Anytime, anywhere access to secure, privacy-aware healthcare services: Issues, approaches and challenges

• This paper systematically rationalizes and explores security and privacy related issues in providing anywhere, anytime healthcare services.
• We survey the existing approaches and discuss health IT infrastructural governance, institutional and cross-national policy challenges to address the relevant security and privacy issues.
• We highlight the challenges for cross-country data protection and the balance to be achieved for privacy rights.
• In exploring the attack space against which anytime, anywhere healthcare paradigm must defend itself, we identify four categories: user plane, application plane, communication plane, and device plane.

A new paradigm, which is at the early stage of inception, is reshaping global healthcare services with emphasis shifting from sporadic acute health care to continuous and integrated health care—an approach being further perfected as anywhere, anytime healthcare services. Recent advances in e-health informatics, digital transformation and remote data exchange, mobile communication, and medical technologies are the enablers of this new paradigm. Monitoring and on-time intervention, integrated care, self-care, and social support are four value-added features of anywhere, anytime health care. The already precarious security and privacy conditions of healthcare domain are expected to aggravate in this new paradigm due to lot more monitoring, collection, storage, sharing, and retrieval of patient information as well as collaboration among many different caregivers, institutions and systems. This paper aims to systematically rationalize and explore security–privacy related issues in providing anywhere, anytime healthcare services. We survey the existing approaches and discuss health IT infrastructural governance, institutional and cross-national policy challenges to address the relevant security and privacy issues. We categorize these issues in relation to the users, applications, communications, and devices. A consolidated effort from technological, human factor, and social research communities can lead to an adequate response to key privacy and security issues in this nascent anytime, anywhere healthcare paradigm.