Investigating Protected Health Information Leakage from Android Medical Applications

• URL: http://arxiv.org/abs/2105.07360v1
• Date: Sun, 16 May 2021 05:54:24 GMT
• Title: Investigating Protected Health Information Leakage from Android Medical Applications
• Authors: George Grispos and Talon Flynn and William Glisson and Kim-Kwang Raymond Choo
• Abstract summary: Smartphones and smartphone applications are widely used in a healthcare context (e.g., remote healthcare) These devices and applications may need to comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. In this study, we forensically focus on the potential of recovering residual data from Android medical applications.
• Score: 36.56303585709521
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: As smartphones and smartphone applications are widely used in a healthcare context (e.g., remote healthcare), these devices and applications may need to comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. In other words, adequate safeguards to protect the user's sensitive information (e.g., personally identifiable information and/or medical history) are required to be enforced on such devices and applications. In this study, we forensically focus on the potential of recovering residual data from Android medical applications, with the objective of providing an initial risk assessment of such applications. Our findings (e.g., documentation of the artifacts) also contribute to a better understanding of the types and location of evidential artifacts that can, potentially, be recovered from these applications in a digital forensic investigation.

Related papers

• Comprehensive and Practical Evaluation of Retrieval-Augmented Generation Systems for Medical Question Answering [70.44269982045415]
  Retrieval-augmented generation (RAG) has emerged as a promising approach to enhance the performance of large language models (LLMs) We introduce Medical Retrieval-Augmented Generation Benchmark (MedRGB) that provides various supplementary elements to four medical QA datasets. Our experimental results reveals current models' limited ability to handle noise and misinformation in the retrieved documents.
  arXiv  Detail & Related papers  (2024-11-14T06:19:18Z)
• Harnessing the Digital Revolution: A Comprehensive Review of mHealth Applications for Remote Monitoring in Transforming Healthcare Delivery [1.03590082373586]
  The review highlights various types of mHealth applications used for remote monitoring, such as telemedicine platforms, mobile apps for chronic disease management, and wearable devices. The benefits of these applications include improved patient outcomes, increased access to healthcare, reduced healthcare costs, and addressing healthcare disparities. However, challenges and limitations, such as privacy and security concerns, lack of technical infrastructure, regulatory is-sues, data accuracy, user adherence, and the digital divide, need to be addressed.
  arXiv  Detail & Related papers  (2024-08-26T11:32:43Z)
• Medical Image Data Provenance for Medical Cyber-Physical System [8.554664822046966]
  This study proposes using watermarking techniques to embed a device fingerprint (DFP) into captured images. The DFP, representing the unique attributes of the capturing device and raw image, is embedded into raw images before storage. A robust remote validation method is introduced to authenticate images, enhancing the integrity of medical image data in interconnected healthcare systems.
  arXiv  Detail & Related papers  (2024-03-22T13:24:44Z)
• DeID-GPT: Zero-shot Medical Text De-Identification by GPT-4 [80.36535668574804]
  We develop a novel GPT4-enabled de-identification framework (DeID-GPT") Our developed DeID-GPT showed the highest accuracy and remarkable reliability in masking private information from the unstructured medical text. This study is one of the earliest to utilize ChatGPT and GPT-4 for medical text data processing and de-identification.
  arXiv  Detail & Related papers  (2023-03-20T11:34:37Z)
• On the Privacy of Mental Health Apps: An Empirical Investigation and its Implications for Apps Development [14.113922276394588]
  This paper reports an empirical study aimed at systematically identifying and understanding data privacy incorporated in mental health apps. We analyzed 27 top-ranked mental health apps from Google Play Store. The findings reveal important data privacy issues such as unnecessary permissions, insecure cryptography implementations, and leaks of personal data and credentials in logs and web requests.
  arXiv  Detail & Related papers  (2022-01-22T09:23:56Z)
• A Systematic Literature Review on Wearable Health Data Publishing under Differential Privacy [2.099922236065961]
  Wearable devices generate different types of physiological data about the individuals. Differential Privacy (DP) has emerged as a proficient technique to publish privacy sensitive data.
  arXiv  Detail & Related papers  (2021-09-15T14:43:00Z)
• A Review-based Taxonomy for Secure Health Care Monitoring: Wireless Smart Cameras [9.4545147165828]
  This research focuses on the secure storage of patient and medical records in the healthcare sector. A potential solution comes from biometrics, although their use may be time-consuming and can slow down data retrieval. This research aims to overcome these challenges and enhance data access control in the healthcare sector through the addition of biometrics in the form of fingerprints.
  arXiv  Detail & Related papers  (2021-07-05T11:59:10Z)
• Privacy-preserving medical image analysis [53.4844489668116]
  We present PriMIA, a software framework designed for privacy-preserving machine learning (PPML) in medical imaging. We show significantly better classification performance of a securely aggregated federated learning model compared to human experts on unseen datasets. We empirically evaluate the framework's security against a gradient-based model inversion attack.
  arXiv  Detail & Related papers  (2020-12-10T13:56:00Z)
• Mind the GAP: Security & Privacy Risks of Contact Tracing Apps [75.7995398006171]
  Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy. We demonstrate that in real-world scenarios the GAP design is vulnerable to (i) profiling and possibly de-anonymizing persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts.
  arXiv  Detail & Related papers  (2020-06-10T16:05:05Z)
• COVI White Paper [67.04578448931741]
  Contact tracing is an essential tool to change the course of the Covid-19 pandemic. We present an overview of the rationale, design, ethical considerations and privacy strategy of COVI,' a Covid-19 public peer-to-peer contact tracing and risk awareness mobile application developed in Canada.
  arXiv  Detail & Related papers  (2020-05-18T07:40:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.