualsowntheirownpersonaldata.Thecollectiveofoneindividual'spersonaldataformsadigitalidentity(orperhapsdigitalalteregoismorefitting).Adigitalidentityencompassesallofourpersonaldatashadowing, representingandconnected toourphysicalandideologicalself.InEurope,dataaccessrequestsmeanthatindividualscansimplyaskfortheirdataandorganisationsareobligedtoprovideit.However,thecustomerserviceandbureaucracyinvolvedinauctioningthesedataaccessrequestsmeanthatatool isneededtoautomatetheprocessandideallycreateanapplicationprogramminginterfaceunderastandardisedcertificateofdatahandlingnorms.Data is sold in aggregate form describing a group. For example, 20% of Amsterdam eatsMuesli forbreakfast,NOT,Annaeatsmuesli forbreakfast.The algorithmsgenerating thesemetricsneedethicalcheckssimilartothoseappliedtopublicresearchstandards.Thealgorithm,timeframe,datainput,datareceiver,recurrenceofsale,andprice,needtobepresentedtotheindividualswhoisultimatelytheoneto decide to give informed consent or not. In the Internet era, perhaps it makes sense to have aninternationalagencytomaketheseethicalcheckstoensurepersonaldatatradinghasapositiveimpactonsociety.

17

EnhancingtheSCIROCCOmaturitymodel:Scaling-upintegratedcareinEurope1

MsDianeWhitehouse1,DrTamaraAlhambra-Borrás2&MsCristinaAlexandru3

1EHTEL(Belgium)2PolibienestarResearchInstitute-UniversityofValencia(Spain)

3UniversityofEdinburgh(Scotland)

(diane.whitehouse@thecastlegateconsultancy.com)Keywords:SCIROCCO,focusgroup(s),qualitative,quantitative,tool.

1) IntroductionIntegratedcareisofconsiderableimportanceinEurope,joiningtogetherdifferentpartsofthedifferentMember States’ health and care systems. Europeans want increasingly to be able to scale up theseactivitiesandmakesurethattheyareplannedwell.DevelopedaspartoftheSCIROCCOproject[1],theSCIROCCOtoolincorporatestheMaturityModelfortheadoptionof IntegratedCare [2]developedbytheEuropean InnovationPartnershiponActiveandHealthy Ageing’s action group B3 on integrated care. The SCIROCCO tool can be used to scale upintegrated care, across different health and care sectors, in a range of communities, andatdifferentlevelswithinhealthsystemsorcaresystems.ThisshortpaperexploresthedevelopmentofandevaluationprocessesfortheSCIROCCOtool,aswellas how end-users’ view it – through a collection of their opinions, experiences and perspectives.Ultimately, the aim is tomake the SCIROCCO toolmuchmorebroadlyusable, not only in the fieldofintegratedcarebutalsopotentiallyinavarietyoffieldsandsectors.Theworkshoppresentationitselfwill giveworkshopattendeesanoverviewof how the toolworksand focusona seriesofusecases.

2) Theory/MethodsandPreliminaryFindingsSincetheprojectlaunchinApril2016,theSCIROCCOtoolhasundergonetwoiterations,eachfollowedbyanevaluationofitsusabilitythroughuseofanon-linequestionnaire.Aftertheseconditeration,theend-usersofthetoolhavebeeninterviewedinfocusgroups.ThispaperfocusesontheoutcomesofthefocusgroupsinthreeEuropeanregions(Scotland;theBasqueCountry,Spain;andNorrbotten,Sweden).UsabilityofthetoolResultsfromthefirstiterationofthetoolweremostlypositive,butindicatedtheneedforaclearerwayof editing the questionnaires, and a more effective handling of the SCIROCCO dimension scoringrankings.Bothofthesecommentswereaddressedinthesecond,andcurrent,iterationofthetool.End-users’perspectivesWith regard to the experience of using the SCIROCCO tool, all stakeholders involved in the self-assessmentreportedpositiveexperienceswhenusingthetool.Mostofthemhighlightedthatthetoolprovidedthemwithafaithfulrepresentationoftheirhealth/caresystem.Ingeneral,theyagreedthatthevalueofthetoolisinthediscussionorconsensus-buildingprocess.Regardingtheenhancementofthetool, focusgroupparticipantspointedouttheneedforthetooltobeavailableintheregion’slocallanguage.Moreover,someparticipantsstatedthatthereshouldbemoredistinctionbetweencriteriaon some of the 12 SCIROCCOdimensions. The dimension entitled “breadth of ambition” particularlyseemstoneedrefinement.Thereweremixedviewsofferedonwhetherthejustificationsofferedforanyanswersgivenneedtobeautomated(ornot).Furtheroptions forusesof theSCIROCCOtoolhavealso been discussed, including undertaking regular assessments, and deciding on initiatives,programmes,andprojectsinwhichtogetinvolved.1TheSCIROCCOprojectwasco-fundedbytheHealthProgrammeoftheEuropeanUnionunderGrantAgreementNo.:710033(CHAFEA).

18

3) DiscussionsThemethodsusedtoenhancethetoolaresoundandappropriate.Thetoolitselfisgoodforfacilitatinginsightintothe(local)regionalintegratedcaresystem.Itprovidesmaterialsthatcouldthenleadtotheformulationofa(local–evenregionalornational)strategyorplan.Usabilityquestionnairesallowthequickgatheringofbothquantitativeandqualitativedataonusability.However,theyareheavilydependentonparticipantsfillingthemincompletelyandthoroughly,bothingeneralandgivenissuessuchasquestionnairefatigueandthedemandsontheirtimefromtheproject.Ingeneral,abettercoordinatedjointplanforthedifferenttypesofevaluationofthetoolisimportantforitsnextiteration.The focus group mechanism enables further discussion and reflection on any quantitative findingsemergingfromuseoftheSCIROCCOtool.Thefocusgroupspermitwide-rangingthinkingaboutfuturealternativeusesofthetool.Forthefuture,inordertocollectmoredataonusability,thistopicisplannedtoalsobethoroughlydiscussedaspartoffocusgroups.

4) ConclusionsThe SCIROCCO tool is judged to be easy-to-use. It facilitates consensus-building among the people(including experts) who conduct the self-assessment process. Moreover, the tool provides usefulfeedback to the local region on its healthcare system and integrated carematurity. It is particularlyhelpfulinenablinglocalstakeholderstoreflectonthecurrentstate-of-playofthesystemandfutureitsdirections, indicatingthatitcanbeveryusefulintermsofpolicydecision-making.Thenext stageofworkonthepartoftheSCIROCCOconsortiumwillbetodeveloppolicy-relatedmessagesabouttheSCIROCCOtool.

5) LessonslearnedabouttheapproachIn termsofprocess, theSCIROCCOproject isan initiative inwhich there isgoodteamwork;differentworkpackagesworktogetherwellandcanexchangeinformationwell.Ontheonehand,itisusefultohaveresearchersevaluatingtheusabilityofthetooland,ontheotherhand,itsusefulnessandimpact:thiscollaborationandsharingoffindingshasproveduseful.Intermsoftriangulation,theresultssofarshow considerable synergy – explained by the fact that the usability of an interface also influenceswhetheritwillbeasusefulandachieveitspotentialforitsusers.

6) LimitationsoftheapproachTheseresultsarelimitedtothreeregionalsitesinthecaseofthefocusgroups,andtooneregioninthecaseoftheiterationofthetool;however,fiveEuropeanregionsintotalareinvolvedintheSCIROCCOproject.Thecurrentstateofanalysisofthestudyfindingsmeanthattheseinitialobservationswillbefurtherrefinedbytheendoftheprojectinautumn2018.

7) SuggestionsforfutureresearchFuture replies to questionnaires from other users and regions and holding of focus groupswill helpconfirm,andadd,moreissuesandsuggestions,bothtothetoolitselfandtothenumeroususestowhichit canbeput.Widening the rangeof regions/countries that canuse the SCIROCCOtoolwillmake itsvalidationmore effective. Finally, itwouldbe interesting to research inwhatother fields/domains–besidesintegratedcare–theSCIROCCOtoolcouldbeused.

