The European Network and Information Security Agency (ENISA) has issued a report focusing on emergent risk scenarios in remote eHealth monitoring and treatment environments.

The ENISA report examines the major potential Emerging and Future Risks (EFR) in a possible remote health monitoring and treatment scenario.

It takes the scenario of an individual with diabetes in 2011, identifying emerging and future risks in remote health monitoring and treatment.

In the report 14 risks are identified, ranging from: data protection legislation, mission creep – such as meaning secondary use of data, intrusive data surveillance and profiling by insurance companies, employers, credit-checking companies, etc, data loss or theft, system failures and service disruption.

The report states: “Caution seems to be the prudent answer at this point: the benefits are clear, but also the risks entailed cannot be ignored.”

The report is the result of an Emerging and Future Risk assessment based on scenario building and analysis, and the first of its kind carried out by the EU agency.

The executive director of ENISA, Mr Andrea Pirotti said: “With the development of the EFR capacity, the agency aims at early identification of risks for new application areas and technologies.”

He said the new risk analysis capability available from ENISA could help developers and policy makers understand the impacts of new application and manage the resulting risks. “At the example of the analyzed e-health scenario ENISA underlines the risks of an overly optimistic approach to e-health, driven by the industry,” said Priotti.

He added: “While such initiatives and services are undoubtedly beneficial and worth deploying for the general good, we must at least identify and understand the various challenges posed and need to be overcome, in particular in respect to security and privacy.”


The full report can be found at ENISA’s website