Abstract
Electronic health interventions (eHealth), as well as mobile health (mHealth) interventions, offer another alternative to a multitude of supplementary treatment aids for individuals. Studies across scientific journals continue to research the benefits of providing treatment across an online or technological platform. However, current legislations fail to supply adequate protection to users giving businesses and organizations access to their sensitive health data. Thus, new legal protection must be created in order to safeguard consumer health data against advancing technological capabilities. MindTrails, a research team at UVa, is working on a study whose goal entails increasing the efficacy of a psychological technique on an online platform. Although these intentions are noble and have merit, without the proper protocols for data, this study creates privacy risks for the participants.
Currently, MindTrails’ online program, Calm Thinking, employs cognitive bias modification. By providing various scenarios that could be considered threatening to the participant, Calm Thinking allows the user to imagine themselves in each situation. Eventually, through repetition, the user approaches scenarios with a new mindset. Despite positive feedback, the attrition for the program remained high. The team decided to recruit the help of fourth year undergraduates to enhance the product in order to reduce attrition.
The undergraduates consisted of Computer Science engineers, who focused on developing a mobile app, and Systems Engineers, who worked on the design of the app. Some new components were added that were not original to the online program. Adding the journal feature and domain selection aimed to increase user engagement and personalize the application. User testing was completed involving five past Calm Thinking participants. Feedback for the design was positive with an overall engagement score of 4.4/5 and likeability of 4.6/5.
In order to obtain a thorough understanding of the current legal protection of data in the United States, much research was conducted on current data protection statutes. These ranged from privacy laws for state DMVs to telephone consumer protection laws. Most laws provided specific types of protection that only applied to a certain sector. The U.S. Department of Health and Human Services (HSS), along with the Federal Trade Commission (FTC), predominately provide the protection of consumer health data against businesses. The HSS, which abides by the Health Insurance Protection & Portability Act (HIPAA), has a specialty in health data protection, while the FTC concentrates in protecting consumers against businesses.
Examining oversight of the privacy & security of health data collected by entities not regulated by HIPAA (2016) by the HSS and Internet of things (2015) by the FTC established clear means of new protection guidelines. Additionally, a bipartisan bill proposed last June, Protecting personal health data (2019), provides a one-year plan of tackling the problem. Senators Amy Klobuchar and Lisa Murkowski borrow some of the ideas mentioned in the HSS and FTC documents. Specifically, a National Task force comprised of experts would investigate the latest data storage, security, and accessibility practices. A report would be made a year later that would give recommendations on new laws for companies to follow. More intensive oversight would also be conducted on big companies that have access to consumers health data, like Google and Microsoft.
By creating a law that covers entities not previously included in legislation such as HIPAA, more research can be conducted, like that of MindTrails, with privacy protection guidelines. These novel privacy laws would give the consumer a piece of mind when using smart devices, such as a fitness watch or heart monitor. U.S. citizens would not need to question who has access to their data as laws would make data sharing and accessibility more transparent.
Notes
School of Engineering and Applied Sciences
Bachelor of Science in Systems Engineering
Technical Advisor: Laura Barnes
STS Advisor: Catherine Baritaud
Technical Team Members: Amanda Brownlee, Camryn Burley, Georgie Lafer, Taylor Luong, Meaghan McGowan, Judy Nguyen, William Trotter, Halle Wine
