Towards a threat assessment framework for consumer health wearables

The collection of health data such as physical activity, consumption and physiological data through the use of consumer health wearables via fitness trackers are very beneficial for the promotion of physical wellness. However, consumer health wearables and their associated applications are known to have privacy and security concerns that can potentially make the collected personal health data vulnerable to hackers. These concerns are attributed to security theoretical frameworks not sufficiently addressing the entirety of privacy and security concerns relating to the diverse technological ecosystem of consumer health wearables. The objective of this research was therefore to develop a threat assessment framework that can be used to guide the detection of vulnerabilities which affect consumer health wearables and their associated applications. To meet this objective, the Design Science Research methodology was used to develop the desired artefact (Consumer Health Wearable Threat Assessment Framework). The framework is comprised of fourteen vulnerabilities classified according to Authentication, Authorization, Availability, Confidentiality, Non-Repudiation and Integrity. Through developing the artefact, the threat assessment framework was demonstrated on two fitness trackers and their associated applications. It was discovered, that the framework was able to identify how these vulnerabilities affected, these two test cases based on the classification categories of the framework. The framework was also evaluated by four security experts who assessed the quality, utility and efficacy of the framework. Experts, supported the use of the framework as a relevant and comprehensive framework to guide the detection of vulnerabilities towards consumer health wearables and their associated applications. The implication of this research study is that the framework can be used by developers to better identify the vulnerabilities of consumer health wearables and their associated applications. This will assist in creating a more securer environment for the storage and use of health data by consumer health wearables

THE INTERNET OF THINGS (IOT) IN DISASTER RESPONSE

Disaster management is a complex practice that relies on access to and the usability of critical information to develop strategies for effective decision-making. The emergence of wearable internet of things (IoT) technology has attracted the interests of several major industries, making it one of the fastest-growing technologies to date. This thesis asks, How can disaster management incorporate wearable IoT technology in operations and decision-making practices in disaster response? How IoT is applied in other prominent industries, including construction, manufacturing and distribution, the Department of Defense, and public safety, provides a basis for furthering its application to challenges affecting agency coordination. The critical needs of disaster intelligence in the context of hurricanes, structural collapses, and wildfires are scrutinized to identify gaps that wearable technology could address in terms of information-sharing in multi-agency coordination and the decision-making practices that routinely occur in disaster response. Last, the specifics of wearable technology from the perspective of the private consumer and commercial industry illustrate its potential to improve disaster response but also acknowledge certain limitations including technical capabilities and information privacy and security.Civilian, Virginia Beach Fire Department / FEMA - USAR VATF-2Approved for public release. Distribution is unlimited

The Role of Privacy Within the Realm of Healthcare Wearables\u27 Acceptance and Use

The flexibility and vitality of the Internet along with technological innovation have fueled an industry focused on the design of portable devices capable of supporting personal activities and wellbeing. These compute devices, known as wearables, are unique from other computers in that they are portable, specific in function, and worn or carried by the user. While there are definite benefits attributable to wearables, there are also notable risks, especially in the realm of security where personal information and/or activities are often accessible to third parties. In addition, protecting one’s private information is regularly an afterthought and thus lacking in maturity. These concerns are amplified in the realm of healthcare wearable devices. Users must weigh the benefits with the risks. This is known as the privacy calculus. Often, users will opt for the wearable device despite the heightened concern that their information may or will be disclosed. This is known as the privacy paradox. While past research focused on specific wearable technologies, such as activity trackers and smartphones, the paradox of disclosure despite concern for privacy has not been the primary focus, particularly in the realm of the manifestation of the paradox when it comes to the acceptance and use of healthcare wearable devices. Accordingly, the objective of the present research was to propose and evaluate a research model specifically oriented towards the role of privacy in the realm of healthcare-related wearables’ acceptance and use. The presented model is composed of sixteen constructs informed from multiple theories including multiple technology acceptance theories, the Protection Motivation Theory (PMT), the Health Belief Model (HBM), and multiple privacy calculus theories. Using a survey-oriented approach to collect data, relationships among privacy, health, and acceptance constructs were examined using SmartPLS with intentions to validate the posited hypotheses and determine the influence of the various independent variables on the intention to disclose and the intention to adopt healthcare-wearables. Of particular interest is the posited moderating effects of perceived health status on intention to disclose personal information. The research endeavor confirmed significant evidence of the cost/benefit decision process, aka the privacy calculus, that takes place when deciding whether or not to disclose personal information in the healthcare wearables space. Perceived privacy risk was negatively correlated to intention to disclose while hedonic motivation and performance expectancy were positively correlated to intention to disclose. Furthermore, significant evidence was discovered pertaining to the privacy paradox via the moderating role that perceived health status plays regarding the relationships between the constructs of perceived privacy risk and intention to disclose and hedonic motivation and intention to disclose. Intention to disclose was also found to have a significant positive influence on intention to adopt. Contributions include understanding and generalization in the healthcare wearables adoption knowledge space with a particular emphasis on the role of privacy, as well as practical implications for wearable manufacturers and users

The Role of the Privacy Calculus and the Privacy Paradox in the Acceptance of Wearables for Health and Wellbeing