8) References[1]http://www.scirocco-project.eu/[2]https://ec.europa.eu/eip/ageing/sites/eipaha

19

Big(Health)Data,ArtificialIntelligenceandBlackBoxAlgorithms:TimeforGlobalStandards

ProfKennethGoodman,Director,InstituteforBioethicsandHealthPolicy,UniversityofMiami,USA

(kgoodman@med.miami.edu)The health information technologymultiverse has received guidance and critical analysis from theethics and legal communities formore than three decades. Someof this supportwas requested, andsomehasevenbeenaccepted.Intheprocess,ethicalissueswereidentifiedandanalyzed,bestpracticesmooted and recommended, education and curriculum development celebrated. The issues, practicesand curricula have correctly emphasized privacy and confidentiality, appropriate uses and users,decisionsupport,clinicalstandardsandtheancientrelationshipbetweencliniciansandpatients.Therehashoweverbeenanomission, amajorand importantomission, anomissionunderpinning all otherethical,legalandsocialissues.Hidden–buried?obscured? concealed? –whetherbydesignornot, arebillionsof linesof computercode,theverydigitalfoundationofallelectronichealthrecords,researchregistriesanddatabases,datamining algorithms, programs that emulate or replicate human intelligence, user interfaces, mHealthapps,datasharingprotocolsand,well,soon.IfwearetorealizethefullpotentialofBigDataandArtificialIntelligence,weabsolutelymustattendtosome familiar and several new questions shaping the field of software engineering. Some suchquestions:How,bywhomandunderwhatvalueswasthiscodewritten?Wasitshared,andbywhom?Will itbeshared;ifnot,whynot?Didthosewhowroteorcraftedthecodehaveanyresponsibilitytoattendtoitsfutureuses?Ifso,how?Answers to these questions, some ofwhich are empirical and some conceptual, should shape a newgenerationofguidance,governanceandeducationintheworldofhealthinformationtechnology.Theglobalhealthinformaticscommunityneeds torevisitandrefineanumberofethicalissues, somealreadyrecognized,underpinningthecraftingofcomputercode:

• Annotationanddocumentation• Fitnessforpurpose;safety• Testingandanalysis;qualitycontrol• Versioncontrol• Datasharingandtransparency• Provenanceandintellectualproperty

Byinformingandguidinganewgenerationofcodewriters,thushelpingtoprofessionalizetheircraft,attentiontoethicscanattheoutsetmakeaplenaryandlegitimateclaimtoimprovinghealth,respectingrights and fostering reproducibility in research. Because software production is alreadyinternationalized, an international initiative is required. Standards, let alone global standards, aredifficulttodevelop,butinallotherendeavorsthatmatter–thataffectthelivesofbillionsofpeople,thatweighheavilyoncollectivesafety,publictrustandcommunitypurses– wehavecometoacceptandeven rely on evidence-based and ethically optimized standards. Big Data and AI require this. Globalstandardscanhelpachieveit.

20

ErrorismorecomplexthanEthicsProfHaroldThimbleby,

ProfessorofComputerScience,SwanseaUniversity(harold@thimbleby.net)

Abstract:InWesternhealthcare,preventableerrorisrecognisedasthethirdbiggestkiller(onaparwithcancerandcardiovasculardiseases).Computersareinvolvedineveryaspectofhealthcare,frombookingappointmentsthroughtomagneticresonanceimaging(MRI)scans.Althoughthereisnousefuldata,itislikelythatcomputer-relatederrorissignificant.Whenerrorsoccur,thecliniciansatthe“sharpend”areblamedratherthananyunderlyingproblems;thisraiseslegal,ethicalandsocialissues.Ifwearetolearnhowtoimprovesystemsandavoidfutureerrors,weneedmoredeliberativeethicalthinkingthan“justicebyscapegoating.”IntroductionClearly, computers can transform healthcare. On the one hand, the recognition of computer-inspiredtransformationcloselymatchesmarketforceswithpoliticalandconsumerdesires.Ontheotherhand,enthusiasticmarketdemandsleadtoacquiescenceoverlowquality.Computer error falls into a large, under-recognised area that induces healthcare errors and patient

harm.Itislargelypreventable.Herearesomestarkcomparisonsabouttrainingandskills:

• It still takes an anaesthetist, if good enough to be accepted on a course, 8 years toqualifytogiveapatientanaesthetics.

• Somebody who wants to program a drug delivery system can start now with notrainingorqualifications.

• Abadanaesthetistmightkillonepersonatatime;badprogrammerscankillasmanypatientsasthereareinfusiondevicesmadetotheirdesign.

• There is no plausible way any clinician could sustain a level of harmful effectscomparabletobadprogrammingwithouttriggeringinvestigationandaction.

• If something goes wrong, programmers protected by the EuropeanMedical DeviceDirective(andotherharmonisedlawsintheUSAandelsewhere);theyhaveprobablyrequiredtheanaesthetisttoindemnifythem.

ErrorasadualofethicsLetusdefineerrorasafailuretodogood.Hence,foreveryethicalstance,thereisadualerrorstance;forexample, deontology defines good through rules, so errormay equally be defined by deviance fromrules.Situationalethicshasadualinerrorrootcauseanalysis(i.e.,toexplorewhatsituationcausedtheerror).Virtueethicshasadualinerror-pronepeople:errorsarecommittedbypeoplewho,clearly,arenot virtuous. (Thisperspective slides intoblameculture:a previously virtuousperson involved inanerrorhasbetrayedourtrust.Nolongervirtuous,theydeservepunishment.Thelogicofthisargumentisveryseductive,notleastbecauseitissimpleandcheap.)TwocasestudiesHarmstopatientsareestimatedtobeinthe100,000speryearintheUK.Computersareinvolvedinallstagesofthepatientcarepathway,andthereforebugs(i.e.,errorsindesign)willcontributetotreatmenterrors. For example,whenanurse entersanumber correctly, but it ismisinterpreteddue toabug,orenters a number incorrectly that is not spotted by the computer because of a bug, both cases cancontributetopatientharm.

21

Clinical examples are complex, so we have chosen two simpleexamples to illustrate our points: one refers to the calculation ofdrug dosage through the use of calculators; the other to addressdataavailableonaprescriptionform.Drug doses are often calculated on calculators. Sometimes a

calculation goes wrong: patients can die from over-doses (or beineffectively treatedwithanunder-dosage).Sometimesnursesaresacked,orevencommitsuicide,afteradverseincidents.Notethatitis hard to spot calculation errors; thepoint of using calculators isthatwe, the users, do not know the right answer.We rely on thecalculatorstocalculatecorrectly.Calculator usersmaymake an error they notice and therefore

wish to correct. The Casio HR150TEC has a delete key to helpcorrect errors. Unfortunately, its delete key ignores the decimalpoint.Hencetryingtocorrect,say,2.5totheintended25willlikelyleave5,whichisoutbyafactoroffive.Iftheresultisinvolvedinalongercalculation,thefinalerrorwillbeveryhardtospotandmaycauseharm.The HR150TEC can keep a record of what it does. If a user

encountersthedesignerrordescribedabove,thelogrecordswhatthecalculatordid.Ifusedinaninvestigation,thelogwouldseemtoshowtheuserincorrectlyentered5anddidnotcorrectit.Figure1showsasimpleerror.Thecomputerhastruncatedthe

doctor’s name and address, which will encourage unnecessary errors. This is an avoidable bug: thepatient’snamewasnottruncated.DiscussionThesetwocasestudiesshowedcommonbugsinrelationtomedicaldevicesandsystems.Thefollowingpointsarecritical:

• Manufacturershaveyearstodevelopproducts,totestthemandfollowbestpractice.Leavingbugsinsystemsmustbe(toputitcharitably)drivenbycommercialrealities.

• The example bugs described in the two case studies have been around for years, unfixed. Ifmanufacturersdonotnoticebugs(whichisanapproachthatseemspreferabletonoticingbutnotcaring),whathopeisthereforclinicianstonoticeandunderstandbugsorreportthemcorrectly?

• Cliniciansworkundertime-critical,highpressuredemands.Theyandtheirpatientsrelyonsystemstowork,astheydonothavethecognitivecapacitytocontinuallycheckthem.

• Standardresilientprocesses, suchas twonursesworking togetherasateamtocheckeachother,cannotprovideadequateprotectionagainstcommonmodefailure(suchasweillustratedabove)inthesystemstheyuse.

