Privacy Sensitive Privacy Sensitive Architecture for Psychiatric Architecture for Psychiatric BehaviourBehaviour Monitoring Monitoring Service SystemService SystemPresenter: Rusyaizila Ramli (Ph.D student)

Supervisors:Associate Professor Dr. Putra SumariDr. Nasriah Zakaria School of Computer SciencesUniversiti Sains Malaysia, Penang, Malaysia

Healthcare, ICT and Healthcare, ICT and privacyprivacyPrivacy is a fundamental human right (UN,

1948)Privacy has received very little attention

from Information System Developer (ISD) researchers, with mainstream literature treating privacy as analogous to data security [3]

Healthcare and ICT may give impact upon the privacy of individuals

Most invasions of privacy are not intentional but due to designers inability to anticipate how this data could be used, by whom and how this might affect users [1]

Literature Review (Privacy Literature Review (Privacy Model)Model)

Issue: literature on privacy usually concentrates on protecting certain types of data without establishing what people regard as private info.

Objective: to provide designers with a better understanding of how users will perceive data generated and the way it is used. []

Figure 1: Privacy Model Factors and Issues [1]

Literature Review Literature Review (Conceptual Framework)(Conceptual Framework)

Issue: current ISD approaches are failing to recognize the significant of privacy issues that affect those involved in the development and deployment of information system.

Analysing and interpreting privacy issues in ISD

Figure 2: A Privacy Framework for Information Systems Development [3]

Healthcare Monitoring Healthcare Monitoring System OverviewSystem Overview

Privacy in Malaysia Privacy in Malaysia ContextContextThere are 2 types of psychiatric care in

Malaysia:Public Psychiatric Wards

Only at public hospital can provide ward and acute care - monitor psychiatric patients

Private Mental Institutions◦ They do not provide ward

Most of the patients have stigma, attached to them and their believe system (due to the illness)

Their privacy level would be depend on the types of mental illness, duration, ethnic group and education background

An observation in a An observation in a psychiatric female ward psychiatric female ward There are 5 cameras (1 with panning)25 bedsPatients are not mentioned about the

monitoring system, unless if they askAfter 10 days, videos will be

automatically deletedDuring night, patient cannot be

monitoredEvery 15 minutes, nurse will count

the numbers of patientHDU (???) – no monitor, based on

physical observation

Problem StatementProblem StatementThere is no privacy concern from healthcare

and system developer for psychiatric behavior monitoring (in Malaysia)

Even though they have mental ill, still there is a need to inform consent and patient/family needs to know how the information is being shared, where does go, who will use the information

Chose monitoring systems because psychiatric patients would have different privacy perspective concerns and would have different level of disclosure compared to other illnesses

There is little support for system developers to design and implement privacy sensitive environment that can help patients in managing their privacy [1]

ObjectivesObjectivesTo understand the nature and range of

privacy concerns among psychiatric patients and family with respect to pervasive healthcare behavior monitoring system

To elucidate a privacy framework of privacy in pervasive healthcare behavior monitoring system

To use the privacy framework: ◦ To develop user’s privacy management

module that provides end-users with appropriate control and feedback mechanism for managing their privacy

◦ As a toolkit for system developer to develop privacy sensitive monitoring system that will cater patient’s privacy concerns

MethodologyMethodology

References:References:1. Adams, A., Martina, M., Sasse, A., &Sasse, M. A. (2001).

Privacy in Multimedia Communications: Protecting Users, Not Just Data.

2. Adams, A. (1999). Users' perception of privacy in multimedia communication. Paper presented at the CHI '99 extended abstracts on Human factors in computing systems.

3. Carew, P., & Stapleton, L. (2005). Towards a Privacy Framework for Information Systems Development Information Systems Development (pp. 77-88).

4. Carew, P., Stapleton, L., & Byrne, G. (2008). Implications of an ethic of privacy for human-centred systems engineering. AI & Society, 22(3), 385-403.

5. Carew, P. J., & Stapleton, L. (2005). Privacy, Patients and Healthcare Workers. Paper presented at the Proceedings of the 16th IFAC World Congress, Prague.

6. Hong, J. (2005). An architecture for privacy-sensitive ubiquitous computing. University of California, Berkeley.

7. Hong, J. I., & Landay, J. A. (2004). An architecture for privacy-sensitive ubiquitous computing. Paper presented at the Proceedings of the 2nd international conference on Mobile systems, applications, and services.

Thank YouThank You