In the last decade, the usage of mobile and smartphones has grown exponentially. According to a mid-2019 report [1
], the vast majority of Americans (96%) own a cellphone of some kind, while the share of Americans that own smartphones is 81%. This fact has spurred the scenario of mobile health (also referred to as mHealth), which, as stated by the World Health Organization, is the “medical and public health practice supported by mobile devices” [2
]. The coverage of mHealth includes several aspects, such as the acquisition, manipulation, classification and transmission of health-related information [3
]. Thus, the users become the center of the action, being producers and owners of their own biomedical data and signals, which can be ubiquitously gathered with their own personal health devices and transmitted by means of their personal mobile devices. Furthermore, the users can analyze their biomedical data locally and share them with both formal and informal caregivers. Ultimately, such data can be either stored in personal data vaults for future consultations or sent to other systems or services, depending on the mHealth application.
All said, although the feasibility and availability of traditional telemonitoring mHealth services have been thoroughly described in the literature [4
], there are still challenges to be solved, mainly related to security and privacy concerns. Moreover, the fixed structures of such centralized architectures traditionally promoted by manufacturers could lead to lack of engagement, motivation or connections among their users, who may decide to create their own solutions [6
]. Indeed, many patients and communities today are demanding to become co-producers and, in the end, holders of their own data. If they do not get to have control, they may take over and create the necessary tools to gain self-empowerment themselves. An epitome thereof is the Nightscout movement [7
], an open-source, Do-It-Yourself project allowing real-time access to a glucose monitor, as well as data persistence in the cloud. This project can be seen as an illustration of the difference between “patient-centered care” and “real patient controlled care”, where it is the patients, the relatives and the communities they live in who finally “make sense” of things, define the goals and stress coherence [8
Although the Nightscout project has provided valuable lessons for the new paradigm of empowered citizens, one logical step forward is the use of social-media-based health systems, since they could foster engagement, empowerment and community building [9
]. Besides the predominantly ludic character of social media, new uses in different domains are being investigated and developed nowadays. They are driven by the attracting features of social media as well as their remarkable mass of users (e.g., as of September, 2020, Facebook claimed to have 3 billion users [10
], which represent nearly one-third of the world’s population). Reciprocally, attracting new users to social media, e.g., those coming from mHealth scenarios, would help social media to reaffirm their leading position in today’s internet panorama. Indeed, social media provide a wide variety of tools that enable users to build communities around them where they can create, share and exchange information in different formats [11
]. Ever since the social media appeared, the idea of combining social media and healthcare has gained momentum. Studies have found that healthcare organizations, clinicians, patients and regulatory bodies could benefit from the use of social media [12
]. However, in spite of the promising benefits of social-media-based healthcare, there are some challenges still to be solved. Most of those issues are linked to privacy and security concerns, but there are also open questions about usability, manipulation of identity, governance or confidentiality, along with the aforementioned demotivation [9
As it has been marked in the literature, there is limited evidence related to the efficacy and effectiveness of social media in healthcare [9
]. Most projects combining healthcare and social media so far use data mining to analyze shared health-related data and extract valuable information [16
]. To date, however, there is little effort in the literature towards social-media-based mHealth systems where biomedical data are sent through social media while taking into account security and standardization. An example that partially accomplish such a goal was presented in [19
]. This system leverages Twitter to send the main data to a back-end repository using a web based approach, while offering the possibility of sharing health-related messages constructed according to particular status descriptors using a medical nomenclature. Nonetheless, as regards to privacy and security, they only make use of the built-in security policies implemented by Twitter (open authentication and private lists). Related to this, the authors presented a technical proof-of-concept system for following up cardiovascular patients using Twitter and Health Level 7 (HL7) [20
], which can be considered an improvement thereof. Nevertheless, no further security and privacy measures were implemented.
