Privacy and security disclosures on telecardiology Web sites
First Monday

Privacy and security disclosures on telecardiology Web sites by Lynsey Dubbeld

This article discusses telemedicine providers’ online privacy and security disclosures. It presents the results of an exploratory study of a number of telecardiology companies’ Web sites, providing insight in some of the current strategies towards data protection and information security in the international telemedicine market. The paper concludes that the online privacy notices in our sample are far from being standardized and complete. In view of privacy risks, as well as the transitory stage of the telemedicine sector, the underdeveloped state of online privacy notifications is disappointing — and a missed chance for those who are interested in the successful future development of Internet privacy and telemedicine–based healthcare.


Online privacy practices
Online privacy and security policies: Number and location
Online privacy policies: Content




Privacy and information security concerns have often been considered as barriers to the widespread adoption of telemedicine. Making healthcare professionals and patients aware of the ways in which patient data and personal information will be protected appears to be a crucial step towards the successful application of telemedicine systems.

From this perspective, it is to be expected that telemedicine businesses will make use of Web sites to disclose their approaches and solutions to privacy and security issues to those involved in the use of telemedicine products and services, in particular healthcare professionals and patients. For instance, Web sites’ display of a privacy policy or third party security seal could serve as a means to express telemedicine providers’ commitment with privacy and security safeguards. In addition, online references to the information security techniques that telemedical systems employ can be considered as illustrations of companies’ preferences for privacy protective strategies. Moreover, there is an increasing amount of regulation, and initiatives towards standardization and self–regulation, that will put pressure on Web sites to adopt online privacy disclosures.

Therefore, an analysis of privacy policies on commercial telemedicine providers’ Web sites is likely to yield insights in the ways in which information about privacy and information security is being presented to stakeholders, as well as in the industry’s preferred approaches to privacy risks. This article presents the results of a Web site analysis of a number of telecardiology companies that was concerned with exploring telemedicine providers’ online privacy and security disclosures.




In the past few years, telemedical products and services in the field of cardiology have come to attract considerable commercial interests [1]. The design and use of telemedical systems that aim to contribute to cardiac care have increasingly become a business affair: commercial enterprises are investing heavily in the innovation of telemedical devices and services that are made available to healthcare professionals as well as the consumer market. For example, a U.S.–based company that has been manufacturing biomedical technologies for several decades and is one of the major international developers of technologies for the treatment of heart disease, is now marketing an Internet–based network to enable physicians to remotely monitor patients carrying cardiac devices. With cardiac diseases remaining the primary cause of death in Western industrialized countries, and ICTs playing an increasingly significant role in healthcare provision, high–tech systems that aim to contribute to patient care and cure are increasingly seen as a promising and profitable business venture.

However, critics maintain that the barriers and pitfalls to the commercial success of telemedicine are manifold (e.g., Ligtvoet, 2003; Wootton, 2001). Obstacles to the large–scale adoption of telemedicine systems include technical complexities with regard to speed, bandwidth, and integration of data networks as well as social issues relating to, amongst other things, partnerships, licensing, payment, liability, and security (e.g., Bauer and Ringel, 1999; Moore, 1999; Roberts, et al., 2000).

Data protection and information security have often been viewed as posing major constraints to the effective implementation and widespread use of telemedicine (e.g., Cabrera, 2004; Dean, 2005; Rigby, et al., 2000). Hence, companies that market telemedical cardiovascular devices or telemedical call centres through the Internet are likely to be faced with growing concerns over privacy and security implications of telemedicine (cf. Hoffman, et al., 1999), in particular since privacy and security aspects of nation–wide electronic patient records are publicly debated. As standards, laws, regulations, and ethical codes are being developed, telemedical companies are rapidly becoming pressured to take into account patient privacy and information security issues (cf. U.S. Congress. Office of Technology Assessment (OTA), 1993; U.S. Federal Trade Commission (FTC), 2000; Adkinson, et al., 2002).

At the moment, rather little is known about commercial businesses’ responses to the growing public, political and legal demands for privacy and security safeguards in healthcare (Rodriguez and Cabrera, 2004; Stanberry, 1997; cf. California HealthCare Foundation (CHF), 1999). This article provides some insights into the approaches of telemedicine companies to privacy and security issues, examining current strategies towards data protection and information security in the international telemedicine market.




This paper discusses the results of an explorative study of the online information practices of a number of telemedicine businesses’ Web sites. The survey focused on companies whose primary business venture concerned the development and design of telecardiology products (such as mobile phones equipped with ECG recorders) and/or the deliverance of telecardiology services (such as call centre support for patients using ambulatory ECG recorders).

