Security aspects of ubiquitous computing in health careSicherheitsaspekte von Ubiquitous Computing im Gesundheitsbereich

Today, ubiquitous devices lack many of the security features known in desktop computing, an industry that is known to have a plethora of security problems. As ubiquitous devices are increasingly applied in the health care industry, security aspects need to receive even more attention. Clearly, patient-related data is extremely sensitive and legal requirements (such as HIPAA) attempt to enforce strict privacy controls. While we cannot solve the overall problem, our proposal to use RFID tags to authenticate users with ubiquitous devices addresses one of the most fundamental requirements of all security mechanisms: to reliably establish the user's identity. In this paper we discuss some questions that raised during experiments with ubiquitous devices at Graz University Hospital. The main problems which could be identified included security and privacy issues (protection precautions, confidentiality, reliability, sociability). The experiments showed that new and emerging computer technologies such as mobile, ubiquitous and pervasive computing have an enormous potential for the improvement of manifold workflows in health care, however, psychological and technological research must be carried out together in order to bring clear benefits for the end-users and to optimize workflows in health care in the daily routine.