An official website of the United States government
Electronic Health Records (EHRs) have become increasingly popular in recent years, providing a convenient way to store, manage and share relevant information among healthcare providers. However, as EHRs contain sensitive personal information, ensuring their security and privacy is most important. This paper reviews the key aspects of EHR security and privacy, including authentication, access control, data encryption, auditing, and risk management. Additionally, the paper dis- cusses the legal and ethical issues surrounding EHRs, such as patient consent, data ownership, and breaches of confidentiality. Effective implementation of security and privacy measures in EHR systems requires a multi-disciplinary approach involving healthcare providers, IT specialists, and regulatory bodies. Ultimately, the goal is to come upon a balance between protecting patient privacy and ensuring timely access to critical medical information for feature healthcare delivery.
more »
« less
Dark Patterns and the Legal Requirements of Consent Banners: An Interaction Criticism Perspective
User engagement with data privacy and security through consent banners has become a ubiquitous part of interacting with internet services. While previous work has addressed consent banners from either interaction design, legal, and ethics-focused perspectives, little research addresses the connections among multiple disciplinary approaches, including tensions and opportunities that transcend disciplinary boundaries. In this paper, we draw together perspectives and commentary from HCI, design, privacy and data protection, and legal research communities, using the language and strategies of “dark patterns” to perform an interaction criticism reading of three different types of consent banners. Our analysis builds upon designer, interface, user, and social context lenses to raise tensions and synergies that arise together in complex, contingent, and conflicting ways in the act of designing consent banners. We conclude with opportunities for transdisciplinary dialogue across legal, ethical, computer science, and interactive systems scholarship to translate matters of ethical concern into public policy.
more »
« less
- Award ID(s):
- 1909714
- PAR ID:
- 10227998
- Date Published:
- Journal Name:
- CHI '21: Proceedings of the 2021 CHI Conference on Human Factors in Computing
- Page Range / eLocation ID:
- 1 to 18
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
As data privacy continues to be a crucial human-right concern as recognized by the UN, regulatory agencies have demanded developers obtain user permission before accessing user-sensitive data. Mainly through the use of privacy policies statements, developers fulfill their legal requirements to keep users abreast of the requests for their data. In addition, platforms such as Android enforces explicit permission request using the permission model. Nonetheless, recent research has shown that service providers hardly make full disclosure when requesting data in these statements. Neither is the current permission model designed to provide adequate informed consent. Often users have no clear understanding of the reason and scope of usage of the data request. This paper proposes an unambiguous, informed consent process that provides developers with a standardized method for declaring Intent. Our proposed Intent-aware permission architecture extends the current Android permission model with a precise mechanism for full disclosure of purpose and scope limitation. The design of which is based on an ontology study of data requests purposes. The overarching objective of this model is to ensure end-users are adequately informed before making decisions on their data. Additionally, this model has the potential to improve trust between end-users and developers.more » « less
-
Interaction design is playing an increasingly prominent role in computing research, while professional user experience roles expand. These forces drive the demand for more de- sign instruction in HCI classrooms. In this paper, we distill the popular approaches to teaching design to undergraduate and graduate students of HCI. Through a review of existing research on design pedagogy, an international survey of 61 HCI educators, and an analysis of popular textbooks, we explore the prominent disciplinary perspectives that shape design education in the HCI classroom. We draw on our analyses to discuss the differences we see in forms of design taught, approaches to adapting design instruction in computing-based courses, and the tensions faced by instructors of these classes. We conclude by arguing for the importance of pedagogical research on design instruction as a vital and foundational area of inquiry in Interaction Design and HCI.more » « less
-
Abstract Having the means to share research data openly is essential to modern science. For human research, a key aspect in this endeavor is obtaining consent from participants, not just to take part in a study, which is a basic ethical principle, but also to share their data with the scientific community. To ensure that the participants' privacy is respected, national and/or supranational regulations and laws are in place. It is, however, not always clear to researchers what the implications of those are, nor how to comply with them. The Open Brain Consent (https://open-brain-consent.readthedocs.io) is an international initiative that aims to provide researchers in the brain imaging community with information about data sharing options and tools. We present here a short history of this project and its latest developments, and share pointers to consent forms, including a template consent form that is compliant with the EU general data protection regulation. We also share pointers to an associated data user agreement that is not only useful in the EU context, but also for any researchers dealing with personal (clinical) data elsewhere.more » « less
-
null (Ed.)Analysis of municipal wastewater, or sewage for public health applications is a rapidly expanding field aimed at understanding emerging epidemiological trends, including human and disease migration. The newly gained ability to extract and analyze genetic material from wastewater poses important societal and ethical questions, including: How to safeguard data? Who owns genetic data recovered from wastewater? What are the ethical and legal issues surrounding its use? In the U.S., both corporate and legal policies regarding privacy have been historically reactive instead of proactive. In wastewater-based epidemiology (WBE), the pace of innovation has outpaced the ability of social and legal mechanisms to keep up. To address this discrepancy, early and robust discussions of the research, policies, and ethics surrounding WBE analysis and genetics is needed. This paper contributes to this discussion by examining ownership issues for human genetic data recovered from wastewater and the uses to which it may be put. We focus particularly on the risks associated with personally identifiable data, highlighting potential risks, relevant privacy-enhancing technologies, and appropriate ethics. The paper proposes an approach for people conducting WBE studies to help them systematically consider the ethical and privacy implications of their work.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1145/3411764.3445779
