Privacy as a Service in Digital Health

TL;DR

This paper proposes a privacy-as-a-service architecture for digital health that manages user consent and data sharing across multiple sources, enhancing security, interoperability, and enabling new health service models.

Contribution

It introduces a novel privacy-driven architecture integrating consent management, data security, and semantic descriptions to support interoperable health data sharing.

Findings

Enables reusable user consent management across diverse health data sources.

Integrates data security with semantic descriptions for interoperability.

Supports new business models and multi-provider health services.

Abstract

Privacy is a key challenge for continued digitalization of health. The forthcoming European General Data Protection Regulation (GDPR) is transforming this challenge into regulatory directives. User consent provisioning and coordinating across data services will be the keys in addressing this challenge. We suggest a privacy-driven architecture that provides tools for providing user consent as a service. This enables managing and reusing private health information between a large amount of data sources, individuals and services, even when they are not known beforehand. The proposed architecture integrates data security and semantic descriptions into a trust query framework to provide the required interoperability and co-operation support for future health services. This approach provides benefits for all stakeholders through safer data management, cost and process savings, multi-provider services, and services based on emerging new business models.