Bernd Blobel | University of Regensburg (original) (raw)

Papers by Bernd Blobel

Journal of Personalized Medicine, Jul 31, 2023

European Journal for Biomedical Informatics, 2017

PubMed, 2018

A pHealth ecosystem is a community of service users and providers. It is also a dynamic socio-tec... more A pHealth ecosystem is a community of service users and providers. It is also a dynamic socio-technical system. One of its main goals is to help users to maintain their personal health status. Another goal is to give economic benefit to stakeholders which use personal health information existing in the ecosystem. In pHealth ecosystems, a huge amount of health related data is collected and used by service providers such as data extracted from the regulated health record and information related to personal characteristics, genetics, lifestyle and environment. In pHealth ecosystems, there are different kinds of service providers such as regulated health care service providers, unregulated health service providers, ICT service providers, researchers and industrial organizations. This fact together with the multidimensional personal health data used raises serious privacy concerns. Privacy is a necessary enabler for successful pHealth, but it is also an elastic concept without any universally agreed definition. Regardless of what kind of privacy model is used in dynamic socio-technical systems, it is difficult for a service user to know the privacy level of services in real life situations. As privacy and trust are interrelated concepts, the authors have developed a hybrid solution where knowledge got from regulatory privacy requirements and publicly available privacy related documents is used for calculation of service providers' specific initial privacy value. This value is then used as an estimate for the initial trust score. In this solution, total trust score is a combination of recommended trust, proposed trust and initial trust. Initial privacy level is a weighted arithmetic mean of knowledge and user selected weights. The total trust score for any service provider in the ecosystem can be calculated deploying either a beta trust model or the Fuzzy trust calculation method. The prosed solution is easy to use and to understand, and it can be also automated. It is possible to develop a computer application that calculates a situation-specific trust score, and to make it freely available on the Internet.

PubMed, Sep 4, 2020

Today's digital information systems and applications collect every day a huge amount of personal ... more Today's digital information systems and applications collect every day a huge amount of personal health information (PHI) from sensor and surveillance systems, and every time we use personal computers or mobile phones. Collected data is processed in clouds, platforms and ecosystems by digital algorithms and machine learning. Pervasive technology, insufficient and ineffective privacy legislation, strong ICT industry and low political will to protect data subject's privacy have together made it almost impossible for a user to know what PHI is collected, how it is used and to whom it is disclosed. Service providers' and organizations' privacy policy documents are cumbersome and they do not guarantee that PHI is not misused. Instead, service users are expected to blindly trust in privacy promises made. In spite of that, majority of individuals are concerned of their privacy, and governments' assurance that they meet the responsibility to protect citizens in real life privacy is actually dead. Because PHI is probably the most sensitive data we have, and the authors claim it cannot be a commodity or public good, they have studied novel privacy approaches to find a way out from the current unsatisfactory situation. Based on findings got, the authors have developed a promising solution for privacy-enabled use of PHI. It is a combination of the concept of information fiduciary duty, Privacy as Trust approach, and privacy by smart contract. This approach shifts the onus of privacy protection onto data collectors and service providers. A specific information fiduciary duty law is needed to harmonize privacy requirements and force the acceptance of proposed solutions. Furthermore, the authors have studied strengths and weaknesses of existing or emerging solutions.

PubMed, Aug 21, 2019

Health systems advance towards personalized, preventive, predictive, participative precision (5P)... more Health systems advance towards personalized, preventive, predictive, participative precision (5P) medicine, considering the individual's health status, contexts and conditions. This results in fully distributed, highly dynamic, highly complex business systems and processes with multiple, comprehensively cooperating actors from different specialty and policy domains, using their specific methodologies, terminologies, ontologies, knowledge and skills. Rules and regulations governing the business process as well as the organizational, legal and individual conditions, thereby controlling the behavior of the system, are called policies. Trust and confidence needed for running such system are strongly impacted by security and privacy concerns controlled by corresponding policies. The most comprehensive policy dealing with security and privacy requirements and principles in any business collecting, processing and sharing personal identifiable information (PII) is the recently implemented European General Data Protection Regulation (GDPR). This paper investigates how GDPR supports healthcare transformation and how this can be implemented based on international standards and specifications.

PubMed, 2017

Successful health care, eHealth, digital health, and personal health systems increasingly take pl... more Successful health care, eHealth, digital health, and personal health systems increasingly take place in cross-jurisdictional, dynamic and risk-encumbered information space. They require rich amount of personal health information (PHI). Trust is and will be the cornerstone and prerequisite for successful health services. In global environments, trust cannot be expected as granted. In this paper, health service in the global environment is perceived as a meta-system, and a trust management model is developed to support it. The predefined trusting belief currently used in health care is not transferable to global environments. In the authors' model, the level of trust is dynamically calculated from measurable attributes. These attributes describe trust features of the service provider and its environment. The calculated trust value or profile can be used in defining the risk service user has to accept when disclosing PHI, and in definition of additional privacy and security safeguards before disclosing PHI and/or using services.

PubMed, 2019

The paper introduces a structured approach to transforming healthcare towards personalized, preve... more The paper introduces a structured approach to transforming healthcare towards personalized, preventive, predictive, participative precision (P5) medicine. It highlights the promising methodological paradigm changes, accompanied by related organizational and technological ones. In the latter context, the deployment of artificial intelligence and autonomous systems is crucial beside miniaturization and mobility. Beside their opportunities, those advanced technologies also bear risks to be managed. Beside the relationships between technology and human actors, the behavior of intelligent and autonomous systems from a humanistic and ethical perspective is in the center of considerations. The different existing approaches for guaranteeing the intended properties are presented and compared for deriving a common set of necessary principles to be met for P5 medicine.

PubMed, 2019

The penetration of digital platforms and ecosystem based business-model together with the use alg... more The penetration of digital platforms and ecosystem based business-model together with the use algorithm and machine leaning are changing the environment where pHealth takes place. Traditional pHealth is changing to Digital pHealth. This development brings new ethical, privacy and trust problems which have to solve to make Digital pHealth successful. In this paper ethical, privacy and trust problems in Digital pHealth are studied at conceptual level. Concerns caused by the use novel ICT-technology and regulatory environment are also discussed. The starting point is that the Digital pHealth as a system and its applications and algorithms should be ethically acceptable, trustworthy and enable the service user to set own context-aware privacy policies. Mutual trust is needed between application and all stakeholders. Solution proposed for trustworthy Digital pHealth include ethical design, policy based privacy management and on-line calculation of privacy and trust levels using proven mathematical methods. In the future, novel solutions such as algorithm based access control and data sharing, and algorithm based privacy prediction together with cryptography based blockchain seems to have potential to change the way privacy is managed in Digital pHealth. Technology alone cannot solve current privacy and trust problems. New regulations which not only give users of the Digital pHealth right to set personal privacy polies but also force pHealth service providers and platform owners to prove regulatory compliance of their services are needed.