TY - GEN
T1 - Investigating Protected Health Information Leakage from Android Medical Applications
AU - Grispos, George
AU - Flynn, Talon
AU - Glisson, William Bradley
AU - Choo, Kim Kwang Raymond
N1 - Funding Information:
Acknowledgments. This research was financially supported by the Nebraska Research Initiative (NRI). The statements, opinions, and content included in this publication do not necessarily reflect the position or the policy of the NRI, and no official endorsement should be inferred.
Publisher Copyright:
© 2021, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.
PY - 2021
Y1 - 2021
N2 - As smartphones and smartphone applications are widely used in a healthcare context (e.g., remote healthcare), these devices and applications may need to comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. In other words, adequate safeguards to protect the user’s sensitive information (e.g., personally identifiable information and/or medical history) are required to be enforced on such devices and applications. In this study, we forensically focus on the potential of recovering residual data from Android medical applications, with the objective of providing an initial risk assessment of such applications. Our findings (e.g., documentation of the artifacts) also contribute to a better understanding of the types and location of evidential artifacts that can, potentially, be recovered from these applications in a digital forensic investigation.
AB - As smartphones and smartphone applications are widely used in a healthcare context (e.g., remote healthcare), these devices and applications may need to comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. In other words, adequate safeguards to protect the user’s sensitive information (e.g., personally identifiable information and/or medical history) are required to be enforced on such devices and applications. In this study, we forensically focus on the potential of recovering residual data from Android medical applications, with the objective of providing an initial risk assessment of such applications. Our findings (e.g., documentation of the artifacts) also contribute to a better understanding of the types and location of evidential artifacts that can, potentially, be recovered from these applications in a digital forensic investigation.
KW - Information leakage
KW - Medical device
KW - Mobile phone
KW - Privacy
KW - Protected Health Information
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85111426556&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85111426556&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-78459-1_23
DO - 10.1007/978-3-030-78459-1_23
M3 - Conference contribution
AN - SCOPUS:85111426556
SN - 9783030784584
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
SP - 311
EP - 322
BT - Future Access Enablers for Ubiquitous and Intelligent Infrastructures - 5th EAI International Conference, FABULOUS 2021, Proceedings
A2 - Perakovic, Dragan
A2 - Knapcikova, Lucia
PB - Springer Science and Business Media Deutschland GmbH
T2 - 5th EAI International Conference on Future Access Enablers for Ubiquitous and Intelligent Infrastructures, FABULOUS 2021
Y2 - 6 May 2021 through 7 May 2021
ER -