Personal health data - Privacy policy harmonization and global enforcement

This workshop is jointly organized by EFMI Working Groups Security, Safety and Ethics and Personal Portable Devices in cooperation with IMIA Working Group "Security in Health Information Systems". In contemporary healthcare and personal health management the collection and use of personal health information takes place in different contexts and jurisdictions. Global use of health data is also expanding. The approach taken by different experts, health service providers, data subjects and secondary users in understanding privacy and the privacy expectations others may have is strongly context dependent. To make eHealth, global healthcare, mHealth and personal health management successful and to enable fair secondary use of personal health data, it is necessary to find a practical and functional balance between privacy expectations of stakeholder groups. The workshop will highlight these privacy concerns by presenting different cases and approaches. Workshop participants will analyse stakeholder privacy expectations that take place in different real-life contexts such as portable health devices and personal health records, and develop a mechanism to balance them in such a way that global protection of health data and its meaningful use is realized simultaneously. Based on the results of the workshop, initial requirements for a global healthcare information certification framework will be developed.

Examination of the influence of personal attributes on consumer use on m-services

The rapid uptake of mobile devices has created the capacity to provide services to consumers while they are on the move, and new mobile services (m-services) are constantly emerging. In past research, personal attributes have been found to be import ant in the adoption and use of information and communication technology. However, little research has been conducted in the area of m-services. To explore factors influencing the use of these services, this paper examines personal attributes in terms of motivational, attitudinal and demographic characteristics. Specifically, it investigates the influence of innovativeness, self- efficacy, involvement and impulsiveness, as well as age and gender on m-services use . Data were collected from a convenience sample of 250 respondents using an online survey and a modified snowball procedure. Age and gender were quite well balanced in the sample. The multiple regression model was significant and the hypotheses relating to the positive relationship between impulsiveness, involvement and gender and m-services were supported. Findings are discussed, further implications for managers are suggested and directions for future research are proposed.

A time-variant medical data trustworthiness assessment model

Electronic Health Record (EHR) systems are being introduced to overcome the limitations associated with paper-based and isolated Electronic Medical Record (EMR) systems. This is accomplished by aggregating medical data and consolidating them in one digital repository. Though an EHR system provides obvious functional benefits, there is a growing concern about the privacy and reliability (trustworthiness) of Electronic Health Records. Security requirements such as confidentiality, integrity, and availability can be satisfied by traditional hard security mechanisms. However, measuring data trustworthiness from the perspective of data entry is an issue that cannot be solved with traditional mechanisms, especially since degrees of trust change over time. In this paper, we introduce a Time-variant Medical Data Trustworthiness (TMDT) assessment model to evaluate the trustworthiness of medical data by evaluating the trustworthiness of its sources, namely the healthcare organisation where the data was created and the medical practitioner who diagnosed the patient and authorised entry of this data into the patient’s medical record, with respect to a certain period of time. The result can then be used by the EHR system to manipulate health record metadata to alert medical practitioners relying on the information to possible reliability problems.

Legal Issues Relating to the Notification of Australian Data Breaches

Advances in information and communications technologies during the last two decades have allowed organisations to capture and utilise data on a vast scale, thus heightening the importance of adequate measures for protecting unauthorised disclosure of personal information. In this respect, data breach notification has emerged as an issue of increasing importance throughout the world. It has been the subject of law reform in the United States and in other international jurisdictions. Following the Australian Law Reform Commission’s review of privacy, data breach notification will soon be addressed in Australia. This article provides a review of US and Australian legal initiatives regarding the notification of data breaches. The authors highlight areas of concern based on the extant US literature that require specific consideration in Australia regarding the development of an Australian legal framework for the notification of data breaches.

Personal Access Tutor - helping students to learn MS Access

The paper describes Personal Access Tutor (PAT),an Intelligent Tutoring System which helps students to learn how to create forms and reports in MS Access. We present the architecture and components of PAT and also the services that PAT provides to the students. Results for an external (system) evaluation of PAT (both qualitative and quantitative data) are presented and discussed.

How can we exploit mobile data to customise learning based on a student’s environmental surroundings?

User-Based intelligent systems are already commonplace in a student’s online digital life. Each time they browse, search, buy, join, comment, play, travel, upload, download, a system collects, analyses and processes data in an effort to customise content and further improve services. This panel session will explore how intelligent systems, particularly those that gather data from mobile devices, can offer new possibilities to assist in the delivery of customised, personal and engaging learning experiences. The value of intelligent systems for education lies in their ability to formulate authentic and complex learner profiles that bring together and systematically integrate a student’s personal world with a formal curriculum framework. As we well know, a mobile device can collect data relating to a student’s interests (gathered from search history, applications and communications), location, surroundings and proximity to others (GPS, Bluetooth). However, what has been less explored is the opportunity for a mobile device to map the movements and activities of a student from moment to moment and over time. This longitudinal data provides a holistic profile of a student, their state and surroundings. Analysing this data may allow us to identify patterns that reveal a student’s learning processes; when and where they work best and for how long. Through revealing a student’s state and surroundings outside of schools hour, this longitudinal data may also highlight opportunities to transform a student’s everyday world into an inventory for learning, punctuating their surroundings with learning recommendations. This would in turn lead to new ways to acknowledge and validate and foster informal learning, making it legitimate within a formal curriculum.