The Internet along with innovations in technology have inspired an industry focused on designing portable devices, known as wearables that can track users’ personal activities and wellbeing. While such technologies have many benefits, they also have risks (especially regarding information privacy and security). These concerns become even more pronounced with healthcare-related wearables. Consequently, users must consider the benefits given the risks (privacy calculus); however, users often opt for wearables despite their disclosure concerns (privacy paradox). In this study, we investigate the multidimensional role that privacy (and, in particular, the privacy calculus and the privacy paradox) plays in consumers’ intention to disclose their personal information, whether health status has a moderating effect on the relationship, and the influence of privacy on acceptance. To do so, we evaluated a research model that explicitly focused on the privacy calculus and the privacy paradox in the healthcare wearables acceptance domain. We used a survey-oriented approach to collect data from 225 users and examined relationships among privacy, health, and acceptance constructs. In that regard, our research confirmed significant evidence of the influence of the privacy calculus on disclosure and acceptance as well as evidence of the privacy paradox when considering health status. We found that consumers felt less inclined to disclose their personal information when the risks to privacy outweighed benefits; however, health status moderated this behavior such that people with worse health tipped the scale towards disclosure. This study expands our previous knowledge about healthcare wearables’ privacy/acceptance paradigm and, thus, the influences that affect healthcare wearables’ acceptance in the privacy context

Privacy and Security Concerns Associated with MHealth Technologies: A Social Media Mining Perspective

mHealth technologies seek to improve personal wellness; however, there are stillsignificant privacy and security challenges. With social networking sites serving as lens through which public sentiments and perspectives can be easily accessed, little has been done to investigate the privacy and security concerns of users, associated with mHealth technologies, through social media mining. Therefore, this study investigated various privacy and security concerns conveyed by social media users, in relation to the use of mHealth wearable technologies, using text mining and grounded theory. In addition, the study examined the general sentiments toward mHealth privacy and security related issues, while unearthing how the various issues have evolved over time. Our target social media platform for data collection was the microblogging platform Twitter, which was accessed through Brandwatch providing access to the “Twitter firehose” to extract English tweets. Triangulation was conducted on a representative sample to confirm the results of the Latent Dirichlet Allocation (LDA) Topic Modeling using manual coding through ATLAS.ti. By using the grounded theory analysis methodology, we developed the D-MIT Emergent Theoretical Model which explains that the concerns of users can be categorized as relating to data management, data invasion, or technical safety issues. This model claims that issues affecting data management of mHealth users through the misuse of their data by entities such as wearable companies and other third-party applications, negatively impact their adoption of these devices. Also, concerns of data invasion via real-time data, security breaches, and data surveillance inhibit the adoption of mHealth wearables, which is further impacted by technical safety issues. Further, when users perceived that they do not have full control over their wearables or patient applications, then their acceptance of these mHealth technologies is diminished. While a lack of data and privacy protection policies contribute negatively to users’ adoption of these devices, it also plays a pivotal role in the data management issues presented in this emergent model. Therefore, the importance of having robust legal and policy frameworks that can support mHealth users is desired. Theoretically, the results support the literature on user acceptance of mHealth wearables. These findings were compared with extant literature, and confirmations found across several studies. Further, the results show that over time, mHealth users are still concerned about areas such as security breaches, real-time data invasion, surveillance, and how companies use the data collected from these devices. The findings reveal that more than 75% of the posts analyzed were categorized as depicting anger, fear, or demonstrating levels of disgust. Additionally, 70% of the posts exhibited negative sentiments, whereas 26% were positive, which indicates that users are ambivalent concerning privacy and security, notwithstanding mentions of privacy or security issues in their posts

MOSAIC vision and scenarios for mobile collaborative work related to health and wellbeing

The main objective of the MOSAIC project is to accelerate innovation in Mobile Worker Support Environments by shaping future research and innovation activities in Europe. The modus operandi of MOSAIC is to develop visions and illustrative scenarios for future collaborative workspaces involving mobile and location-aware working. Analysis of the scenarios is input to the process of road mapping with the purpose of developing strategies for R&D leading to deployment of innovative mobile work technologies and applications across different domains. This paper relates to one specific domain, that of Health and Wellbeing. The focus is therefore is on mobile working environments which enable mobile collaborative working related to the domain of healthcare and wellbeing services for citizens. This paper reports the work of MOSAIC T2.2 on the vision and scenarios for mobile collaborative work related to this domain. This work was also an input to the activity of developing the MOSAIC roadmap for future research and development targeted at realization of the future Health and Wellbeing vision. The MOSAIC validation process for the Health and Wellbeing scenarios is described and one scenario – the Major Incident Scenario - is presented in detail

Assessment of security vulnerabilities in wearable devices

Wearable devices have proliferated in usage and human experience, and they provide convenience for personal information requirements. These devices are both sensory and immersive for the diverse global network that is generally termed the Internet of things (IoT). The immediacy of the two-way communication created in the IoT has made vulnerable human behaviour and raised debate around information ownership and privacy expectations. The legitimacy of ownership of information and its reuse are prevalent problems. In this research, we tested four wearable devices that share 44% of the current market, for security vulnerabilities. We found serious weaknesses that could result in the unplanned disclosure of information and recommend further research into users expectations for safety