Privacy Requirements for mobile e-Service in the Health Authority - Abu Dhabi (HAAD)

Abstract

The Health Authority - Abu Dhabi (HAAD) mobile e-Service is a smartphone or smart device installed with the HAAD mobile app. This connects to one or more e-services at the HAAD Cloud to facilitate healthcare services for the residents at the Emirate of Abu Dhabi in the United Arab Emirates (UAE). A mobile device in this context can be effectively considered Internet of Things (IoT), which can provide advanced online services to both healthcare provider and requestor under the control and monitor of the HAAD. Health information is among the most sensitive information of an individual that can be collected and shared. The information that needs to be protected in the healthcare sector is often referred to as Protected Health Information (PHI). Service providers with a good reputation for privacy protection will find it easier to build a trusted relationship with their users. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) defines a set of security and privacy rules to be followed by healthcare providers in the United States of America. The HIPAA standards are designed for protecting health information. This paper discusses related privacy requirements for Mobile e-Service at the HAAD in accordance with the HIPAA privacy requirements.