Thus, adequate protection policies shall be implemented in social-media-based, mHealth applications to achieve security and privacy levels in line with the demands of users and the regulations applicable. Examples of such regulations are the Health Insurance Portability and Accountability Act (HIPAA) in the United States or the General Data Protection Regulation (GDPR) in Europe, effective since 2018. The use of HIPAA as a means for achieving standardized data security and privacy in mHealth scenarios has already been proposed in the literature [21
]. A common objective of these regulations is to guarantee Information Assurance and Security (IAS). Traditionally, confidentiality, integrity and availability—also referred to as the CIA-triad—were the elements modelling IAS. Nowadays, the CIA-triad has evolved to a more comprehensive IAS-octave (confidentiality, integrity, availability, accountability, auditability, authenticity, non-repudiation and privacy) [22
]. Such regulations also enforce prevention and reaction to data breaches as well as responsibility and sanctions to those that do not thoroughly address the aforementioned measures. Social media services must comply with regulatory requirements of the countries they are working in. However, uploading unprotected data to social media could sow suspicion or mistrust among users. Therefore, the design and implementation of an additional robust security layer, being complementary to the measures already implemented by social media, would help to guarantee independence from their privacy policies and raise the trust of the potential users.
Additionally, it is true that any ad-hoc secure, private, social-media-based, mHealth solution is able to exchange biomedical information without the need of a common information model. However, this may not suffice if pervasive, distributed, integrated biomedical ecosystems are to be achieved [23
]. In order to accomplish at least semantic interoperability—according to the model proposed by Turnitsa et al. [24
]—the content of the information exchange requests must be unambiguously defined. Hence, biomedical interoperability standards are highly recommended. Within the healthcare domain, initiatives like HL7 or Digital Imaging and Communication in Medicine (DICOM) are robust, widespread examples of this standardization effort.
The elements presented in the paragraphs above—to wit, mHealth, social media, security/privacy and standardization—are usually treated as separate, or, at least, loosely integrated fields. The existing literature offers preliminary examples describing systems that partially cover some of these fields combined, being the most complete so far the work conducted by Triantafyllidis et al. [19
] and a previous work by the authors [20
]. Thus, the underlying hypothesis of this paper is that all these components could be seamlessly merged to build enhanced healthcare services (this is covered in Section 2
). As a result, the main objective of this work is to propose a generic architecture for building standardized, secure, private, social-media-based mHealth services (Section 3.1
). For the sake of simplicity and convenience, we introduce here the acronym mH3S (after mHealth, standardized, secure and social). Secondly, a proof of concept of the proposed mH3S architecture will be also presented (Section 3.2
). It is composed of (a) Twitter as the social media, (b) version 2 of HL7 as a means for interoperability, (c) openPGP as security envelope and (d) a particular embedding algorithm. Third, both the generic architecture proposed and the technical proof-of-concept implementation are discussed in Section 4
. Conclusions are drawn in Section 5
. Table 1
provides a list of the acronyms used throughout the paper.
2. Materials and Methods
The methodology proposed in this paper consists of two steps. First, the current mHealth architectures—focused on telemonitoring architectures—are illustrated, covering the traditional usage and their evolution. Second, the limitations of the architectures composing such evolution are described through a comprehensive review of the existing literature, which ultimately will lead to the identification of new potentialities for a novel approach.
2.1. Analysis of Traditional Telemonitoring mHealth Architectures
A generic mHealth architecture facilitates the implementation of mHealth applications, usually grouped in three major—and interrelated—fields: health and fitness, independent living and disease management. Although other mHealth applications are possible—e.g., medical reference, nutrition or wellness applications–, the scope of this paper is focused in applications that are able to report medical status updates to formal or informal caregivers. Such applications demand a reliable and efficient acquisition of personal biomedical information, its adequate storage and a pervasive, ubiquitous and controlled access to the users that need to consult this information.
