Meet PICASO at WIKT 2017

Project partner TUK will give a presentation on PICASO at the upcoming  WIKT – 12th Workshop on Intelligent and Knowledge oriented Technologies 2017. The presentation, entitled “SW platform for heterogeneous health care data integration” will be given by Marek Skokan in the first session on 30 November 2017.

The WIKT workshop will take place in Kosice, Slovakia, on 30 November – 1 December 2017. See the programme here.

TUK’s presentation is available for download from the knowledge centre.

Meet PICASO at ICCST 2017

PICASO partner INUIT will be presenting the paper “Understanding and granting Android permissions: A user survey” at the 51st International Carnahan Conference on Security Technology (ICCST 2017) on 25th October 2017, in Madrid, Spain. The presentation is available for download via the knowledge centre.

The ICCST paper is titled: “Understanding and granting Android permissions: A user survey”. PICASO representatives from INUIT are co-authors of the paper and have drawn on their experiences from the development of Apps to patients and their informal carers who will participate in the PICASO trials. The article focuses on how users consider, interpret and react to differences in app permission information which is provided at three different instances of the app installation cycle. This issue is very relevant in the PICASO context as the App for the PICASO home-monitoring solution will transmit patients’ health data to the PICASO platform. Although all patient data in PICASO will be pseudonymised and will otherwise comply with the applicable data protection regulations, it is important from an ethical perspective that users fully understand what the permission entails and why it is necessary.

Christian Schunk, INUIT, will present the paper in Session S6B: Access Control, Wednesday 25 October 2017. The presentation will discuss the study described in the paper followed by a presentation of PICASO focusing on the App and home-monitoring components used in the PICASO trials.

Article abstract:

“Whenever users install a new application on their smart devices with an Android KitKat or Lollipop operating system they are asked to grant the application (app) provider access to features of the device, ranging from data storage to device location and from device identity to the users personal contacts. The implications on users’ privacy and security are significant and therefore the users’ ability to give informed consent is highly important. Previous work has identified low rates of user attention and comprehension to permission warnings and concluded that these fail to inform the majority of users. Here we focus on how users consider, interpret and react to differences in app permission information which is provided at three different instances of the app installation cycle: 1. Before installation in the Google Play Store 2. During the installation process 3. After installation in the Application Manager. The information provided in these instances varies considerably in its granularity and detail. For this purpose, an online survey was developed in which users were asked questions regarding the installation of a mirror app whose main functionality is to use the user facing camera of the phone to mirror the users face (i.e. display an image of the face) on the phone’s screen. The survey participants were shown screen shots of the app description as presented in the Android Market store as well as of the various permission lists as they appear on the screen of the phone. The questions focused on the respondents’ perceptions and their hypothetical choices with regard to the installation of this app. Results show that the various presentations of permission information in Android versions KitKat or Lollipop cause concern and irritate a majority (51.67%) of users, especially those with some basic IT expertise. We conclude that the contextualization of app features and functionalities with the corresponding permissions needs to be improved especially for users with little IT expertise. Further user permission information should be made available at different
and consistent levels of granularity.”

The 51st International Carnahan Conference on Security Technology (ICCST 2017) will be held from 23-26 October 2017, in Madrid, Spain.

Presentation of the UDUS Trial at the DGRh 45th Congress in Stuttgart, Germany

The UDUS trial was presented at the German Society for Rheumatology (GDRh) 45th Congress in September 2017.

PD Dr. Jutta Richter presented the UDUS trial in the Investigator Initiated Trial (IIT) poster session at the DGRh Congress. The poster presentation, “Design of an Information and Communications Technology Platform to Support Coordination of Care for Rheumatoid Arthritis Patients with Cardiovascular Co-morbidities”, describe the main objectives, challenges and results to date of the PICASO trial run by UDUS. Screen shots of the Patient Dashboard and Clinician Dashboard developed by the PICASO team were illustrated in the poster.

 

 

 

Poster Presentation at EULAR 2017

The PICASO trial run by project partner UDUS was presented at the Annual European Congress of Rheumatology (EULAR) in Madrid, Spain, in June 2017. The poster presentation focused on the experiences and knowledge gained so far in developing the PICASO platform and setting up the UDUS trial. The trial will implement and demonstrate the technical solution developed in the project and it will involve 30 patients with Rheumatoid Arthritis and cardiovascular co-morbidities.

The paper entitled “Design, development and implementation of an information and communications technology platform to support coordination of care for patients with Rheumatoid Arthritis and cardiovascular co-morbidities – first experiences” was presented at EULAR by PD Dr. Jutta Richter, UDUS, Policlinic of Rheumatology.

The presentation abstract is available from the EULAR Abstract Archive here.

Download the EULAR 2017 Poster.

The EU commission’s risky choice for a non-risk based strategy on assessment of medical devices

PICASO will deploy a home-monitoring solution where the involved patients will be asked to use and test at least three different devices to monitor specific health parameters. The devices used in the project have been carefully selected to ensure that they fulfill the necessary security and quality requirements in order to protect patients, and clinicians, in the trials from harm.

Paul Quinn, representing the project’s legal expert partner, VUB, has published an article in Computer Law & Security Review that discusses the regulation of mHealth devices in the context of the EU Medical Device Framework (MDF) and the how the concept “intended purpose” is used to determine if a device or mobile app have to comply with the MDF.  The article entitled “The EU commission’s risky choice for a non-risk based strategy on assessment of medical devices” questions if this key concept is really adequate to protect patient safety.

Article abstract

Regulation of medical devices has been one of the most notable regulatory initiatives of the European Union. The need to ensure that medical devices are of a high quality is self-evident in nature. This is demonstrated by the lack of willingness of both healthcare institutions and professionals to use medical devices that have not properly been certified. In determining which devices are medical devices and should therefore meet the requirements of the regulatory framework, both the current and the proposed frameworks foresee a central place for the concept of ‘intended purpose’. This means that only those manufacturers that have explicitly stated that their device is to be used for a medical purpose should have to comply with the medical device framework. Unfortunately, however, this concept has become increasingly problematic given the rise in mHealth (mobile health) practices and ‘appification’ (shift to mobile devices) in particular, arguably posing potentially serious risks to human health in certain cases. This article discusses the problems that are created by the ever-increasing amount of ‘well-being’ apps and the fact that most will not be classed as medical devices. Despite apparently being aware of these problems, the EU Commission has opted to maintain its current approach in the newly proposed regulation, choosing not to employ other approaches as the FDA has for example done in opting to use a ‘risk based case-by-case approach’.

The Computer Law and Security Review (CLSR) is an international journal of technology law and practice providing a major platform for publication of high quality research, policy and legal analysis within the field of IT law and computer security. The article is available online at www.sciencedirect.com.