Preventable errors will continue to occur that will be incorrectly investigated, and blame will bemisdirected.Unfortunately, blaming the closest front-line staff (oftennurses) is the cheapest andmostexpedient solution; taking amanufacturer to courtwouldbe expensive andwould imply an expensivehospital refit.Blamingtheuser isself-perpetuating; fewpeople today think thatcomputersarecausingerrorswhenthehealthcareprofessionitselfsuspendssomanyclinicians.Thisisafailureofjustice.ConclusionsThedualityoferrorandethicsisproposedasaplacetothinkmoreclearlyabouterror,combinedwithanawarenessofthepivotalroleofethicalcomputing(consideringpre-plannedsystemdesign,asymmetryofpower,inevitabilityoferrorwithinacapitalistethic)andethicalinvestigationofbugs.

Figure1.Patientdata.(Notethatthedoctor’snameisnotJon(itislonger),andtheaddressisnotMedicalCe.)

22

HowCanWeAssuretheTrustworthinessofFederatedBigHealthDataEcosystems?

ProfDipakKalra,President,TheEuropeanInstituteforInnovationforHealthData

(dipak.kalra@eurorec.org)Thispresentationexamineshowtobuildtrustworthinessinlarge,federatedhealthdataecosystems.Itexamines currentdirections in the field, includingvariousdrivers. It explores thedominant researchinfrastructures, and some of the major and minor challenges they present. Looking to potentialsolutions,theauthor investigates theneed foranoverallportfolioof targetedactivities. Itcovers: theimplicationsoftheGeneralDataProtectionRegulation(duetobeappliedinMay2018);theadoptionofgoodpractices;andclearcommunicationwiththegeneralpublic.Many European countries have invested in national eHealth infrastructures,which are progressivelycommunicatingmoreandmoreelectronichealthrecorddata tosupportcontinuityofcareandpublichealth strategies. Countries are now launching research infrastructure programmes to scale up theavailabilityofdata forclinical research.European infrastructuresarenowalsocoming intoexistence(mostrecentlySwitzerland[1]andGermany[2]),andthereareplanstoestablishaEuropeansciencecloudtoshareresearchdata[3,4].Thedrivers for these research infrastructures are to accelerate and reduce the cost of academic andpharmaceuticalindustryclinicaltrials,andtoincreasetheavailabilityoflargepopulationdatasetsfordrug development, biomarker validation, pharmacovigilance, rare disease research and healthoutcomesoptimisation.Newopportunitiesarealsoemergingtoengagepatientswhoareaccessingtheirowndata,soastobeabletomanagetheirownhealthcareandpreventionmoreeffectivelyandcollectpersonalhealthdata.By far the dominant model for these research infrastructures is to enable federated (distributed)research access to multiple data repositories. These repositories might be de-identified electronichealth records (e.g. in hospitals), disease and procedure registries, cohort studies and biobanks.Research queries might be performed remotely across multiple data sources and the result setscombined,orfocuseddatasetextractsmightbelinkedandmergedwithinanapprovedsafehavenforin-depthanalysis.ThereareimportantEuropeaninitiativesseekingtoaddressanumberofchallengesrelatedwiththeseresearch infrastructures [5,6]. Themajor challenges being tackled when establishing infrastructuresrelatetoprivacyprotection,promotinggoodpracticesindatasharing,andthegeneralacceptabilitytopatient populations of reusing (personal) health data for research, the limited adoption today ofinteroperability standards which make it difficult to combine heterogeneous data sources, and thevariabledataqualityfoundinelectronichealthrecordsystems.Of paramount importance to establishing a trusted federated research ecosystem is the need forcompliancewithdataprotectionlegislation,ataEuropeanlevelandacrossallEuropeanMemberStates.TheGeneralDataProtectionRegulation(GDPR) iscurrently inthespotlight,withparticularconcernsabout uncertainties in national interpretations on the need for and nature of (specific vs. generic)informed consent for research use of routinely collected health data, opt in and opt out models ofconsent, the status of pseudonymised data, and implications of the “right to be forgotten” onlongitudinalresearch.Thereisalsouncertaintyabouthowtheprincipleofdataminimisationappliestobigdatabeingcuratedforlong-termhypothesisgeneration.Onecornerstoneofensuringregulatorycomplianceandassuringtrustworthinessisthedefinitionandadoption of good practices: e.g., codes of practice, and standard operating rules and procedures.Anotheristhequalitylabellingofclinicalresearchplatformsandtoolstoensuretherobustnessoftheirprivacyprotectionmeasures.Stafftrainingandaccreditationisalsoimportant,inparticularthetrainingofclinicalresearchstaffintheappropriatehandlingofdatainsafehavensandintheconductofremotequeries.

23

Societyasawholehasvariedunderstandingsofhowclinicalresearchisconducted,andinparticulartheimportance of health data to enable knowledge discovery i.e., research. It is therefore important topromotethevalueofhealth-relatedresearchtothepublic,andhowpeople’sdatacanbebothusedandyetstillprotectedinthisprocess.Theoverallgoalofaportfolioofgoodpracticemeasuresistoestablishandgovernatrustworthyclinicalresearch ecosystem while using big health data. This is vital if we are to win greater societalendorsementofpublichealthandresearchusesofhealthdata.Thisendorsementofgoodpracticeswillbring greater confidence in, and reduce the risks both for thoseprovidingdata for researchuse, e.g.hospitals,generalpractitioners,patients,andforthoseperformingtheresearch,managingthedata,orsponsoringtheresearch.1.SwissPersonalizedHealthNetwork(SPHN).Websitehttps://www.sphn.ch/en.html.[Accessed11thDecember2017]2.ResearchinGermany.“Germanylaunchesmedicalinformaticsinitiative”.Webpage,31stAugust2017.https://www.research-in-germany.org/en/research-landscape/news/2017/08/2017-08-29-germany-launches-medical-informatics-initiative.html[Accessed11thDecember2017]3.EuropeanCommission.EuropeanOpenScienceCloud.Websitehttps://ec.europa.eu/research/openscience/index.cfm?pg=open-science-cloud[Accessed11thDecember2017]4.EuropeanCommission.ESOCDeclaration.Availablefrom:https://ec.europa.eu/research/openscience/pdf/eosc_declaration.pdf[Accessed11thDecember2017]5.Kalra,D.,Stroetmann,V.,Sundgren,M.,Dupont,D.,Schlünder,I.,Thienpont,G.,Coorevits,P.,andDeMoor,G.(2016)TheEuropeanInstituteforInnovationthroughHealthData.LearningHealthSystems,doi:10.1002/lrh2.100086.TheEuropeanMedicalInformaticsFrameworkproject.Websitehttp://www.emif.eu[Accessed11thDecember2017]

24

CrowdHEALTH:AggregatingandAnalysingBigHealthDataforPolicyMakingDrUsmanWajid,

SeniorResearcher,InformationCatalyst(usman.wajid@informationcatalyst.com)