To cope with the requirements of the health scenarios described above, different mHealth architectures have been proposed and developed in the literature [4
]. Reference [4
], published in 2015, reviews mHealth services and shows a typical architecture thereof. Reference [5
] performs a survey on the architectures of telemonitoring research projects in 2014 and, from that knowledge, derives a common architecture of telemonitoring systems, which can be summarized in three distinct tiers: sensors, gateway and remote server.
Based on such reviews, a generic mHealth architecture is illustrated in Figure 1
, which is further detailed as follows. The most basic end-to-end mHealth architecture is comprised by two elements. First, a Personal Health Device (PHD) or, more generically, a sensing unit, which collects and sends the user’s biomedical information. Second, a Host System (HS), which stores the collected information, for example a Health Information System (HIS) with an Electronic Health Record (EHR) or a Personal Health Record (PHR), the latter also referred to as personal data vaults. In addition, there are usually several PHDs around the patient/user, and they seldom have the connectivity to reach the HS—to date, few PHDs are Internet-ready, although the paradigm may be shifting due to the Internet of Medical Things [25
]. Thus, most mHealth architectures today include a third element, namely the concentrator device, a mobile device, e.g., cell phone or tablet, which gathers the biomedical data from the different PHDs and forwards them to the HS. Furthermore, depending on the intended mHealth application, various other elements can be incorporated into the end-to-end architecture. For example, service providers and medical systems would be placed before and after the data arrive at the HS. Examples of medical systems are alarm systems or Clinical Decision Support Systems (CDSS). They would perform different operations included in the scope of the HS, such as the management, monitoring, processing or follow-up the user’s biomedical information. Moreover, other elements can connect with the HS to either share medical information, such as third-party host systems, or access that information, such as a consultation systems, thereby interfacing the caregivers and the users with the HS (see Figure 1
As regards to the persons involved, generally, up to four types can be distinguished in a traditional mHealth architecture:
The patients or users: They record the biomedical measurements remotely.
The formal caregivers: Nurses and physicians who review the information and follow up patients/users.
Researchers: Eventually, a researcher would analyze the data gathered from a patient/user or a group of them to investigate into a specific scenario or pathology.
The technicians: They are in charge of ensuring that the hospital devices and the back-end services work properly.
In the most basic architecture, the patient/user is the only actor involved, who monitors themselves using a mobile application (synchronized or not with a server acting as PHR), becoming an informal caregiver to themselves.
2.2. Limitations of the Traditional Approach, Current Evolution and Potential Features
As technology evolved and mHealth architectures were becoming more pervasive, additional problems were detected and higher architectural requirements were considered necessary.
One of the first issues identified was the lack of interoperability [26
], which has been a common topic of debate to date. This issue has commonly been addressed by creating medical terminologies and medical standards. Within the former group, one of the most prominent is the Logical Observation Identifiers Names and Codes (LOINC). The latter group comprises a wide variety of examples. A prominent effort would be the International Organization for Standardization (ISO)/Institute of Electrical and Electronics Engineers (IEEE) 11073, intended for the interoperability of medical devices. Another example is DICOM, intended for medical images. Additionally, the Standard Communications Protocol for computer assisted ElectroCardioGraphy (SCP-ECG) for the transmission of ECGs. To conclude with the examples, HL7 is a set of standards for facilitating the exchange of medical information. Architecturally, some organizations have proposed a variety of technical frameworks to promote the use of such standards. The most prominent is Integrating the Healthcare Enterprise (IHE). It provides a set of profiles that describe clinical information needs or workflow scenarios and rely on existing medical standards to accomplish them. There has been effort in the literature presenting some architectural proposals of end-to-end standard-based mHealth frameworks [28
Despite the undeniable benefits of standard-based mHealth, the lack of privacy and security is still one of the major concerns [30
]. As regards to consumers attitude, having control over mHealth privacy and security features as well as trust in providers were recently identified as key issues [32
