Transparent Yet Private Medical Data (TYPAMED), AFR PhD, 2015-2018

Several pilot tests show that patients who are allowed to access their medical data commit more seriously to therapies and health programs. This finding is particularly relevant in medical research programs aiming at cross-sectional and longitudinal studies on patient cohorts (Luxembourg has recently established one of such programs to monitor the stratification of Parkinson’s disease.) For the success of such programs, the commitment of patients and of patient organizations are of pivotal importance.However, letting patients accessing medical records raises many security concerns and creates tension among conflicting requirements. This research project (for a Ph.D.) has the objective to understand precisely such conflicts, and to study and design access control mechanisms that are socio-technically secure, that is secure not only at the technical level, where data management and communication protocols run, but also at a non-technical level, where richer human protocols and behavioural factors are in place.So, for instance, if on one hand patients’ access should be controlled so that unauthorised disclosure and modifications are not allowed within the data they are entitled to access, on the other hand, patients should have control over their own data, who accesses it and for what purpose – a right that EU regulations are already trying to enforce.The challenge comes from the fact that patients are not ICT experts. Access control mechanisms should be effective, but not hard to use or this will compromise a patient’s active participation. But the same mechanisms should be transparent to let patients know what happens to their data, how secure they are, and be informed that their data are handled appropriately, reassuring them that their involvement in sensitive research programs will not cost them higher prices in terms of intrusions into their lives.This Ph.D. project, a collaboration between SnT and LCSB, the Univ. Federal de Santa Catarina (BR), and Univ. of Porto (PT) intends to look at the socio-technical security problems concerning a secure access and use of medical data from patients.It will study access control and data confidentiality mechanisms and implementations, with the specific perspective that those solutions should be usable by inexpert patients and should inspire an honest sense of trust. In so doing, this research goes beyond understanding the security requirements of the technical protocols that realize a secure and confidential remote access to data, requirements widely studied elsewhere. Instead, it advocates studying the human-scale ceremonies in which those protocols are integrated.It will use both traditional expertise and knowledge in the design of secure systems and protocols, and more advanced methodologies suitable for a socio-technical analysis of security and trust.