Abstract:Today’seHealthenvironmentischaracterisedbythemultitudeofdatasourcesprovidinghealthrelatedinformation thathasnotyet reached its full exploitationpotential.TheCrowdHEALTHapproach introduces theparadigmofSocialHolisticHealthRecords(SHHRs)thataggregateclinical,socialandhumancontexttoestablishaone-stop shop for all health determinants. The CrowdHEALTH approach seamlessly integrates big datatechnologiesacrossthecompletedatapathtofacilitatethecreationofSHHRsforpopulationsegments,providingof Data as a Service (DaaS) to the policy makers. CrowdHEALTH also provides a big-data analytics toolkit tosupportcross-domainco-creationandevaluationofpolicies,causalandriskanalysis,andforthepredictions.Keywords.Bigdata,healthanalytics,publichealth,policymaking ExtendedAbstractThe explosionof ICTservices led toseveraldevices andplatformsprovidinghealth relateddata(e.g.medical records, lab reports, wearable data, etc.). However, the different types of data, in differentstandards and frequencies create havoc at integration level in any platform. Thus, it is gettingincreasinglycommonforimportantinformationoreventstobemissedwhileanalysinghealthrelatedinformation e.g. early indications of spatiotemporaldevelopment of diseases. On the other hand, themultitude of data sources highlights a unique opportunity i.e. data to be exploited for effective andtargeted policymaking, development of personalisedmedicines, forecasting of epidemics and healthpromotioningeneral.Additionaltomedicalrecordsarethehealthdeterminantsthatshouldalsobeconsidered,ashighlightedby theWHO[1], including thephysical, socialandeconomic environment,genetics,andrelationshipswithfriendsandfamily.Today’shealthrecords(EHRsandPHRs)arefarfrombeingwhatthecitizensconsider as of value to their health. Capturing and linking additional information (e.g. behavioural,social etc.) with the data in EHRs and PHRs would be beneficial to analyse prevention strategies,evaluatingdiseasespreventionmechanismsandefficiencyofclinicalpathways.Furthermore, collective communityknowledge couldplaya significantdual goal: (i) collect, fuse andanalyse information from different entities to extract valuable information for the provision ofactionableinsights,(ii)providethegroundfortargetedhealthpolicymaking.Theimpactisapparent:46%oftherespondentsinasurvey[2]highlightedthatinformationsharinghaschangedtheiroverallapproach towards healthy life. Another survey [3] shows the need and value for sharing healthinformationwithothersandcommunities.With this background, the EU H2020 funded CrowdHEALTH project aims to deliver an integratedplatform that incorporates big datamanagementmechanismsaddressing the complete datapath: fromacquisition,cleaning, todata integration,modelling,analysis, informationextractionand interpretation.CrowdHEALTHwillenableproactiveandpersonalizeddiseasepreventionandhealthpromotion,whileproviding decision support to authorities for policy creation, through the exploitation of collectiveknowledgeandintelligence.CrowdHEALTHexploresmechanismsthatcanbeclusteredacrossthreemainareas:(i)extendedhealthrecords,(ii)collectivehealthknowledge(i.e.clusteredrecords),bothproducedandexploitedby(iii)bigdata analysis techniques. As highlighted by CISCO [4]: “Humans evolve because they communicate,creatingknowledgeoutofdataandwisdombasedonexperience”.CrowdHEALTH’shypothesisisthatthe“extended”healthrecordscanbeexploitedtoagreaterdegreeiftheycanevolvebyfollowingthehumancommunicationparadigm.Thismetaphormeansenhancingrecordswithtechnologiestoexploittheknowledgeandexperiencederivedfromotherrecordse.g.frompatientsinthesamemedical,socialand environmental situations. Thus, CrowdHEALTH proposes the evolution of health records in twostages:(i)towardsHolisticHealthRecords-HHRsprovidingacompleteviewofthecitizenincludingallhealth determinants, (ii) towards HHRs Clusters to extract collective knowledge. As depicted in the

25

followingfigure,anHHRcontainsseveralcomponents:(a)thepersonalcomponentcontaininghealth,social and lifestyle data (such as nutrition or physical activities) collected by either the citizen, herfamily, friends, etc., (b) the social component containing social care data collected from social careproviders, (c) themedicaldevice component containinghealthdata frommedical devices (e.g. homecaresystemsorwearables),(d)thehealthcarecomponentcontainingdata(e.g.clinicaldata,diagnoses,medication, etc) obtained by healthcare providers (e.g. primary care systems) and (e) laboratorymedicaldata.

Figure 1. Holistic Health Records and Clusters of Records in CrowdHEALTH. The HHRs clusters act as living entities, including properties such as experience (i.e. medicationexperiencesofpatients), relationshipwithotherHHRs(i.e. relationshipswith friendsand family,and“classification”ofrelationshipsasforexamplepatientswiththesamedisease),reputation,eventsandtrends thataffect thegroupsofcitizens.Thismeans thatHHRscould formnetworksinanautomatedway based on a variety of criteria such as lifestyle choices or disease symptoms, and exchangeinformationasexperiences.In the context of theHealthAnalytics, bigdataanalytics techniques areutilized for carryingoutRiskModels & Models Execution, Causal Analysis, Multimodal Forecasting, and Clinical Pathway Mining,uponallthegathereddata.Theanalysistechniquesallowtheidentificationofthepropertiesthataffecttheperformanceofpoliciesandcareplansandhelptoidentifysimilaritiesordifferencesintreatmentamong groups of patients, indicate major effective factors that affect several treatments. MoreoverMultimodalForecastingtechniquesestimatestheapplicabilityandeffectivenessofhealthpolicies,theirvariations and combinations to particular population segments taking into consideration socialinformationandspatiotemporalproperties.In CrowdHEALTH, Policies Creation is facilitated by a policy development toolkit that uses analyticoutcomes and a visualisation environment to identify and evaluate indicators that can help in thedevelopment of public health policies, which are then evaluated through cost-benefit based analysistechniques. The CrowdHEALTHapproach is under evaluation through scenarioswith heterogeneousdata sources / devices, data to be included in HHRs, target groups (e.g. chronic diseases or youthobesity), and environments (care centers, social networks, public environments, living labs, etc).Exploiting2millionrecordsand700.000streamsofeverydayactivities,whileengaging200.000users,theplatform is expected to exploit the current7.5millionmeasurements from1millionpeoplewithadditional200.000/yearbeingalsoanalysed.References[1]WorldHealthOrganization,Thedeterminantsofhealth,http://www.who.int/hia/evidence/doh/en[2]FlashEurobarometer404,Europeancitizens'digitalhealthliteracy,http://ec.europa.eu/public_opinion/flash/fl_404_en.pdf[3]M.C.Domingo,ManagingHealthcarethroughSocialNetworks,IEEEComputer,vol.43,no.7,2010[4]CiscoInternetBusinessSolutionsGroup(IBSG),TheInternetofThings-HowtheNextEvolutionoftheInternetIsChangingEverything

26

PromotingHealthAppsorAssessingTheirQuality?AReflectiononCurrentAttemptstoGovernmHealth

DrFedericaLucivero,SeniorResearcherinEthicsandData,TheEthoxCentre,UniversityofOxford

(federica.lucivero@ethox.ox.ac.uk)

Following, theCommission'sGreenPaperonmobilehealth (April2014), early in2016theEuropeanCommission established a working group with the mission “to develop guidelines for assessing thevalidityandreliabilityofthedatathathealthappscollectandprocess”1.SuchmissionwasderivedfromtheresultsofapublicconsultationontheGreenPaperheldin2015whenrespondentsidentified“safetyand transparency of information” as one of themain challenges formHealth uptake. As this view isexplainedontheECwebsite,thereanumberofwayslackoftransparencyofinformationcanchallengemHealthuptake:First,thelackofclearevidenceonqualityandreliabilityoftheincreasingamountoflifestyle andwellbeing apps available on themarketmakes it difficult for consumers to assess theirusefulness.Second,qualityofdatacollectedandprocessedbyhealthappsneedstobeassessedthroughacommonmethodologyinorderforthesetoolstobelinkedtoelectronichealthrecordsandeffectivelyusedinclinicalpractice.Third,ifappsaregoingtobeincreasinglyusedbychronicpatientsandlinkedtoelectronichealthrecords,healthcareprofessionalsneedtobereassuredaboutthereliabilityof theapps“inordertobeabletorecommendappstotheirpatientsandtakeapps'dataintoconsiderationinatreatment/monitoringprocess.”

Theworkinggrouphadthereforebeencommissionedto“seektoprovidecommonqualitycriteriaandassessment methodologies that could help different stakeholders (users, developers, vendors ofelectronichealthrecordsystems,payersetc.) inassessing thevalidityandreliabilityofmobilehealthapplications”2.Indoingthis,thegroupwasencouragedtobuildonexistinginitiativesandbestpracticesinEurope.

