Show simple item record

dc.contributor.authorAljohani, Maha
dc.date.accessioned2019-01-08T14:22:37Z
dc.date.available2019-01-08T14:22:37Z
dc.identifier.urihttp://hdl.handle.net/10222/75069
dc.description.abstractThe increase in privacy legislation has motivated our research on integrating privacy law requirements as design requirements. An effective privacy compliance framework requires communication between privacy professionals and IT designers. To bridge the gap between the two professions, we propose and apply mixed methods of Participatory Design (PD) techniques to collaboratively construct design ideas from multidisciplinary teams based on the legal perspective of privacy. In focusing on enhancing the privacy of the user interface in the context of online patient portals, we aim to develop a taxonomy of a usable privacy framework derived from PD for IT designers as a one-stop-shop framework to help them show compliance with privacy legislation. We started with the requirement-gathering phase by analyzing the Nova Scotia’s Personal Health Information Act (PHIA) to generate a set of privacy patterns that cover individuals’ privacy rights. Next, we conducted in-depth interviews to communicate the design solutions proposed from the privacy patterns and cover gaps we discern from the initial analysis. We applied Grounded Theory to the qualitative data we collected to form a set of privacy-preserving design guidelines regarding Notification, Data Collection, Data Access, Information Disclosure, and Consents. These guidelines shape our initial privacy-preserving requirements and are used as input (tasks) to the cooperative prototyping sessions. Our proposed cooperative prototyping sessions, as participatory design research, are divided into two studies. Three rounds of the Collaborative Analysis of Requirement and Design (CARD) was conducted to provide a high-level task analysis and used to build on our proposed privacy-preserving framework. The results from the CARD sessions were used as input to the next four Decision-Making (DM) workshops as a way to include privacy professionals and multidisciplinary teams in the early design phase. We focus on bringing diverse perspectives to construct usable and privacy-preserving collaboratively agreed-upon designs. Privacy professionals evaluated these designs during the workshops. We also apply Activity Theory as a qualitative framework to understand how multidisciplinary teams create common agreed-upon designs and share expertise as a supportive potential contribution. The final phase was combining the inputs from all the previous phases to form our proposed usable privacy-preserving framework as our main potential contribution that is Nova Scotia PHIA-compliant.en_US
dc.language.isoenen_US
dc.subjectPrivacyen_US
dc.subjectUsable Privacyen_US
dc.subjectPrivacy Design Requirementsen_US
dc.subjectPrivacy Preserving Frameworken_US
dc.subjectPersonal Health Informationen_US
dc.titlePARTICIPATORY DESIGN RESEARCH TO INTEGRATE PRIVACY LAW REQUIREMENTS AS DESIGN REQUIREMENTS FOR PATIENT PORTAL USER INTERFACEen_US
dc.date.defence2018-12-05
dc.contributor.departmentFaculty of Computer Scienceen_US
dc.contributor.degreeDoctor of Philosophyen_US
dc.contributor.external-examinerDr. Shomir Wilsonen_US
dc.contributor.graduate-coordinatorMichael McAllisteren_US
dc.contributor.thesis-readerDr. Kirstie Hawkeyen_US
dc.contributor.thesis-readerProf. Carla Heggieen_US
dc.contributor.thesis-supervisorDr. James Blusteinen_US
dc.contributor.ethics-approvalReceiveden_US
dc.contributor.manuscriptsNoen_US
dc.contributor.copyright-releaseNot Applicableen_US
 Find Full text

Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record