Privacy by Design: From Research and Policy to Practice – the Challenge of Multi-disciplinarity

Tsormpatzoudi, Pagona; Berendt, Bettina; Coudert, Fanny

doi:10.1007/978-3-319-31456-3_12

Cited by 23 publications

(11 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The importance of end users’ participation as stakeholders in the privacy by design (PbD) process, involving multiple disciplines, including usability design in addition to engineering, has been emphasized earlier [16]. End users should ultimately profit from PbD, where it has been pointed out that UIs need to address PbD and be “human-centered, user-centric, and user-friendly, so that informed privacy decision may be reliably exercised” [17].…”

Section: Introductionmentioning

confidence: 99%

Enhancing Privacy Controls for Patients via a Selective Authentic Electronic Health Record Exchange Service: Qualitative Study of Perspectives by Medical Professionals and Patients

Alaqra¹,

Fischer‐Hübner²,

Framner³

2018

J Med Internet Res

View full text Add to dashboard Cite

BackgroundPatients’ privacy is regarded as essential for the patient-doctor relationship. One example of a privacy-enhancing technology for user-controlled data minimization on content level is a redactable signature. It enables users to redact personal information from signed documents while preserving the validity of the signature, and thus the authenticity of the document. In this study, we present end users’ evaluations of a Cloud-based selective authentic electronic health record (EHR) exchange service (SAE-service) in an electronic health use case. In the use case scenario, patients were given control to redact specified information fields in their EHR, which were signed by their doctors with a redactable signature and transferred to them into a Cloud platform. They can then selectively disclose the remaining information in the EHR, which still bears the valid digital signature, to third parties of their choice.ObjectiveThis study aimed to explore the perceptions, attitudes, and mental models concerning the SAE-service of 2 user roles: signers (medical professionals) and redactors (patients with different technical knowledge) in Germany and Sweden. Another objective was to elicit usability requirements for this service based on the analysis of our investigation.MethodsWe chose empirical qualitative methods to address our research objective. Designs of mock-ups for the service were used as part of our user-centered design approach in our studies with test participants from Germany and Sweden. A total of 13 individual walk-throughs or interviews were conducted with medical staff to investigate the EHR signers’ perspectives. Moreover, 5 group walk-throughs in focus groups sessions with (N=32) prospective patients with different technical knowledge to investigate redactor’s perspective of EHR data redaction control were used.ResultsWe found that our study participants had correct mental models with regard to the redaction process. Users with some technical models lacked trust in the validity of the doctor’s signature on the redacted documents. Main results to be considered are the requirements concerning the accountability of the patients’ redactions and the design of redaction templates for guidance and control.ConclusionsFor the SAE-service to be means for enhancing patient control and privacy, the diverse usability and trust factors of different user groups should be considered.

show abstract

Section: Introductionmentioning

confidence: 99%

Enhancing Privacy Controls for Patients via a Selective Authentic Electronic Health Record Exchange Service: Qualitative Study of Perspectives by Medical Professionals and Patients

Alaqra¹,

Fischer‐Hübner²,

Framner³

2018

J Med Internet Res

View full text Add to dashboard Cite

show abstract

“…Tsormpatzoudi et al [26] emphasize the importance of involving end-users as stakeholders in the Privacy by Design process, involving multiple disciplines including usability design, as the end users should ultimately profit from Privacy by Design. Also, Cavoukian stresses that the Privacy by Design principle Respect for Privacy extends to the need for UIs to be "human-centered, user-centric and user-friendly, so that informed privacy decision may be reliably exercised" [8].…”

Section: Introductionmentioning

confidence: 99%

Helping john to make informed decisions on using social login

Karegar

Gerber

Volkamer

et al. 2018

Proceedings of the 33rd Annual ACM Symposium on Applied Computing

View full text Add to dashboard Cite

Users make two privacy-related decisions when signing up for a new Service Provider (SP): (1) whether to use an existing Single Sign-On (SSO) account of an Identity Provider (IdP), or not, and (2) the information the IdP is allowed to share with the SP under specific conditions. From a privacy point of view, the use of existing social network-based SSO solutions (i.e. social login) is not recommended. This advice, however, comes at the expense of security, usability, and functionality. Thus, in principle, it should be up to the user to consider all advantages and disadvantages of using SSO and to consent to requested permissions, provided that she is well informed. Another issue is that existing social login sign-up interfaces are often not compliant with legal privacy requirements for informed consent and Privacy by Default. Accordingly, our research focuses on enabling informed decisions and consent in this context. To this end, we identified users' problems and usability issues from the literature and an expert cognitive walkthrough. We also elicited end user and legal privacy requirements for user interfaces (UIs) providing informed consent. This input was used to develop a tutorial to inform users on the pros and cons of sign-up methods and to design SSO sign-up UIs for privacy. A between-subject laboratory study with 80 participants was used to test both the tutorial and the UIs. We demonstrate an increase in the level to which users are informed when deciding and providing consent in the context of social login.

show abstract

“…[24]). Interdisciplinary work takes time and does not happen automatically -it requires a common understanding of the problem space as well as openness for underlying incentives and values of other disciplines [25]. This includes the supervisory authorities which will have to evolve to live up the tasks they have been imposed by the GDPR and to actively seize opportunities for improving the protection of rights and freedoms of all individuals.…”

Section: Resultsmentioning

confidence: 99%

Data Protection by Design and by Default à la European General Data Protection Regulation

Hansen

2016

Privacy and Identity Management. Facing Up to Next Steps

View full text Add to dashboard Cite

HAL is a multidisciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.

show abstract

Privacy by Design: From Research and Policy to Practice – the Challenge of Multi-disciplinarity

Cited by 23 publications

References 5 publications

Enhancing Privacy Controls for Patients via a Selective Authentic Electronic Health Record Exchange Service: Qualitative Study of Perspectives by Medical Professionals and Patients

Enhancing Privacy Controls for Patients via a Selective Authentic Electronic Health Record Exchange Service: Qualitative Study of Perspectives by Medical Professionals and Patients

Helping john to make informed decisions on using social login

Data Protection by Design and by Default à la European General Data Protection Regulation

Contact Info

Product

Resources

About