Theworking group, established byDG CNECT (CommunicationsNetworks, Content and Technology)comprised20members-selectedbasedontheirexpertiseandrepresentingcivilsociety,industryandresearch organisations – and 10 representatives ofMember States authorities3. Theymet four timesface-to-face in Brussels and four times via conference call. Interim drafts of the guidelines werepublishedontheEuropeanCommissionwebsiteanddiscussedattwostakeholderconsultationevents.ThefinaloutcomewaspublishedinMarch2017andconsistedinareportdescribingthemissionandtheprocessoftheworkinggroupactivities.Thereportlists13criteriaforassessment4discussedbytheworkinggroupandpresentsviewsonsuchcriteriabydifferentstakeholders.Thedocumenthoweverisrather inconclusivestatingthat “by theendof the[last]meeting therewasstillnota firmagreementbetween stakeholder representatives, neitheron the scope and target groups, norwhether theworkshouldproceedon thebasis of assessingbothapps anddataoronlydataas foreseen in theoriginalmandateoftheWorkingGroup”.5

Whywasitsodifficultforthisgrouptoprovideguidanceonthisissue?AsIwasoneofthedesignatedexperts, in this contribution I offer my reflections on the challenges that this group encounteredthroughouttheprocessandattempttodrawsomemoregeneralconsiderationsandlessonstobelearnt.IntermsofchallengesIdividethemintwocategories:1)controversiesamongexpertsaboutmHealth;2) issuesof legitimacyof theworkinggroup.The firstcategoryconcerns theconceptualandpracticaldifferences in experts’ understandingof the guidelines’ scope.The controversies that emerged in thediscussionsreflectthecomplexityofthefieldofmHealthandthelimitationofcurrentassessmenttools.The second category concerns issues that emerged in the negotiations of roles and competencesbetween experts,mediators and the EC officers. These issues boil down to amore general question

1 https://ec.europa.eu/digital-single-market/en/news/new-eu-working-group-aims-draft-guidelines-improve-mhealth-apps-data-quality2ibidem3 http://ec.europa.eu/transparency/regexpert/index.cfm?do=groupDetail.groupDetail&groupID=3390&NewSearch=1&NewSearch=14Privacy2.Transparency3.Safety4.Reliability5.Validity6.Interoperability7.Technicalstability8.Effectiveness9.Efficacy10.Efficiency11.Accessibility12.Usability/desirability13.Scalability5p4http://ec.europa.eu/transparency/regexpert/index.cfm?do=groupDetail.groupDetailDoc&id=34905&no=1

27

concerningthelegitimacyofsuchagrouptodrawguidelinesandtothedemocraticroleofsuchworkinggroup in European regulation in general and in the mHealth field in particular. Despite beingdisappointing in its direct output, this exercise can be used to learn some lessons both on thegovernance of mHealth and the role of EC working groups. Some of these lessons are practical andadvocate the need to rethink the design of the process (e.g. selection of expert, role of externalconsultancy). Other lessons are more normative in nature and require an open discussion anddeliberationon themeaninganddirectionofmHealthpolicy (e.g. rethinking thedistinctionbetweenobjectivevssubjectivecriteria;definingthelegitimateactorswhoplayaroleinthiscontext).

28

TheCertificationofAppsinAnEraofInnovationDrMayoniRanasinghe&DrCeliaBoyer(ExecutiveDirector),

HealthontheNet(HON)Foundation(celia.boyer@healthonnet.org)

Abstract.Canapersonwithoutanyadvancedmedicalknowledge,tellthetrustworthinessandtheaccuracyofthesourcesofinformationshe/heaccessesontheInternet?TheHealthontheNet(HON)HONcodecertificationaddresses this issue in websites. However,mobile applications such as health apps are a new dimension ofeHealthandpresenttheirownuniquechallenges.ThisabstractpresentsthisissueandintroducesasolutionwithadraftedCodeofConductforhealthappsandconnectedobjects.Note.Inthisshortpaper,wedonotdealwithhealthappswhicharecategorizedasmedicaldevices,andwhichhavetoundergospecificaccreditationbytheUnitedStatesFoodandDrugAdministration.

IntroductionOne arena that has greatly changed in healthcare is the way patients see themselves as activeparticipants in their own healthcare. With mobile health apps not only do patients have access tomedical informationbutalso to functionalitieswhich can consist of tracking their ownheart rate, orbloodpressure,medicationadherencemonitoring,andmaintainingadiarywithself-filleddatasuchasintake of the day. Health apps offer a personalized response to the user via algorithms using andanalyzing tracked andmeasureddata. TheHealth on theNet (HON) FoundationHONcode, a qualitycode of conduct for online health information since 1996, has continued to evolve its principles toaccommodate thedynamicnatureofthe internet [1].Aftermore than20yearsofexistence,HONhasnowbecomeawell-knownbeaconoftrust,sothatWebusersknowtheyareonsafegroundwhentheyseetheblueandredlogoonawebsite.Butnow,therearenewchallengestoface–developmentssuchasmobilehealthapps,whetherconnectedornottoobjectsposenewhurdlestoleap.HealthappsusageandchallengesWecanestimatethatweareonlyatbeginningofthemHealthrevolution.Connectedobjects,linkedtom-health apps, are part of daily life ofmore andmore individuals and healthcare professionals. Theubiquity of smart phones, tablets, sensors, wearables, personal trackers and similar wireless smartdevicesmeansthathugevolumesofdataconcerninghealth,fitness,life-style,stressandsleeparebeingharvested and processed. A report “mHealth App Developer Economics 2016” foresees that therevenuescomingfrommHealthapp-relatedserviceswillgrowby15%(compoundannualgrowthrate(CAGR))toreachUS$31billionin2020.Fivehundredandfifty-onemillionuserswillbythenactively(atleastonceamonth)makeuseofamHealthapp[2]. Themainissuethenbecomeshowtoidentifythemost appropriate, adapted and trustworthy health app out of hundreds of thousands of similarhealth apps. HON has analyzed what is available on the market in term of guidelines, tools,recommendation and scale to assess the level of trust one can have in a health app. Variousorganizationshaveworkedontheissueofsecurity,dataprivacy,andothercriteriarelatedtoqualityinthemobileapplications.In2014,theUnitedStatesgovernmenthostedmulti-stakeholdertalkstoforgesomecommongroundonmobileappprivacy.TheresultwastheMobileAppPrivacyVoluntaryCodeofConduct,whichcallsformobile applications to include a short form privacy notice to disclose their practices related to datastorageandusage[3].However,thisserviceisstillnotwidelyused.TheAmericanHealthInformationManagement Association has developed a brochure6to inform and educate end users about how toselect an app, with details on the implication of privacy and personal information. The MobileApplicationRatingScale(MARS)isascaleintendedforusersoftheappwith23questions,whereeachitemisratedona5-pointscalefrom1inadequateto5excellent[4].ThemainsectionsareEngagement–fun,interesting,customizable,andinteractive;Functionality;Aesthetics–graphicdesign;Information– Contains high quality information; and App subjective quality. Several European organizations orcompanieshavedevelopedtheirownlabelsfocusedonthelocalmarket.OneexampleistheFrenchone,whichismhealth-quality.eubyDMDsanté(toaccesstheguidelinesusersarerequiredtoregister–theevaluationisbasedonafeewhichisnotdisclosed).Asof5thNovember2017,41appswerelistedonmhealth-quality.eu. In Spain, the Agencia de Calidad Sanitaria de Andalucía has developed a freelyavailable set of guidelines with 31 recommendations distributed across four main groups, such asdesignandappropriateness,qualityandsafetyofinformation,provisionofservices,andconfidentiality

6 http://www.myphr.com/HealthLiteracy/MX7644_myPHRbrochure.final7-3-13.pdf

29

andprivacy[5].Alistofapps,20whichhavebeenassessedand70underevaluation,areavailableonhttp://www.calidadappsalud.com/.TheFrenchHealthAuthority (knownas theHAS inFrench)haspublishedaguidelineof101rulesofgoodbehaviour for health apppublishers categorized in five categories: Information tousers, healthcontent, security, data usage and technical usage [6]. TheHAS isworking on producing a simplifiedversionofguidelinesespeciallyintendedforcitizensandtheirfamilycarers.TheEuropeanCommissionhas acknowledged the legal risk in terms of privacy and personal health data and, in July 2016,proposed a Code of Conduct on privacy for mHealth apps [7]. The Code has its origins in theCommission’sGreenPaperonmHealth(2014)whichrevealedthat45%ofconsumerswereconcernedwithunwanteduseoftheirdatawhenusingmobiledevicesforhealthrelatedactivities.7GuidelinesandassessmenttoolsofhealthmobilesappsqualityHONhas started to assess thepossibilities of adapting theHONcodeguidelines tohealthapps [8]. Incollaboration with the French Union for Free Medicine (UFML) and the partners of the KconnectEuropeanproject(H2020-ICT-2014-1-644753kconnect.eu)HONhasdevelopedafirstdraftofqualityguidelinesforhealthapps.Thisfirstdraftisaimedatbeingavailableforpublicconsultationinordertoreceive the views of people from each of the professions involved in the development, creation,assessment,anduseofhealthmobileapplications.Thankstothecommentsandadvicereceived,HONwillbeabletocreateguidelineswhichwillbeintegratedinitscodeofconduct,certification,butalsointhe community-based platform Health Curator8developed within the Kconnect European project,fundedbytheEuropeanCommission.FuturestepsInthisshortpaper,wehaveattemptedtoprovideabriefoverviewofsomeofthechallengesfacedinensuring the quality of information. However, as developments take place on such a frequent andregular basis, the on-going challenges are very real. Just as the process of information-sharingexperiences new developments, so too will quality control in the future. Organizations dedicated toensuring the trustworthinessof information,suchastheHONFoundation,shouldmake innovationinquality control a priority so that quality control can keep up with the ever-changing informationtechnologyplatform.There is aneed tohavea globalsolution thatproposes amultilingualapproachwithanevaluationscheme,thatenablesuserstobetrainedbyexpertsintheHONapproachtohealthwebsites,oriscombinedwithacrowdsourcing/community-basedsolution.Educationisafirststeptoinformusersandallowthemtomaketrulyinformeddecisions.References[1] https://www.hon.ch/Conduct.html[2] mHealth App Developer Economics 2016 by research2guidance.com; 6th annual study on mHealth apppublishingbasedon2,600respondentsOctober2016

[3] Multi-StakeholderProcessconvenedtheUnitedStatesDepartmentofCommerce.CodeofConductformobileapplication(“app”)shortnoticesonApplicationTransparency.2013.URL:https://www.ntia.doc.gov/files/ntia/publications/july_25_code_draft.pdf).

