An open platform for personal health record apps with platform-level privacy protection

Comput Biol Med. 2014 Aug:51:14-23. doi: 10.1016/j.compbiomed.2014.04.019. Epub 2014 May 4.

Abstract

One of the main barriers to the adoption of Personal Health Records (PHR) systems is their closed nature. It has been argued in the literature that this barrier can be overcome by introducing an open market of substitutable PHR apps. The requirements introduced by such an open market on the underlying platform have also been derived. In this paper, we argue that MyPHRMachines, a cloud-based PHR platform recently developed by the authors, satisfies these requirements better than its alternatives. The MyPHRMachines platform leverages Virtual Machines as flexible and secure execution sandboxes for health apps. MyPHRMachines does not prevent pushing hospital- or patient-generated data to one of its instances, nor does it prevent patients from sharing data with their trusted caregivers. External software developers have minimal barriers to contribute innovative apps to the platform, since apps are only required to avoid pushing patient data outside a MyPHRMachines cloud. We demonstrate the potential of MyPHRMachines by presenting two externally contributed apps. Both apps provide functionality going beyond the state-of-the-art in their application domain, while they did not require any specific MyPHRMachines platform extension.

Keywords: Apps; Architecture; Personal health records; Privacy; Trust.

MeSH terms

  • Computer Security*
  • Electronic Health Records*
  • Health Records, Personal*
  • Humans
  • Software*