]. Moreover, there are national and international regulations—as the aforementioned HIPAA or GDPR—which compel mHealth architecture designers to take into account aspects such as confidentiality, integrity, availability, accountability, auditability, authenticity, non-repudiation and privacy. Effort can be found in the literature aimed at providing secure, standard-based mHealth architectures. For example, Rubio et al. proposed a flexible structure that provides features tailored to the needs of different mHealth applications, based on a multi-layered, IHE-based extension of ISO/IEEE 11,073 [33
In parallel, while traditional mHealth architectures were deployed by healthcare authorities, they were thereby inevitably—albeit not intentionally—mainly focused on medical staff and supporting clinical work. In such traditional structures, the core of the service is located at the HIS, and it is developed by the public or private healthcare organization offering the mHealth service. This situation entails an effort to maintain the software updated and the data available. Current trends in data management, however, indicate a paradigm shift towards cloud computing, which enables designers to consume different resources on-demand. Such resources include infrastructure (computation, storage, networking), components that facilitate the creation of applications and services (e.g., middleware), and third-party software and/or data. Services such as Amazon Web Services, Google Cloud Platform or Microsoft Azure have gained noticeable ground, due to their wide range of options and flexibility. In this context, Rahimi et al. reviewed the state of the art of cloud computing in mobile environments and illustrated their application to various domains, including health [34
]. In the same report, they alert that security and privacy are critical aspects with still open research issues. Nonetheless, effort towards mobile cloud computing in health environments taking into account—albeit to different degrees—standardization and security/privacy concerns can be found in the literature [35
]. In 2012, Hsieh et al. proposed cloud and pervasive computing based 12-lead electrocardiography service to realize ubiquitous 12-lead ECG tele-diagnosis. In such paper, they selected the Microsoft Azure cloud to process and store heterogeneous ECG formats (e.g., SCP-ECG or DICOM-ECG). They included some security and privacy features. For example, authentication based on roles and internet protocol address range, data encryption (via hypertext transfer protocol secure (HTTPS)), secret key protected storage or ECG file encryption and verification while reports are retrieved [35
]. In 2013, Ribeiro et al. described a solution for outsourcing medical images to Amazon elastic compute cloud based on DICOM and a number of IHE profiles, but foremost on cross-enterprise document sharing for images. As regards to security, they proposed an encryption method which hides access patterns to attackers, yet allows searches through the content [36
]. In 2016, Hanen et al. published a healthcare system in mobile cloud computing environments. They used a cloud simulator to convey DICOM-compliant medical images considering some security and privacy issues, such as authentication, access control or data encryption [37
]—although the real implementation has not been published so far.
While the cloud is a promising technology for mobile health care environments, it is mainly intended for back-end purposes—usually including computing load. In addition, cloud-computing technologies are not directly connected to the user’s personal network. In contrast, healthcare frameworks that are user-friendly, social, empowering, decentralized, technically easy to deploy and self-manageable could lead to a paradigm shift. This can be achieved by using social media, e.g., Twitter, Facebook, etc., which can be seen as a particularization of clouds. At a technical level, this framework would be decentralized and highly flexible, designed to enable and promote contents with global reach and high frequency. This would be achieved thanks to inexpensive means (generally, no monetary cost is charged to the end user) and practical tools available for anybody to publish, share and view contents within short delay. Therefore, the development of social-media-based mHealth services has the potential to promote the recruitment and reinforce the engagement of users and their communities. It could also enable fast, flexible, user-oriented and user-controlled configuration of mHealth architectures and fast and inexpensive structural deployment. To do so, mHealth apps that use social media to manage and share personal biomedical data in an automatic way can be built by means of the public Application Programming Interfaces (APIs) exposed by social media companies. An associated issue that must be addressed when building social-media-based services is that such APIs do not allow a high ratio of data sent per post (e.g., Twitter limitation of characters). However, more importantly, interoperability, security and privacy concerns should not be overlooked.