[4] StoyanovSR,HidesL,KavanaghDJ,ZelenkoO,TjondronegoroD,ManiMMobileAppRatingScale:ANewToolforAssessingtheQualityofHealthMobileAppsJMIRMhealthUhealth2015;3(1):e27DOI:10.2196/mhealth.3422

[5] AgenciadeCalidadSanitariadeAndalucía.Completelistofrecommendationsondesign,useandassessmentofhealthapps..2017-11-14.URL:http://http://www.calidadappsalud.com/en/listado-completo-recomendaciones-app-salud/.Accessed:2017-11-14.(Archivedathttp://www.webcitation.org/6uxxivo4I)

[6] HauteAutoritédeSanté,France,GoodPracticeGuidelinesonHealthAppsandSmartDevices(MobileHealthormHealth)October2016https://www.has-sante.fr/portail/jcms/c_2681915/fr/referentiel-de-bonnes-pratiques-sur-les-applications-et-les-objets-connectes-en-sante-mobile-health-ou-mhealth

[7] TheEuropeanCommission.DraftCodeofConductonprivacyformobilehealthapplications.2017-11-14.URL:https://ec.europa.eu/digital-single-market/en/news/code-conduct-privacy-mhealth-apps-has-been-finalised.Accessed:2017-11-14.

[8] Draft the first version of quality guidelines for Health Apps by HON Foundation URL:https://www.hon.ch/HONcode/GuidelinesHealthApps.html.Accessed:2018-02-04.

7 https://ec.europa.eu/digital-single-market/en/privacy-code-conduct-mobile-health-apps 8 http://www.heatlhcurator.org

30

UpdateonProgresswiththeNationalSummaryCareRecordsProgrammeinEngland

DrEmyrWynJones,SummaryCareRecord-ClinicalLead,NHSDigital,England

(emyrjones@nhs.net)The SummaryCareRecord(SCR) isanational record sharing solution,which supportsdirectpatientcarebyinformingthedecisionmakingofhealthandcareprofessionals,thusensuringsaferoutcomesfor patients. SCRs are electronic extracts sent from patients’ GP records and held securely on theinfrastructure known as the national Spine. Each SCR contains patient confidential key clinicalinformation.SCRswerecreatedfollowinglocalpublicinformationprogrammes(PIPs)involvingindividualmailingstoallpeopleinEnglandaged15¾yearsandover.TheSCRisan‘opt-out’consentmodel:only1.4%ofpatientswhoreceivedPIPmailingschosenottohaveanSCR.Morethan96%ofpeopleregisteredwitha GP practice in England (>55 million) now have an SCR containing core details of prescribedmedications,recordedallergiesandknownadversereactions.SCRscanonlybeviewedbystaffinorganisationswithaccesstothesecureHSCNnetwork.AllaccessestoSCRsareauditable.PrivacyOfficersineachorganisationwhereSCRsareviewedaretrainedhowtoauditaccessestomonitorappropriateness.SCRscanbeviewedonlybyhealthandcareprofessionalsproviding direct care to patients. Each authorised staff member has to have been issued with aSmartcardwithappropriateRoleBasedAccessControls(RBACs)confirmingalegitimateroletoallowaccess to confidential information. Around120,000 SCRs are viewed eachweek by health and careprofessionalsprovidingpatientcareinsettingsawayfromtheirGPsurgery.As per the NHS Care Records Guarantee, the patient’s permission to view should be obtained if thepatient is present and is judged to have capacity and the ability to give informed permission. Ifpermissioncannotbeobtainedfromthepatient(e.g.patientisconfusedorunconscious)thenaclinicaldecisioncanbemadetoviewtheSCRwithoutthepatient’spermission,providedthisisconsideredtobeinthepatient’sbestinterest.Over 90% of GP practices have improved functionality to populate SCRs with a set of additionalinformationthatincludes:significantmedicalhistory(pastandpresent);anticipatorycareinformation(e.g. information about the management of long term conditions); patient preferences (e.g.communicationneeds; agreedendof life carepackages)and immunisations. Enrichmentof the SCRwithAdditionalInformationrequiresthepatient’sexplicit(ratherthanimplied)consent.A Ministerial Review of the SCR Programme which reported in October 2010 concluded that: “WeshouldonlyconsiderexpandingthecontentoftheSummaryCareRecordwhenwehavebuilttrustinthesystem and when patients request that we do so. We therefore recommend that new governance beestablished.”TheReviewrecommendedthatthisgovernanceshould‘bedrivenbypatientsandcitizensinpartnershipwiththeprofessions’.The SCR Expert Advisory Committee (EAC) was created to meet this requirement, and ensure thatproposalstoexpandthescopeoftheSCRaresubjectedtodebateandanalysis,andappropriateadviceisprovidedtoNHSDigital. TheEACischairedbyapatientrepresentativeanditsmembershipincludesrepresentativesof professional andpatient organisations, the InformationCommissioner’sOffice andthePatientRecordsStandardsBoard(PRSB).TheNationalDataGuardian’sofficeiscurrentlyreviewingtheInformationGovernancecontrolswhichareinplacetosecureconfidentialityofpatientinformationintheSCRandtoensurecompliancewiththerequirementsoftheGDPRwhentheycomeintoforcein2018.

31

mHealthandtheManagementofChronicDiseases:TheRationaleforDevelopingaSuitableFramework

MrFaradJusob,DrCarlisleGeorge&DrGlenfordMapp,MiddlesexUniversity(FJ105@live.mdx.ac.uk)

Thepervasivenessofchronicillnessessuchasdiabetesandhighbloodpressurehasresultedintheneedto improve efficiencywhenmanaging patientswith these conditions. One suchway that this can befacilitated is through theuseofmobilehealth (mHealth) technologies that can collect real timedatafrompatientsandremotelymonitorthem,drasticallyreducingtheneedtovisitmedicalfacilitieswhichcaninturnreducehealthcarecosts.mHealthis“medicalandpublichealthpracticesupportedbymobiledevices, such as mobile phones, patient monitoring devices, personal digital assistants (PDAs), andotherwirelessdevices”(WHO,2011).Italsoincludesmobileapplications(apps)(Martinezetal,2014;Grindrodetal,2017)onsmartphonesthatareconnectedtoperipheralssuchaswearabletechnologies(e.g. activity trackers or smartwatches) and medical devices (Karim et al, 2014). Body sensors andmobileappsenablethecollectionofconsiderablemedical,physiological,dailyactivityandlifestyledatawhichisusedtofacilitatepersonalisedtreatmentforpatientsaswellasenableuserstomanagetheirownhealthbyself-assessment(EuropeanCommission,2014)The use of mHealth tomanage chronic diseases bringsmany privacy concerns. AnmHealth systemconsists of various events from the time that data is first collected from a patient to when data isreceived and analysed by amedical professional or researcher. Table 1 below describes events thatoccur when using amHealth system and associated privacy concerns discovered by various studiesreferencedinthetable.

Table1:PrivacyThreats/Concerns–mHealthandChronicDiseasesEvents PrivacyThreat/ConcernDatacollectionandactivitymonitoringusingwearablesorsensors.

