A transformed health ecosystem is a multi-stakeholder coalition that collects, stores, and shares personal health information (PHI) for different purposes, such as for personalized care, prevention, health prediction, precise medicine, personal health management, and public health purposes. Those services are data driven, and a lot of PHI is needed not only from received care and treatments, but also from a person's normal life. Collecting, processing, storing, and sharing of the huge amount of sensitive PHI in the ecosystem cause many security, privacy, and trust challenges to be solved. The authors have studied those challenges from different perspectives using existing literature and found that current security and privacy solutions are insufficient, and for the user it is difficult to know whom to trust, and how much. Furthermore, in today's widely used privacy approaches, such as privacy as choice or control and belief or perception based trust does not work in digital health ecosystems. The authors state that it is necessary to redefine the way privacy and trust are understood in health, to develop new legislation to support new privacy and approaches, and to force the stakeholders of the health ecosystem to make their privacy and trust practices and features of their information systems available. The authors have also studied some candidate solutions for security, privacy, and trust to be used in future health ecosystems.

1st Faculty of Medicine Charles University Prague Czechia

eHealth Competence Center Bavaria Deggendorf Institute of Technology Deggendorf Germany

Faculty of Information Technology and Communication Sciences Tampere University Tampere Finland

Medical Faculty University of Regensburg Regensburg Germany

See more in PubMed

Pravettoni G, Triberti S. P5 eHealth: An Agenda for the Health Technologies of the Future. Berlin: Springer Open; (2020). p. 3–17.

Ruotsalainen P, Blobel B. Digital pHealth – problems and solutions for ethics trust and privacy. Stud Health Technol Inform. (2019) 261:31–46. 10.3233/978-1-61499-975-1-31 PubMed DOI

FDA. What is Digital Health? (2020). Available online at: https://www.fda.gov/medical-devices/digital-health-center-excellence/what-digital-health (accessed February 1, 2022).

Ronquillo Y, Meyrs A, Korvek SJ. Digital Health. (2021). Available online at: https://www.ncbi.nlm.nih.gov/books/NBK470260/ (accessed February 1, 2022).

WHO. Using E-Health and Information Technology to Improve Health. (2018). Available online at: https://who.int/westernpacific/activities/using-e-health-and-information-technology-to-improve-health (accessed February 1, 2022).

Moss RJ, Sule A, Kohl S. eHealth and mHealth. Eur J Hosp Pharm. (2019) 26:57–8. 10.1136/ejhpharm-2018-001819 PubMed DOI PMC

Eysenbach G. What is e-health? J Med Internet Res. (2001) 3:e20. 10.2196/jmir.3.2.e20 PubMed DOI PMC

The National Institutes of Health (NIH). Department of Health and Human Services. (2018). Available online at: https://grants.nih.gov/grants/guide/pa-files/PAR-14-028.html (accessed February 1, 2022).

Ginsburg GS, Phillips KA. Precision medicine: from science to value. Health Aff (Millwood). (2018) 37:694–701. 10.1377/hlthaff.2017.1624 PubMed DOI PMC

Prosperi M, Min JS, Bian J, Modave F. Big data hurdles in precision medicine and precision public health. BMC Med Inform Decis Mak. (2018) 18:139. 10.1186/s12911-018-0719-2 PubMed DOI PMC

Gorini A, Caiani EG, Pravettoni G. P5 eHealth: an Agenda for the Health Technologies of the Future. Cham: Springer Open; (2020).

Rose C. Ubiquitous smartphones, Zero Privacy. Rev Bus Inf Syst. (2012) 16:187–92. 10.19030/rbis.V16i4.7438 DOI

Wei Z, Zhao B, Su J. PDA: A Novel Privacy-Preserving Robust Data Aggregation Scheme in People-Centric Sensing System, International Journal of Distributed Sensor Networks. London: Hindawi Publishing Corporation; (2013). p. 9.

Santarossa S, Kane D, Senn CY, Woodruff SJ. Exploring the role of in-person components for online health behavior change interventions: can a digital person-to-person component suffice? Med Internet Res. (2018) 20:e144. 10.2196/jmir.8480 PubMed DOI PMC

Connoly R, McParland C. Dataveillance in the workplace: moving beyond divergent perspectives, chapter 19 in handbook of research on strategic communication, leadership, and conflict management in modern organizations. In: Normore A, Hills D, Javidi M, Long L. editors. A Volume in the Advances in Human Resources Management and Organizational Development (AHRMOD) Book Series. Pennsylvania, PA: IGI Global; (2017). 10.4018/978-1-5225-0983-7.ch063 DOI

Joyce KE. Emotions Analytics Helps Hotels.Com Connect with Customers. Newton, MA: TechTarget, Business Analytics; (2020).

