Abstract
Assuring security and privacy of data is a key challenge for organizations when developing WBAN applications. The reasons for this challenge include (i) developers have limited knowledge of market-specific regulatory requirements and security standards, and (ii) there are a vast number of security controls with insufficient implementation detail. To address these challenges, we have developed a WBAN data security and privacy risk management framework. The goal of this paper is trifold. First, we present the methodology used to develop the framework. The framework was developed by considering recommendations from legislation and standards. Second, we present the findings from an initial validation of the framework’s usability and effectiveness of the security and privacy controls. Finally, we present an updated version of the framework and explain how it addresses the aforementioned challenges.
Highlights
A Wireless Body Area Network (WBAN) application is composed of intelligent, lowpower sensor nodes which monitor body functions and physiological states
Assuring security and privacy of personal health record (PHR) data are a key concern and challenging task faced by developers of WBAN applications
Developers have difficulties in assuring security and privacy of WBAN based healthcare applications for a number of reasons which include: lack of knowledge and complexity of the security and privacy standards; lack of understanding of what assets need to be protected in WBAN ecosystems; and difficulty with the identification of appropriate controls and lack of implementation details
Summary
A Wireless Body Area Network (WBAN) application is composed of intelligent, lowpower sensor nodes which monitor body functions and physiological states These sensor nodes can collect and process data, store it locally and transmit it to an actuator or a local server. A WBAN based health care application can provide long term health monitoring of a patient’s natural physiological states without constraining their everyday activities. It helps in the provision of a smart, accessible and affordable health care system. Data privacy governs how data are collected, shared and used; it ensures that only authorized persons can access the data [7]. As PHR data include both PII and patient health record data, privacy needs to be assured for both PII and health record data
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
