Abstract
The purpose of this chapter is to present a comprehensive approach to the problem of privacy protection in healthcare social networks, to summarize threats and suggest emerging technological solutions to protect users. For this purpose we start with a definition of the term “privacy” and how it evolved through time. We continue within the context of social networks and highlight the main privacy issues and threats for network members. In addition, we analyze the Common Criteria for IT security evaluation that apply to privacy, under the prism of Healthcare Social Networks (HSNs) and present tools and methods that may enhance privacy in such networks. Finally, we provide examples of popular HSNs, categorized according to the purpose they serve and discuss the privacy challenges for them.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In autumn 2007, a weak security model has been reported for Sermo network, which allowed non-physician applicants to register as physicians using false identities from the Internet.
- 2.
Infographic provided by MEdTech Media at: http://www.medtechmedia.com/files/medtech_images/Infographic_SOCIAL_MEDIA_SURVEY_AMN_HEALTHCARE.jpg
- 3.
- 4.
Health information privacy: business associates. Available at http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/businessassociates.html. Accessed June 5, 2015.
- 5.
Privacy Enhancing Technologies—META Group Report v 1.1. 2005. Available for download from: https://danskprivacynet.files.wordpress.com/2008/07/rapportvedrprivacyenhancingtechno logies.pdf
- 6.
HL7 Privacy, Access and Security Services (PASS) Specification. Ann Arbor, MI, USA: HL 7 International. Available for download from: http://wiki.siframework.org/file/view/PASS+Access+Control+Conceptual+Model+Release+1.0.pdf.
- 7.
Social Media in Healthcare: Privacy and Security Considerations. HIMSS White Paper. Available for download from: http://himss.files.cms-plus.com/HIMSSorg/Content/files/Social_Media_Healthcare_WP_Final.pdf.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
References
Apostolakis, I., Koulierakis, G., Berler, A., Chryssanthou, A., Varlamis, I.: Use of social media by healthcare professionals in greece: an exploratory study. Int. J. Electron. Healthc. 7(2), 105–124 (2012)
Barnes, J.A.: Class and Committees in a Norwegian Island Parish. Plenum, New York (1954)
Bennett, C.J., Parsons, C., Molnar, A.: Forgetting, non-forgetting and quasi-forgetting in social networking: Canadian policy and corporate practice. In: Reloading Data Protection, pp. 41–59. Springer, New York (2014)
Chryssanthou, A., Varlamis, I., Latsiou, C.: A risk management model for securing virtual healthcare communities. Int. J. Electron. Healthc. 6(2–4), 95–116 (2011)
Cutillo, L.A., Manulis, M., Strufe, T.: Security and privacy in online social networks. In: Handbook of Social Network Technologies and Applications, pp. 497–522. Springer, New York (2010)
Damschroder, L.J., Pritts, J.L., Neblo, M.A., Kalarickal, R.J., Creswell, J.W., Hayward, R.A.: Patients, privacy and trust: patients’ willingness to allow researchers to access their medical records. Soc. Sci. Med. 64(1), 223–235 (2007)
Eckersley, P.: How unique is your web browser? In: Privacy Enhancing Technologies, pp. 1–18. Springer, New York (2010)
Ellison, N.B., et al.: Social network sites: Definition, history, and scholarship. J. Comput.-Mediat. Commun. 13(1), 210–230 (2007)
Eysenbach, G.: Infodemiology and infoveillance: tracking online health information and cyberbehavior for public health. Am. J. Prev. Med. 40(5), S154–S158 (2011)
Finn, R.L., Wright, D., Friedewald, M.: Seven types of privacy. In: European Data Protection: Coming of Age, pp. 3–32. Springer, New York (2013)
Fritsch, L.: State of the art of privacy-enhancing technology (pet). Deliverable D2 1 (2007)
Fung, B., Wang, K., Chen, R., Yu, P.S.: Privacy-preserving data publishing: a survey of recent developments. ACM Comput. Surv. 42(4), 14 (2010)
Gkoulalas-Divanis, A., Loukides, G., Sun, J.: Publishing data from electronic health records while preserving privacy: a survey of algorithms. J. Biomed. Inform. 50, 4–19 (2014)
Glozier, N., Christensen, H., Naismith, S., Cockayne, N., Donkin, L., Neal, B., Mackinnon, A., Hickie, I.: Internet-delivered cognitive behavioural therapy for adults with mild to moderate depression and high cardiovascular disease risks: a randomised attention-controlled trial. PLoS ONE 8(3) (2013)
