posted on 2024-10-01, 12:09authored byRebecca Panskus, Max Ninow, Sascha FahlSascha Fahl, Karola Marky
Central digitization of health records bears the potential for better patient care, e.g., by having more accurate diagnoses or placing less burden on patients to inform doctors about their medical history. On the flip side, having electronic health records (EHRs) has privacy implications. Hence, the data management infrastructure needs to be designed and used with care. Otherwise, patients might reject the digitization of their records, or the data might be misused. Germany, in particular, is currently introducing centralized EHRs nationwide. We took this effort as a case study and captured privacy mental models of EHRs. We present and discuss findings of an interview study where we investigated expectations towards EHRs and perceptions of the German infrastructure. Most participants were positive but skeptical, yet expressed a variety of misconceptions, especially regarding data exchange with health insurance providers and read-write access to their EHRs. Based on our results, we make recommendations for digital infrastructure providers, such as developers, system designers, and healthcare providers.
History
Primary Research Area
Empirical and Behavioral Security
Name of Conference
Symposium on Usable Privacy and Security (SOUPS)
Journal
SOUPS
Page Range
525-542
BibTeX
@conference{Panskus:Ninow:Fahl:Marky:2023,
title = "Privacy Mental Models of Electronic Health Records: A German Case Study.",
author = "Panskus, Rebecca" AND "Ninow, Max" AND "Fahl, Sascha" AND "Marky, Karola",
year = 2023,
month = 8,
journal = "SOUPS",
pages = "525--542"
}