-ContinuousMonitoring(Avanchaetal,2012)-VolumeofDataCollection(Steinhubletal,2015)-Invisibility(Brey,2005)

Transmissionofdata(e.g.betweenwearabledeviceandmobilephone,orphoneandserver)

-DataSecurity(Steinhubletal,2015)-Encryption(Avanchaetal,2012;Steinhubletal,2015)-Confidentiality(Harvey&Harvey,2014)

Locationtrackingusingmobilephones

-Profiling(Avanchaetal,2012)-Surveillance(Shilton,2009)

Sharingofdatawithhealthcarepractitionersandthirdparties(includingresearchers,insuranceproviders)

-DataUse(UnauthorisedorUnanticipated)(EuropeanCommission,2011)-Sharingofdata(Avanchaetal,2012)-Informationmisuse/abuse(EuropeanCommission,2011)

ManualdataInput -DataQuality(Avanchaetal,2012)

UseofMobileApps

-Encryption(McCarthy,2013)-DataControl(Arora&Nilse,2014)-Accessibility(Arora&Nilse,2014)-Disclosurerisks(Steinhubletal,2015)

DoctortoPatientCommunication -Confidentiality(Harvey&Harvey,2014)

Research by the authors of this paper on privacy frameworks and principles concluded that severalimportantframeworksandprinciplesexist.Someoftheseframeworksareapplicableinthecontextofhealthcare andothers aremore general innature.These frameworks include:HealthPrivacyProjectBestPracticePrinciples;Markle’sCommonFramework;Officeof theNationalCoordinator forHealthInformationTechnology(ONC)NationwidePrivacyandSecurityFrameworkforElectronicExchangeofIndividually Identifiable Health Information; Generally Accepted Privacy Principles; A PrivacyFramework forMobileHealthandHome-CareSystems;PrivacybyDesign;Organisation forEconomicCo-operationandDevelopmentPrinciples;ECPrivacyCodeofConductforMobileHealthApps;andTheGeneralDataProtectionRegulation.Further analysis (by the authors) of the frameworks identified above, concluded that no individualexisting privacy framework covers all privacy concerns regarding mHealth and the management of

32

chronicdiseases.Hence currentprivacy frameworksdonotadequatelyaddress theprivacy concernsregardingthemanagementofchronicdiseaseswhenusingmHealthsolutions.This paper asserts that the inadequacy of existing privacy frameworks to comprehensively addressprivacyconcernswhenusingmHealthforthemanagementofchronicdiseases,presentsacompellingrationale for the design of a suitable privacy framework for the use ofmHealth in this context. ThedesignofanynewprivacyframeworkformHealthinthiscontextmustaddresstheprivacythreatsatvarious eventswhenusinganmHealth system.Anewprivacy frameworkwould also considerotherissues aimed at supporting privacy such as: patient education; patient feedback; use of privacyenhancingtechnologies;useofprivacybydesignprinciples;andthecontinuousevaluationofprocessesandprocedures.ReferencesAroraS,YttriJ,NilseW(2014)Privacyandsecurityinmobilehealth(mHealth)research.AlcoholResCurrRev36:143–151

AvanchaS,BaxiAandKotzD(2012)Privacyinmobiletechnologyforpersonalhealthcare,ACMComputingSurveys(CSUR),45:1-54.

BreyP(2005)Freedomandprivacyinambientintelligence.EthicsInfTechnol7:157–166EuropeanCommission(2011)Advicepaperonspecialcategoriesofdata(“sensitivedata”).http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/others/2011_04_20_letter_artwp_mme_le_bail_directive_9546ec_annex1_en.pdf.Accessed15Jul2017

European Commission (2014) Green Paper on mobile Health (“mHealth”). Brussels, 10 April 2014,COM(2014)219final.

Grindrod,K.,Boersema, J.,Waked,K.,Smith,V.,Yang, J.,andGebotys,C. (2017).Locking itdown:Theprivacy and security of mobile medication apps. Canadian Pharmacists Journal / Revue DesPharmaciensDuCanada,150(1),60-66.doi:10.1177/1715163516680226

HarveyMJ,HarveyMG(2014)Privacyandsecurityissuesformobilehealthplatforms.JAssocInfSciTechnol65:1305–1318

Karim(2014) ICT:WearableTechnology–KARIMForesightReport. INTERREGIVB–207G,France.(online) http://www.karimnetwork.com/wp-content/uploads/2014/11/Wearable-Technology-Final_November2014.pdfAccessed03Jul2017

Martinez-Perez,B.,delaTorre-Diez,I.,Lopez-Coronado,M.,Sainz-de-Abajo,B.,Robles,M.,andGarcia-Gomez, J. (2014). Mobile clinical decision support systems and applications: A literature andcommercialreview.JournalofMedicalSystems,38(1)doi:10.1007/s10916-013-0004-y

McCarthyM(2013)Expertswarnondatasecurityinhealthandfitnessapps.BMJBrMedJ347(1):f5600.https://doi.org/10.1136/bmj.f5600

SteinhublSR,MuseEDandTopolEJ(2015)Theemergingfieldofmobilehealth.SciTranslMed7(283):283rv3.https://doi.org/10.1126/scitranslmed.aaa3487

WHO(2011)“mHealth–Newhorizonsforhealththroughmobiletechnologies,GlobalObservatoryforeHealthseries–Volume3”(online)www.who.int/goe/publications/goe_mhealth_web.pdf.Accessed15Jan2018

33

ProposingaNovelComprehensiveInformationSecurityFrameworkformHealth

MsNattaruedeeVithanwattana,DrGlenfordMapp&DrCarlisleGeorge,MiddlesexUniversity

(NV166@live.mdx.ac.uk)

The use of mobile and wireless technologies to support achievements in healthcare systems has anenormouspotentialtotransformthefaceofhealthcareacrosstheglobe[1].Intherecentyears,therehasbeenahuge increase in thenumberof these technologies to facilitatemobileHealthormHealth.mHealth covers “medical and public health practice supported by mobile devices, such as mobilephones,patientmonitoringdevices,personaldigitalassistants(PDAs),andotherwirelessdevices”[2].mHealthisasubsetofeHealth,usingthebenefitsfrominformationandcommunicationtechnologiestosupport the healthcare service.mHealth solutions include the use ofmobile devices, such asmobilephones,bodysensors,wirelessinfrastructures.Thesedevicesareusedincollectingclinicalhealthdata,anddeliveringhealthcareinformationtopatients,medicalprofessionals,andresearchers.Theyarealsoused for real-time monitoring of patients’ vital signs, such as heart rate, blood glucose level, bloodpressure,bodytemperature,andbrainactivities[3].mHealthenablesuserstomonitortheirownhealthstatus and directly facilitates healthcare data sharing with healthcare professionals anytime andanywhere.mHealth provides a significant potential to tackle the financial challenges of healthcare systems. Itdeliversmorepatient-focusedhealthcareand improves the efficiencyof healthcaresystems.mHealthprovides sustainable healthcare through better planning of patients’ treatment which reduces thenumber of unnecessary consultations. Moreover, mHealth solutions can help patients to take moreresponsibilityfortheirhealththroughthedeviceswhichcandetectandreporttheirvitalsigns,aswellasmobileapplicationsthatwillhelpthemtobemorefocusedontheirdietandmedication[4].InmHealthsystems,generallysensorswhichareembeddedintomobiledeviceswillcollecthealthcaredata from user using Bluetooth communication. Healthcare data collectedwill be stored indifferentdatabases including thedatabasesofmobiledevices andCloudstorage.Healthcaredata is classed as“sensitivedata”underdataprotectionlegislationrequiringstricterruleswhenprocessingcomparedtoordinarypersonaldata.Also,itmayrevealthestateofsomeone’shealthwhichhe/shemaynotwanttosharewitheveryone[5].Databasesstoringsuchsensitivedatarequireahighlevelofsecuritytoprotecttheconfidentialityofthedataandtopreventunauthorisedaccess.Generally,mHealth offers smart solutions to tackle challenges in healthcare. However, there are stillvariousissuesregardingthedevelopmentofmHealthsystems.OneofthemostcommondifficultiesindevelopingmHealth systems is protection the security of healthcare data. mHealth systems are stillvulnerabletonumeroussecurityissuesrelatingtoweaknessesintheirdesignandindatamanagement.Hence,thereisaneedtodevelopacomprehensiveinformationsecurityframeworkformHealth.AspartoftheanalysisinvolvedindevelopingacomprehensiveinformationsecurityformHealth,thispresentation will discuss the most essential security requirements for mHealth systems, assets inmHealth systems that need to be protected, threats which needs to be protect against, andvulnerabilities/weaknesses in mHealth systems. It will also propose possible countermeasures toaddressthreatsaspartofaproposednewcomprehensive informationsecurity framework toprotectthesecurityofhealthcaredatainmHealthsystems.