Iyawa GE, Marlien Herselman M, Adele Botha A. Digital Health Innovation Ecosystems: from Systematic Literature Review to Conceptual Framework. Amsterdam: Elsevier, Procedia Computer Science; (2016). p. 244–52.

Vimarlund V, Mettler T. Introduction to the Ecosystem for Two-sided Markets, Barriers and Facilitators. In: Vimarlund V. editor. E-Health Two-Sided Markets Implementation and Business Models. Cambridge, MA: Academic Press; (2017).

Rubinstein IS. Big Data: The End of Privacy or a New Beginning? International Data Privacy Law. (Vol. 3). Oxford: Oxford University Press; (2013).

Rubenfield J. The End of Privacy. New Haven: Yale Law School, Faculty Scholarship Series; (2008).

Ruotsalainen P, Blobel B. Health information systems in the digital health ecosystem—problems and solutions for ethics, trust and privacy. Int J Environ Res Public Health. (2020) 17:3006. 10.3390/ijerph17093006 PubMed DOI PMC

Taviani HT, Moore JH. Privacy protection, control of information, and privacy-enhancing technologies. Com Soc. (2001) 31:6–11. 10.1145/572277.572278 DOI

International Organization for Standardization. Information Technology — Security Techniques — Information Security Management Systems — Overview and Vocabulary. Geneva: ISO; (2018).

Marguilis ST. Three theories of privacy: an overview. In: Trepete S, Reinecke L. editors. Book Privacy Online: Perspectives on Privacy and Self-Disclosure in the Social Web. Berlin: Springer Verlag; (2011).

Waldman AE. Privacy as Trust. Cambridge: Cambridge University Press; (2018). 10.1017/978136888667 DOI

Nissenbaum H. Privacy as contextual Integrity. Washington: Washington Law review; (2004). p. 119–58.

Sokolovska A. Kocarev, Integrating Technical and Legal Concepts of Privacy. Piscataway, NJ: IEEE Access; (2018). p. 1–1. 10.1109/ACCESS.2018.2836184 DOI

ENISA. Privacy Considerations of Online Behavioural Tracking. (2012). Available online at: https://www.enisa.europa.eu/publications/privacy-considerations-of-online-behavioural-tracking (accessed February 1, 2022).

Toch E, Birman Y. Towards Behavioral Privacy: How to Understand AI’s Privacy Threats in Ubiquitous Computing, UbiComp/ISWC’18 Adjunct. New York, NY: Association for Computing Machinery; (2018). 10.1145/3267305.3274155 DOI

Lilien L, Bhargava B. Trading privacy for trust in online interactions. In: Jøsang A, Ismail R, Boyd C. editors. A Survey of Trust and Reputation Systems for Online Service Provision, Decision Support Systems. (2007). p. 618–44.

Liu X, Datta A, Lim E-P. Computational Trust Models and Machine Learning, Chapman &Hall/CRC Machine Learning &Pattern Recognition Series. New York, NY: Taylor and Francis Group, CRC Press; (2015).

Evans BJ. Power to the people: data citizens in the age of precision medicine. Vanderbilt J Entertain Technol Law. (2017) 19:243–65. PubMed PMC

Doyle J. Rational decision making. In: Robin W, Frank K. editors. The MIT Encyclopaedia of Cognitive Sciences. Cambridge: MIT Press; (1997).

Frizzo-Barker J, Peter A, Chow-White PA, Charters A, Ha D. Genomic Big Data and Privacy: Challenges and Opportunities for Precision Medicine, Springer Science +Business. Dorthrecht: Computer Supported Cooperative Work (CSCW) (2016). 10.1007/s10606-016-9248-7 DOI

Sanchini V, Marelli L. Chapter 10, data protection and ethical issues. In: Pravettoni G, Triberti S. editors. P5 eHealth: An Agenda for the Health Technologies of the Future. Cham: Springer; (2020).

Ren K, Wang C, Wang Q. Security Challenges for the Public Cloud. Piscataway, NJ: IEEE Internet Computing; (2012). p. 69–73.