Grajales III, F.J., Sheps, S., Ho, K., Novak-Lauscher, H., Eysenbach, G.: Social media: a review and tutorial of applications in medicine and health care. J. Med. Internet Res. 16(2), e13 (2014)
Hogben, G.: Security issues and recommendations for online social networks. ENISA Position Paper 1, 1–36 (2007)
Holvast, J.: History of privacy. In: Matyas, V., Fischer-Hubner, S., Cvrcek, D., Svenda, P. (eds.) The Future of Identity in the Information Society. IFIP Advances in Information and Communication Technology, vol. 298, pp. 13–42. Springer, Heidelberg (2009). doi:10.1007/978-3-642-03315-5_2. http://dx.doi.org/10.1007/978-3-642-03315-5_2
Kalloniatis, C., Mouratidis, H., Vassilis, M., Islam, S., Gritzalis, S., Kavakli, E.: Towards the design of secure and privacy-oriented information systems in the cloud: identifying the major concepts. Comput. Stand. Interfaces 36(4), 759–775 (2014)
Koorn, R., van Gils, H., ter Hart, J., Overbeek, P., Tellegen, R., Borking, J.: Privacy enhancing technologies, white paper for decision makers. Ministry of the Interior and Kingdom Relations, the Netherlands (2004)
Krishnamurthy, B., Wills, C.E.: On the leakage of personally identifiable information via online social networks. In: Proceedings of the 2nd ACM Workshop on Online Social Networks, pp. 7–12. ACM, New York (2009)
Mitrou, L.: Privacy challenges and perspectives in europe. In: An Information Law for the 21st Century, pp. 704–718. Nomiki Vivliothiki, Athens (2011)
Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: Anonymity, unlinkability, unobservability, pseudonymity, and identity management-version v0. 34. TU Dresden and ULD Kiel, Tech. Rep (2011)
Robinson, N., Graux, H., Botterman, M., Valeri, L.: Review of eu data protection directive: summary. Information Commissioner’s Office (2009)
Rosenberg, R.S.: The Social Impact of Computers. Elsevier, Amsterdam (2013)
Rowe, M., Ciravegna, F.: Disambiguating identity through social circles and social data. In: 1st International Workshop on Collective Semantics: Collective Intelligence & the Semantic Web (CISWeb 2008) (2008). Proceedings of the CISWeb Workshop, located at the 5th European Semantic Web Conference ESWC 2008 Tenerife, Spain, 2 June 2008
Serenko, N., Fan, L.: Patients’ perceptions of privacy and their outcomes in healthcare. Int. J. Behav. Healthc. Res. 4(2), 101–122 (2013)
Stuart, A.H.: Online privacy policies: contracting away control over personal information? Penn State Law Rev. 111(3), 587–624 (2007)
Swan, M.: Emerging patient-driven health care models: an examination of health social networks, consumer personalized medicine and quantified self-tracking. Int. J. Environ. Res. Public Health 6(2), 492–525 (2009)
Torabi, S., Beznosov, K.: Privacy aspects of health related information sharing in online social networks. In: Proceedings of the 2013 USENIX Conference on Safety, Security, Privacy and Interoperability of Health Information Technologies, pp. 3–3. USENIX Association, Berkeley (2013)
Van Blarkom, G., Borking, J., Olk, J.: Handbook of privacy and privacy-enhancing technologies. Privacy Incorporated Software Agent (PISA) Consortium, The Hague (2003)
Warren, S.D., Brandeis, L.D.: The right to privacy. Harv. Law Rev. 4, 193–220 (1890)
Westin, A.F.: Privacy and freedom. Wash. Lee Law Rev. 25(1), 166 (1968)
Wicks, P., Massagli, M., Frost, J., Brownstein, C., Okun, S., Vaughan, T., Bradley, R., Heywood, J.: Sharing health data for better outcomes on patientslikeme. J. Med. Internet Res. 12(2), e19 (2010)
Wondracek, G., Holz, T., Kirda, E., Kruegel, C.: A practical attack to de-anonymize social network users. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 223–238. IEEE (2010)
Yanes, A.: Privacy and anonymity. arXiv preprint (2014) [arXiv:1407.0423]
Yeratziotis, A., Van Greunen, D., Pottas, D.: A framework for evaluating usable security: the case of online health social networks. In: HAISA, pp. 97–107 (2012)
Zilpelwar, R.A., Bedi, R.K., Wadhai, V.: An overview of privacy and security in SNS. International Journal of P2P Network Trends and Technology, 2(1), 23–26 (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Bertsima, M., Varlamis, I., Rizomiliotis, P. (2015). Strengthening Privacy in Healthcare Social Networks. In: Gkoulalas-Divanis, A., Loukides, G. (eds) Medical Data Privacy Handbook. Springer, Cham. https://doi.org/10.1007/978-3-319-23633-9_23
Download citation
DOI: https://doi.org/10.1007/978-3-319-23633-9_23
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23632-2
Online ISBN: 978-3-319-23633-9
eBook Packages: Computer ScienceComputer Science (R0)