Security and privacy issues for mobile health

Security and privacy have been well established as major considerations in health informatics generally (Rindfleisch 1997). A challenge for healthcare innovation is to embrace the potential of mobile health creatively within the healthcare system and not to merely replicate current technologies into a parallel wireless environment. In addressing this challenge, the complexities of securing health information along a composite clinical information pathway and in each situation of use must be defined. This chapter, as the title rellects, is targeted at identifying the issues in mobile health security and privacy rather tlmn solving them. The reason for this is that these are human and organisational concerns, and cannot be addressed simply by adopting a purely technical perspective. This chapter expands on the issues associated with security and privacy rather than the solutions because, whilst the solutions are included and described in necessarily broad terms, each mhealth situation is unique. Indeed, to date one of the particular problems facing mhealth, in its relative infancy, is the ability to apply consistency in standardisation and interoperability of mhealth solutions (Williams & McCauley, 2013). Currently the development of each mhealth solution is distinctive, and the specific nature of these designed systems limits their wider applicability. This is not unusual in the early stages of development of new technology. Whilst it is possible to provide a list of generic security and privacy solutions, such as the parameters of access control, encryption, and public key infrastructure (PKI), each generic solution is a major topic in its own right and is well described in literature elsewhere. The purpose of this chapter is to provide guidance on what to address, given the breadth of the topic of mhealth in an environment characterised by rapid evolution.