Yu K-H, Beam AL, Kohane IS. Artificial intelligence in healthcare. Nat Biomed Eng. (2018) 2:719–31. 10.1038/s41551-018-0305-z PubMed DOI

Bruynseels K, Santoni de Sio F, van den Hoven J. Digital twins in health care: ethical implications of an emerging engineering paradigm. Front Genet. (2018) 9:31. 10.3389/fgene.2018.00031 PubMed DOI PMC

President’s Council of Advisors on Science and Technology, Report to the President. Realizing the FullPotential of Health Information Technology to Improve Healthcare for Americans: The Path Forward, President’s Council of Advisors on Science and Technology. (2010). Available online at: https://www.broadinstitute.org/files/sections/about/PCAST/2010%20pcast-health-it.pdf (accessed February 1, 2022).

Coiera E, Clarke R. e-Consent: the design and implementation of consumer consent mechanisms in an electronic environment. J Am Med Inform Assoc. (2004) 11:129–40. 10.1197/jamia.M1480 PubMed DOI PMC

IEEE. IEEE P7012 – Machine Readable Privacy Terms Working Group. Piscataway, NJ: IEEE; (2017).

Fatokun T, Avishek Nag A, Sharma S. Towards a blockchain assisted patient owned system for electronic health records. Electronics. (2021) 10:580. 10.3390/electronics10050580 DOI

Dubovitskaya A, Baig F, Xu Z, Shukla R, Zambani PS, Swaminathan A, et al. ACTION-ehr:patient-centric blockchain-based electronic health record data management for cancer care. J Med Internet Res. (2020) 22:e13598. 10.2196/13598 PubMed DOI PMC

Chen L, Yang J, Wang Q, Niu Y. A framework for privacy-preserving healthcare data sharing. In: Procesedings of the IEEE 14th Internationa Conference on E-Health Networking, Applications and Services (Healthcom). Piscataway, NJ: IEEE; (2012).

International Organisation for Standardisation. ISO 23903:2021 Health informatics – Interoperability and Integration Reference Architecture – Model and Framework. Geneva: ISO; (2021).

Damianou N, Dulay N, Lupu E, Sloman M. Ponder – A Language for Specifying Security and Management Policies for Distributed Systems. The Language Specification, Version 2.3, Imperial College Research Report DoC 2000/1. (2000). Available online at: http://www.doc.ic.ac.uk/research/technicalreports/2000/DTR00-1.pdf (accessed February 1, 2022).

Blobel B, Nordberg R, Davis M, Pharow P. Modelling privilege management and access control. Int J Med Inform. (2006) 75:597–623. 10.1016/j.ijmedinf.2005.08.010 PubMed DOI

Blobel B, Davis M, Ruotsalainen P. Policy management standards enabling trustworthy pHealth. Stud Health Technol Inform. (2014) 200:8–21. PubMed

International Organisation for Standardisation. ISO 22600:2014 Health Informatics – Privilege Management and Access Control. Geneva: ISO; (2014).

Balkin JM. Information Fiduciaries and the First Amendment. (Vol. 49). Davis, CA: UC Davis Law Review; (2016).

Dobkin A. Information fiduciaries in practice: data privacy and user expectations. Berk Tech Law J. (2018) 33:1. 10.15779/Z38G44HQ8 DOI

Ritter J, Mayer A. Regulating Data as Property: a New Construct for Moving Forward. Durham, NC: Duke Law & Technology Review; (2018). p. 220–77.

Lederer S, Dey AK, Mankoff J. A Conceptual Model and a Metaphor of Everyday Privacy in Ubiquitous Computing Environments, Report No. UCB/CSD-2-1188. Berkeley, CA: Computer Science Division (EECS) (2002).

Roehrs A, da Costa CA, da Rosa Righi R. OmniPHR: a distributed architecture model to integrate personal health records. J Biomed Inform. (2017) 71:70–81. 10.1016/j.jbi.2017.05.012 PubMed DOI

Solove DJ. The end of privacy? Sci Am. (2008) 299:100–4. PubMed

Ruotsalainen P, Blobel B. Privacy s dead – solutions for privacy-enabled collections and use of personal health information in digital era. Stud Health Technol Inform. (2020) 273:63–74. 10.3233/SHTI200616 PubMed DOI

Designing and Managing Advanced, Intelligent and Ethical Health and Social Care Ecosystems

Reinforcing Health Data Sharing through Data Democratization