Abstract:

Mobile health technologies enable self-monitoring of health and fitness conditions for personal health and lifestyle management with the potential to improve the quality, accuracy, and cost of healthcare. The advancement of connected and precision healthcare services requires a variety of health information which includes patient-generated health data. The collection, processing, and management of personal health information with mHealth devices and sensors represent unique and substantial risks to the security and privacy of personal health data. Current laws, regulations, and policies have primarily addressed the privacy of patient health information collected and maintained by healthcare and clinical providers but have not fundamentally addressed patient-generated health data. This paper provides an overview of information security, assurance, and data governance principles of connected healthcare with a focus on patient-generated health data and informs the development of policies, standards, and guidelines for sensitive health information.