Towards Privacy by Design in Personal e-Health Systems

George Drosatos, Pavlos S. Efraimidis, Garrath Williams, Eleni Kaldoudi


Personal e-health systems are the next generation of e-health applications and their goal is to assist patients in managing their disease and to help both patients and healthy people maintain behaviours that promote health. To do this, e-health systems collect, process, store and communicate the individual’s personal data. This paper presents an analysis of personal e-health systems and identifies privacy issues as a first step towards a ‘privacy by design’ methodology and practical guidelines.


  1. Camenisch, J., Lysyanskaya, A., 2001. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In EUROCRYPT 7801, Advances in Cryptology. Springer Berlin Heidelberg, 93-118.
  2. CARRE Project, accessed 1 Nov. 2015. Personalized patient empowerment and shared decision support for cardiorenal disease and comorbidities. Funded by European Commission (No. 611140),
  3. Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J. H., Metayer, D. L., Tirtea, R., & Schiffner, S., 2015. Privacy and Data Protection by Design-from policy to engineering. European Network and Information Security Agency (ENISA).
  4. Dingledine, R., Mathewson, N., Syverson, P., 2004. Tor: the second-generation onion router. In Proc. of the 13th USENIX security symposium, 303-320.
  5. Drosatos, G., Efraimidis, P. S., 2014. User-centric privacy-preserving statistical analysis of ubiquitous health monitoring data. Computer Science and Information Systems, 11(2), 525-548.
  6. Drosatos, G., Efraimidis, P. S., Arampatzis, A., Stamatelatos, G., Athanasiadis, I. N., 2015. Pythia: A Privacyenhanced Personalized Contextual Suggestion System for Tourism. In COMPSAC 7815, Proc. of the 39th Annual IEEE Computer Software and Applications Conference. IEEE, 822-827.
  7. European Commission, 2012. Proposal for a Regulation of the European Parliament and of the Council on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (General Data Protection Regulation), f.
  8. European Commission, 2014. Green Paper on Mobile Health (“mHealth”) (SWD (2014) 135 Final).
  9. European Parliament, 24 Oct. 1995. Directive 95/46/EC. In Official Journal L 281, 0031-0050.
  10. Fung, B., Wang, K., Chen, R., Yu, P. S., 2010. Privacypreserving data publishing: A survey of recent developments. ACM Computing Surveys (CSUR), 42(4), 14.
  11. Hansen, M., 2012. Top 10 mistakes in system design from a privacy perspective and privacy protection goals. In Privacy and Identity Management for Life. Springer Berlin Heidelberg, 14-31.
  12. Hoepman, J. H., 2015. Privately (and Unlinkably) Exchanging Messages Using a Public Bulletin Board. In Proc. of the 14th ACM Workshop on Privacy in the Electronic Society. ACM, 85-94.
  13. Johansen, M. A., & Henriksen, E., 2014. The evolution of personal health records and their role for selfmanagement: A literature review. Stud Health Technol Inform, 205:458-462.
  14. Kamara, S., Lauter, K., 2010. Cryptographic cloud storage. In Financial Cryptography and Data Security. Springer Berlin Heidelberg, 136-149.
  15. Kierkegaard, P., 2012. Medical data breaches: Notification delayed is notification denied. Computer Law & Security Review, 28(2), 163-183.
  16. Layouni, M., Verslype, K., Sandikkaya, M. T., De Decker, B., Vangheluwe, H., 2009. Privacy-preserving telemonitoring for ehealth. In Data and Applications Security XXIII. Springer Berlin Heidelberg, 95-110.
  17. Lindell, Y., Pinkas, B., 2009. Secure multiparty computation for privacy-preserving data mining.
  18. Journal of Privacy and Confidentiality, 1(1), 59-98.
  19. HealthVault, accessed 1 Nov. 2015. A web-based platform to store and maintain health and fitness information. Microsoft Corporation,
  20. Mosa, A. S. M., Yoo, I., Sheets, L., 2012. A systematic review of healthcare applications for smartphones. BMC Med Inform Decis Making, 12(1), 1-31.
  21. MyHealthAvatar Project, accessed 1 Nov. 2015. A demonstration of 4D digital avatar infrastructure for access of complete patient information. Funded by European Commission (No. 600929),
  22. Narayanan, A., Shmatikov, V., 2010. Myths and fallacies of personally identifiable information. Communications of the ACM, 53(6), 24-26.
  23. Pantelopoulos, A., Bourbakis, N. G., 2010. A survey on wearable sensor-based systems for health monitoring and prognosis. IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, 40(1), 1-12.
  24. Pass, G., Chowdhury, A., Torgeson, C., 2006. A picture of search. In InfoScale 7806, Proc. of the 1st international conference on Scalable information systems. ACM Press.
  25. Romero-Tris, C., Viejo, A., Castellà-Roca, J., 2015. Multiparty methods for privacy-preserving web search: Survey and contributions. In Advanced Research in Data Privacy. Springer International Publishing, 367- 387.
  26. Samoocha, D., Bruinvels, D. J., Elbers, N. A., Anema, J. R., van der Beek, A. J., 2010. Effectiveness of webbased interventions on patient empowerment: a systematic review and meta-analysis. J Med Internet Res, 12(2).
  27. Smart, N., Rijmen, V., Gierlichs, B., Paterson, K. G., Stam, M., Warinschi, B., Watson, G., 2014a. Algorithms, key size and parameters report. European Network and Information Security Agency (ENISA).
  28. Smart, N., Rijmen, V., Stam, M., Warinschi, B., Watson, G., 2014b. Study on cryptographic protocols. European Network and Information Security Agency (ENISA), Report TP-06-14-085-EN-N, 11.
  29. Swan, M., 2012. Sensor Mania! The Internet of things, wearable computing, objective metrics, and the quantified self 2.0. J Sens Actuator Netw, 1, 217-253.
  30. Teng, X. F., Zhang, Y. T., Poon, C. C., Bonato, P., 2008. Wearable medical systems for p-health. IEEE Reviews in Biomedical Engineering, 1, 62-74.

Paper Citation

in Harvard Style

Drosatos G., Efraimidis P., Williams G. and Kaldoudi E. (2016). Towards Privacy by Design in Personal e-Health Systems . In Proceedings of the 9th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5: HEALTHINF, (BIOSTEC 2016) ISBN 978-989-758-170-0, pages 472-477. DOI: 10.5220/0005821404720477

in Bibtex Style

author={George Drosatos and Pavlos S. Efraimidis and Garrath Williams and Eleni Kaldoudi},
title={Towards Privacy by Design in Personal e-Health Systems},
booktitle={Proceedings of the 9th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5: HEALTHINF, (BIOSTEC 2016)},

in EndNote Style

JO - Proceedings of the 9th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5: HEALTHINF, (BIOSTEC 2016)
TI - Towards Privacy by Design in Personal e-Health Systems
SN - 978-989-758-170-0
AU - Drosatos G.
AU - Efraimidis P.
AU - Williams G.
AU - Kaldoudi E.
PY - 2016
SP - 472
EP - 477
DO - 10.5220/0005821404720477