Data-driven background dataset selection for SVM-based speaker verification

The recently proposed data-driven background dataset refinement technique provides a means of selecting an informative background for support vector machine (SVM)-based speaker verification systems. This paper investigates the characteristics of the impostor examples in such highly-informative background datasets. Data-driven dataset refinement individually evaluates the suitability of candidate impostor examples for the SVM background prior to selecting the highest-ranking examples as a refined background dataset. Further, the characteristics of the refined dataset were analysed to investigate the desired traits of an informative SVM background. The most informative examples of the refined dataset were found to consist of large amounts of active speech and distinctive language characteristics. The data-driven refinement technique was shown to filter the set of candidate impostor examples to produce a more disperse representation of the impostor population in the SVM kernel space, thereby reducing the number of redundant and less-informative examples in the background dataset. Furthermore, data-driven refinement was shown to provide performance gains when applied to the difficult task of refining a small candidate dataset that was mis-matched to the evaluation conditions.

Exploiting multiple feature sets in data-driven impostor dataset selection for speaker verification

This study assesses the recently proposed data-driven background dataset refinement technique for speaker verification using alternate SVM feature sets to the GMM supervector features for which it was originally designed. The performance improvements brought about in each trialled SVM configuration demonstrate the versatility of background dataset refinement. This work also extends on the originally proposed technique to exploit support vector coefficients as an impostor suitability metric in the data-driven selection process. Using support vector coefficients improved the performance of the refined datasets in the evaluation of unseen data. Further, attempts are made to exploit the differences in impostor example suitability measures from varying features spaces to provide added robustness.

Data muling over underwater wireless sensor networks using an autonomous underwater vehicle

We present algorithms, systems, and experimental results for underwater data muling. In data muling a mobile agent interacts with static agents to upload, download, or transport data to a different physical location. We consider a system comprising an Autonomous Underwater Vehicle (AUV) and many static Underwater Sensor Nodes (USN) networked together optically and acoustically. The AUV can locate the static nodes using vision and hover above the static nodes for data upload. We describe the hardware and software architecture of this underwater system, as well as experimental data. © 2006 IEEE.

Gifted young adolescents and email : developing a personal language of self

This paper reports on the use of email as a means to access the self-constructions of gifted young adolescents. Australian research shows that gifted young adolescents may feel more lonely and misunderstood than their same-age counterparts, yet they are seldom asked about their lives. Emerging use of online methods as a means of access to individual lives and perceptions has demonstrated the potential offered by the creation of digital texts as narrative data. Details are given of a qualitative study that engaged twelve children aged between 10 and 14 years, who were screened for giftedness, in a project involving the generation of emailed journal entries sent over a period of 6 months. With emphasis on participatory principles, individual young adolescents produced self-managed journal entries that were written and sent to the researcher from personal computers outside the school setting. Drawing from a theoretical understanding of self as constructed within dialogic relationships, the digital setting of email is proposed as a narrative space that fosters healthy self-disclosure. This paper outlines the benefits of using email as a means to explore emotions, promote reflective accounts of self and support the development of a personal language for self-expression. Individual excerpts will be presented to show that the harnessing of personal narratives within an email context has potential to yield valuable insights into the emotions, personal realities and experiences of gifted young adolescents. Findings will be presented to show that the co-construction of self-expressive and explanatory narratives supported by a facilitative adult listener promoted healthy self-awareness amongst participants. This paper contributes to appreciative conversations about using online methods as a flexible and practical avenue for conducting educational research. Furthermore, digital writing in email form will be presented as having distinct advantages over face-to-face methods when utilised with gifted young adolescents who may be unwilling to disclose information within school-based settings.

An initial technology roadmap for home automation : home and personal life management

Home Automation (HA) has emerged as a prominent ¯eld for researchers and in- vestors confronting the challenge of penetrating the average home user market with products and services emerging from technology based vision. In spite of many technology contri- butions, there is a latent demand for a®ordable and pragmatic assistive technologies for pro-active handling of complex lifestyle related problems faced by home users. This study has pioneered to develop an Initial Technology Roadmap for HA (ITRHA) that formulates a need based vision of 10-15 years, identifying market, product and technology investment opportunities, focusing on those aspects of HA contributing to e±cient management of home and personal life. The concept of Family Life Cycle is developed to understand the temporal needs of family. In order to formally describe a coherent set of family processes, their relationships, and interaction with external elements, a reference model named Fam- ily System is established that identi¯es External Entities, 7 major Family Processes, and 7 subsystems-Finance, Meals, Health, Education, Career, Housing, and Socialisation. Anal- ysis of these subsystems reveals Soft, Hard and Hybrid processes. Rectifying the lack of formal methods for eliciting future user requirements and reassessing evolving market needs, this study has developed a novel method called Requirement Elicitation of Future Users by Systems Scenario (REFUSS), integrating process modelling, and scenario technique within the framework of roadmapping. The REFUSS is used to systematically derive process au- tomation needs relating the process knowledge to future user characteristics identi¯ed from scenarios created to visualise di®erent futures with richly detailed information on lifestyle trends thus enabling learning about the future requirements. Revealing an addressable market size estimate of billions of dollars per annum this research has developed innovative ideas on software based products including Document Management Systems facilitating automated collection, easy retrieval of all documents, In- formation Management System automating information services and Ubiquitous Intelligent System empowering the highly mobile home users with ambient intelligence. Other product ideas include robotic devices of versatile Kitchen Hand and Cleaner Arm that can be time saving. Materialisation of these products require technology investment initiating further research in areas of data extraction, and information integration as well as manipulation and perception, sensor actuator system, tactile sensing, odour detection, and robotic controller. This study recommends new policies on electronic data delivery from service providers as well as new standards on XML based document structure and format.