References1. WorldHealthOrganisation(2011)mHealth:Newhorizonsforhealththroughmobiletechnologies.[online]Availablefrom:http://www.who.int/goe/publications/goe_mhealth_web.pdf[Accessed:15November2016]

2. EuropeanCommission(2014)GREENPAPERonmobileHealth(“mHealth”).[online]Availablefrom:https://ec.europa.eu/digital-agenda/en/news/green-paper-mobile-health-mhealth[Accessed:15November2016]

34

3. GermanakosP.,MourlasC.,&SamarasG."AMobileAgentApproachforUbiquitousandPersonalizedeHealthInformationSystems"ProceedingsoftheWorkshopon'Personalizationfore-Health'ofthe10thInternationalConferenceonUserModeling(UM'05).Edinburgh,July29,2005,pp.67–70.

4. EuropeanCommission(2014)Healthcareinyourpocket:unlockingthepotentialofmHealth.[online]Availablefrom:http://europa.eu/rapid/press-release_IP-14-394_en.htm[Accessed:15November2016]

5. Vithanwattana,N,Mapp,G.&George,C.(2016)“mHealth–InvestigatinganInformationSecurityFrameworkformHealthData:ChallengesandPossibleSolutions”201612thInternationalConferenceonIntelligentEnvironments,IEEE,London,14-16September2016,p.258-261

35

BuildingAdvancedMedicalPlatforms:BenefitsandPossibleThreatsforDataStorageManagement

DrGlenfordMapp,AssociateProfessor,MiddlesexUniversity

(g.mapp@mdx.ac.uk)The need to store large volumes of data is powering the deployment of data storage infrastructuresbasedonCloudSystems.TheemergenceofAdvancedDigitalMedicalPlatforms(ADIMEPs)representsbothabenefitandaseriouschallenge to thesestoragesystems.This isbecausestorage forADIMEPsmustbehighlyscalableandreadilyaccessiblebyvariousparties;yetmustalsoprovideatotallysecuresystembecauseofthesensitivityofpatientdata. Inordertomeetthesechallenges, it is importanttorealise thatnosingle techniquewillworkbutacombinationofsecurityandstoragemechanismsarerequiredwhichmust be skillfully combined; including the use of capabilities for objects, people andstorage blocks; the development of secure Block servers to provide the basis of a scalable storagesystemandablock-chainsystemtotracktransactionsinthesystem.AdiagramoftheADIMEPsystemisshowninFigure1.

Figure1:FunctionalDiagramoftheADIMEPsystemThiscombinationofthesetechnologiesalongwithsecurecommunicationswillenableaverydynamicdistributedenvironmenttobebuilt.Theresultingsynergiesof thisapproach lead toahigher levelofefficiency and good-putwhich can bemigrated to other systems. This paper first examines the keycharacteristicsofADIMEPshighlightingthechallengesfordatastorageinthesesystems.Itthenlooksatsolutionsandmechanismsthatcanbeusedtoaddresstheconcernsthatareraised.Thetalkendswithlookingatimplementationissuesandthestandardisationoftheproposedsolutions.

36

AuthorIndex

BOYER,Celia…………………………………..………………………………………………………..…………….28

FISK,Malcolm…………………………………..……………………………………………………..…………….07

GEORGE,Carlisle…………………………………..………………………………………………..………………11

GOODMAN,Kenneth………………………………….……………………………………..……………………19

HARA,Sukhvinder…………………………………………………………………………..……………………...09

JONES,EmyrWyn…………………………………..………………………………………..……………………..30

JUSOB,Farad………………………………….………………………………………..…………………………….31

KALRA,Dipak…………………………………..……………………………………………..……………………...22

KOMNIOS,Ioannis………………………………….……………………………………..………………………..13

LÁSZLÓ,Mitzi………………………………….………………………………………..…………………………….15

LUCIVERO,Federica…………………………………………………………………..….………………………...26

MAPP,Glenford…………………………………………………………………………..…………………………..35

NAMORADO,Joana…………………………………………………………………..……………………………..06

THIMBLEBY,Harold…………………………………………………………………..….………………………...20

VITHANWATTANA,Nattaruedee……………………………………………..………………………………33

WAJID,Usman………………………………….……………………………………………..………………………24

WHITEHOUSE,Diane…………………………………………………………………..…………………………..17

37

ListofParticipants

• BLACKMAN,Tim,MiddlesexUniversity,London.• BOYER,Celia,HealthontheNet(HON)Foundation,Geneva.• COCKERTON,Tracey,MiddlesexUniversity,London.• COMLEY,Richard,MiddlesexUniversity,London.• CORY,Therese,BeechamResearch,London.• DUQUENOY,Penny,MiddlesexUniversity,London.• FISK,Malcolm,DeMontfortUniversity,Leicester.• GEORGE,Carlisle,MiddlesexUniversity,London.• GOODMAN,Kenneth,UniversityofMiami,USA.• GOTTERBARN,Don,EastTennesseeStateUniversity,USA.• HARA,Sukhvinder,MiddlesexUniversity,London.• HUBEJ,Tija,MiddlesexUniversity,London.• JAJA,Gogo,RoyalFreeNHSTrust,London.• JONES,EmyrWyn,NHSDigital,England.• JUSOB,Farad,MiddlesexUniversity,London.• KALRA,Dipak,UniversityCollegeLondon&TheEuropeanInstituteforInnovationforHealthData,

Ghent,Belgium.• KIMPPA,Kai,UniversityofTurku,Turku,Finland.• KURT-DICKSON,Aygen,LondonSchoolofEconomics,London.• KOMNIOS,Ioannis,TheKONFIDOProject,London.• LÁSZLÓ,Mitzi,OWN,Amsterdam,Netherlands.• LEONCE,Jasmine,EastandNorthHertfordshire,NHSTrust.• LUCIVERO,Federica,UniversityofOxford,Oxford.• NAMORADO,Joana,EuropeanCommission,Brussels,Belgium.• MAPP,Glenford,MiddlesexUniversity,London.• MARZANO,Lisa,MiddlesexUniversity,London.• PETRIDIS,MiltosMiddlesexUniversity,London.• PLOTKA,Malgorzata,DeMontfortUniversity,Leicester.• QAZI,Nadeem,MiddlesexUniversity,London.• SHAH,Sarwar,Guy’sandSt.Thomas’NHSFoundationTrust,London.• SINGH,Dinesh,UniversityofDelhi,Delhi.• SINGLETON,Peter,CambridgeHealthInformaticsLimited,Cambridge.• TAYLOR,Richard,InternationalBaccalaureate,Cardiff.• THIMBLEBY,Harold,SwanseaUniversity,Swansea.• VITHANWATTANA,Nattaruedee,MiddlesexUniversity,London.• WAJID,Usman,InformationCatalyst,Manchester.• WHITEHOUSE,Diane,TheCastlegateConsultancy,Malton.• WOLFF,Tony,RoyalFreeNHSTrust,London.• ZIELINSKI,Chris,UniversityofWinchester,Winchester.

38

ThankyoutoourWorkshopSponsors!!!!

FacultyofScienceandTechnologyMiddlesexUniversity,London,UK

http://www.mdx.ac.uk/about-us/our-faculties/faculty-of-science-and-technology

InstituteforBioethicsandHealthPolicyMillarSchoolofMedicineUniversityofMiami,USA

https://bioethics.miami.edu

TheCastlegateConsultancyUnitedKingdom

TheEuropeanCentrefortheStudyofEthics,LawandGovernance

inHealthInformationTechnologyOnline:http://ecelghit.org

Proceedingsofthe2018HealthITWorkshopon

DevelopmentsinICTandHealthcare-Legal,Ethical&SocialAspects8th&9thMarch2018

MiddlesexUniversity,London,UK

FacultyofScienceandTechnologyAspectsofLawandEthicsRelatedtoTechnology(ALERT)ResearchGrouphttp://www.eis.mdx.ac.uk/research/groups/Alert/ehealthwks2018/

39