A Reference Architecture Proposal for Secure Data Management in Mobile Health

Mobile health (mHealth) is becoming a prominent component of healthcare. As the border between wearable consumer devices and medical devices begins to thin, we extend the mHealth definition including sports, lifestyle, and wellbeing apps that may connect to smart bracelets and watches as well as medical device apps running on consumer platforms and dedicated connected medical devices. This trend raises security and privacy concerns, since these technologies collect data ubiquitously and continuously, both on the individual user and on the surroundings. Security issues include lack of authentication and authorization mechanisms, as well as insecure data transmission and storage. Privacy issues include users’ lack of control on data flow, poor quality consent management, and limitations on the possibility to remain anonymous. In response to these threats, we propose an advanced reference platform, securing the use of wearables and mobile apps in the mHealth domains through citizens’ active protection and information.