Mental health outcomes for unemployed individuals who attend occupational skills / personal development training programs

Four studies report on outcomes for long-term unemployed individuals who attend occupational skills/personal development training courses in Australia. Levels of distress, depression, guilt, anger, helplessness, positive and negative affect, life satisfaction and self esteem were used as measures of well-being. Employment value, employment expectations and employment commitment were used as measures of work attitude. Social support, financial strain, and use of community resources were used as measures of life situation. Other variables investigated were causal attribution, unemployment blame, levels of coping, self efficacy, the personality variable of neuroticism, the psycho-social climate of the training course, and changes to occupational status. Training courses were (a) government funded occupational skills-based programs which included some components of personal development training, and (b) a specially developed course which focused exclusively on improving well-being, and which utilised the cognitive-behavioural therapy (CBT) approach. Data for all studies were collected longitudinally by having subjects complete questionnaires pre-course, post-course, and (for 3 of the 4 studies) at 3 months follow-up, in order to investigate long-term effects. One of the studies utilised the case-study methodology and was designed to be illustrative and assist in interpreting the quantitative data from the other 3 evaluations. The outcomes for participants were contrasted with control subjects who met the same sel~tion criteria for training. Results confirmed earlier findings that the experiences of unemployment were negative. Immediate effects of the courses were to improve well-being. Improvements were greater for those who attended courses with higher levels of personal development input, and the best results were obtained from the specially developed CBT program. Participants who had lower levels of well-being at the beginning of the courses did better as a result of training than those who were already functioning at higher levels. Course participants gained only marginal advantages over control subjects in relation to improving their occupational status. Many of the short term well-being gains made as a result of attending the courses were still evident at 3 months follow-up. Best results were achieved for the specially designed CBT program. Results were discussed in the context of prevailing theories of Ynemployment (Fryer, 1986,1988; Jahoda, 1981, 1982; Warr, 1987a, 1987b).

Stakeholder perspectives regarding the mandatory notification of Australian data breaches

The advent of data breach notification laws in the United States (US) has unearthed a significant problem involving the mismanagement of personal information by a range of public and private sector organisations. At present, there is currently no statutory obligation under Australian law requiring public or private sector organisations to report a data breach of personal information to law enforcement agencies or affected persons. However, following a comprehensive review of Australian privacy law, the Australian Law Reform Commission (ALRC) has recommended the introduction of a mandatory data breach notification scheme. The issue of data breach notification has ignited fierce debate amongst stakeholders, especially larger private sector entities. The purpose of this article is to document the perspectives of key industry and government representatives to identify their standpoints regarding an appropriate regulatory approach to data breach notification in Australia.

The mandatory notification of data breaches : issues arising for Australian and EU legal developments

Public and private sector organisations are now able to capture and utilise data on a vast scale, thus heightening the importance of adequate measures for protecting unauthorised disclosure of personal information. In this respect, data breach notification has emerged as an issue of increasing importance throughout the world. It has been the subject of law reform in the United States and in other jurisdictions. This article reviews US, Australian and EU legal developments regarding the mandatory notification of data breaches. The authors highlight areas of concern based on the extant US experience that require further consideration in Australia and in the EU.

The Conceptual Basis of Personal Information in Australian Privacy Law

Australian privacy law regulates how government agencies and private sector organisations collect, store and use personal information. A coherent conceptual basis of personal information is an integral requirement of information privacy law as it determines what information is regulated. A 2004 report conducted on behalf of the UK’s Information Commissioner (the 'Booth Report') concluded that there was no coherent definition of personal information currently in operation because different data protection authorities throughout the world conceived the concept of personal information in different ways. The authors adopt the models developed by the Booth Report to examine the conceptual basis of statutory definitions of personal information in Australian privacy laws. Research findings indicate that the definition of personal information is not construed uniformly in Australian privacy laws and that different definitions rely upon different classifications of personal information. A similar situation is evident in a review of relevant case law. Despite this, the authors conclude the article by asserting that a greater jurisprudential discourse is required based on a coherent conceptual framework to ensure the consistent development of Australian privacy law.