Considering all the above, to date, the best approximation to an comprehensive system was conducted by Triantafyllidis et al. [19
], who used a social media (Twitter) to monitor patient data. In order to univocally describe the symptoms or alerts tweeted by the patient, this proposal makes use of the Systematized Nomenclature of Medicine—Clinical Terms (SNOMED-CT) [38
] and the Unified Medical Language System (UMLS) [39
] metathesaurus API. Nevertheless, the biomedical message is not formatted according to any biomedical standard—leaving aside the thesaurus. Thus, it could not interoperate seamlessly with a HIS. With respect to its security policy, it is strictly based on Twitter-related features. In particular, they make use of lists of users to control the privacy of people subscribing to a service. They also use Open Authorization (OAuth) [40
] to authorize the automated sending and receiving of tweets from a user account. Finally, their system relies on default HTTPS for secure communications. Nevertheless, this scheme does not implement end-to-end security, and thus the information can be accessed in clear in the Twitter servers. An enhancement of such framework was proposed by the authors in [20
], where a proof-of-concept system for following up cardiovascular patients using Twitter and HL7 was implemented. However, it was still restricted to a specific medical standard and the security and privacy measures implemented were just those built-in by Twitter. Moreover, the system relied in a traditional client-server architecture, which reduced the possibilities of users creating their own systems and thus empower themselves.
Efforts in the literature have proposed some specific frameworks partially fulfilling the requirements for mH3S services. To date, however, there is no proposal integrating all these concerns in a single system. Therefore, in this paper we propose a generic architecture for easy-to-deploy mHealth services based on social media, which convey information in compliance with medical standards, while enhancing security and privacy of end users. Thus, the architecture will enjoy the advantages that a social media network provides, such as a user/patient social network, built-in reliability and scalability, or up-to-date GDPR-compliant servers, while conveying standardized biomedical data with enhanced security and privacy measures applied.
In this paper, a generic mH3S architecture has been proposed. Such architecture provides users with an enhanced healthcare service. The novelty of this approach can be summarized as follows:
Novel architecture: Instead of a client-server architecture or a cloud-based architecture, we propose an end-to-end system that leverages online social networks as a backbone.
Empowered users and patients: Users do not rely on anyone to create a secure, private communication channel. They decide what to share and with whom.
User-friendly way: Attractive and relatable media objects (images, videos) with biomedical data embedded are shared through a social media network.
Straightforward deployment: Users only need to install a mobile application and perform some minor configuration.
Affordable: The users are not asked to spend any money to use the system. Only a mobile phone with internet connection is required.
High uptime availability: The system leverages online social networks as a backbone. Thus, the servers are almost always up.
Improved security and privacy: This is due to the security envelope, based on a hybrid cryptosystem, therefore combining the convenience of public-key approaches with the efficiency of symmetric-key schemes. Social networks convey the information, but not even they are able to read the biomedical data travelling through their servers.
Reduced added complexity: Users are required to manage some key-related aspects, but this is common practice for current users of smartphones and applications and it could be carried out easily and swiftly.
Augmented integrability: This is provided by the internal support of medical interoperability standards.
Additionally, a technical proof-of-concept implementation of such architecture has been developed by selecting a specific social media (Twitter), a security envelope (openPGP), an interoperability standard (HL7) as well as a specific embedding algorithm. To accomplish such a system, two Android applications were developed: one for users/patients and the other for formal/informal caregivers. This implementation demonstrates the feasibility of the platform. The tests show that the process is fast: less than 1 s, even for preparing (that is, encryption, encoding and embedding) ~600 kB of biomedical data. Thus, the additional complexity of the procedure does not entail impractical delays, and therefore, the platform can be considered fast enough for most mHealth telemonitoring services.
As a final reflection, it can be highlighted that, although the architecture presented and discussed in this manuscript has been motivated by a biomedical context, it could certainly be applied to other contexts. For example, by replacing the medical interoperability standard with another standard or data format suitable for the application. Therefore, the generic architecture proposed here can actually be seen as an enabler of payload transparency.