A multi-level data sensitivity model for mobile health data collection systems

Abstract

Mobile Health Data Collection Systems (MHDCS) use a combination of encryption and user access control to grant or deny permissions to data collectors. However, the data in MHDCS is of diverse value and types which calls for different security measures. The level of sensitivity of data in electronic health is a function of the context characterised by the social environment, patient and content among others. When mobile devices are used for data collection and tracking participants, there is need for a more refined security system that allows finer controlled access to specific data elements. In this paper, we provide a conceptual design and prototype implementation for a data sensitivity model that enables attribute-based data access control, based on the level of sensitivity of the data involved. By allowing specific form data elements to have different security levels, we enhance the security of MHDCS and allow more use cases including the use of a single form to collect data for different stakeholders with diverse data needs and concerns.