In order to do justice to the international nature of developments in the telemedicine market, this study included companies operating in various countries worldwide. Web sites were selected on the basis of the idea that the commercial market in telemedicine is heterogeneous and currently in a growth phase. Hence, a selection was made that aimed to reflect the diversity of businesses that offer telecardiology products or services, including small and large companies; nationally oriented businesses and international conglomerates; companies focusing specifically on telemedical applications and those having a wider cardiology product range; companies targeting health care professionals and institutions, and those aimed primarily at individual patients and the consumer market; telecardiology manufacturers and businesses providing at a distance services such as medical call centres; companies that have gained a firm position in the market and new ventures that have not yet achieved an optimum market share; telemedical service centres that have been in operation for considerable amounts of time; and, centres that have not yet been in actual operation.

A total of eighteen Web sites were selected, including six Dutch Web sites, six Web sites from U.S.–based companies, two German headquartered enterprises, and four Web sites hosted by companies from other countries (France, Israel, Italy, and Switzerland).

The eighteen Web sites were analyzed with a view to the privacy and information security issues that they addressed [2]. The survey, which was conducted in December 2005 and January 2006, included an examination of each Web site with regard to the online collection of consumers’ information and the use of cookies. In addition, each Web site was searched for privacy policies, privacy or security seals, and the display of privacy and security statements [3]. Subsequently, we conducted a content analysis of privacy policies that could be downloaded online. This approach was informed by the methodology used by the U.S. Federal Trade Commission in its reports on online privacy (FTC, 1998; FTC, 1999; FTC, 2000; cf. Adkinson, et al., 2002) [4].



Online privacy practices

Broadly speaking, Web sites allow for the collection of personal information in two ways: the online collection of Web site visitors’ personal information through registration requests, and the use of cookie software (Helling, 1998).

We found that approximately half of the eighteen telecardiology Web sites that were studied collected some sort of personal information through registration requests. Personal information that was most commonly requested included Web site visitors’ e–mail addresses, names, or company names. As the Web sites that collected personal data without exception did so through online posting of contact forms, order forms or similar registration request webpages, Web site visitors’ disclosure of personal data could be considered voluntary. None of the Web sites required consumers to register personal information in order to access the site or specific pages in the site.

Perhaps surprisingly, our study found that few telecardiology companies’ Web sites passed cookies on to visitors’ computers (cf. Helling, 1998). No more than one Web site, hosted by the Dutch office of an international cardiac monitoring manufacturer, made use of persistent cookies (both its own and third–party cookies). None of the other Web sites in our sample made use of cookies, or allowed placement of third–party cookies.



Online privacy and security policies: Number and location

Existing research suggests that the display of privacy policies on Web sites is largely in its infancy, even in the e–commerce industry (e.g., Electronic Privacy Information Center (EPIC), 1997; FTC, 2000; Ladson and Fraunholz, 2005). Our explorative study found similar results: less than half of the Web sites that were searched contained a privacy policy. There seemed to be only marginal national variations in this respect, with three out of six U.S. Web sites having a privacy policy document, and four out of twelve of the Web sites from other countries displaying one.

Third–party privacy or security seals, such as those issued by TRUSTe or VeriSign, appear to be even more uncommon than online privacy policies. Only two Web sites (both originating in the U.S.), displayed an official third–party security seal. In both cases, the seal referred to Web sites’ safeguards for secure transmission of medical data on the (patient/physician) log–in Web page.

Despite the fact that a minority of the Web sites in our sample contained a comprehensive description of their privacy practices, the majority did include one or more privacy statements. For example, four out of six Web sites hosted by Netherlands–based companies referred to privacy, for instance with regard to the use of patient information for the deliverance of telemonitoring services, and the protection of patient data against unauthorized access. In a similar vein, three out of six U.S. Web sites contained privacy statements, such as references to the company’s adherence to privacy laws with regard to disclosure of protected health information.

Approximately half of the Web sites made some reference to information security issues. Netherlands–based companies were particularly sparse in their display of security statements: only one of the six Web sites mentioned information security (it did so, admittedly, in a rather elaborate way, dedicating an entire page to technical and organizational information security measures adopted in the company’s monitoring systems). Three out of six of the U.S. Web sites that contained security statements referred to safeguards allowing for secure online transmission of patient data, either with respect to patient databases accessible through their Web site or to software to be used on physicians’ PCs.

Ideally, privacy policies are easily accessible through a hyperlink that is displayed prominently on each page in a Web site (cf. EPIC, 1997; Helling, 1998). E–commerce sites are increasingly being pressured to display a button (entitled “Privacy Statement”, “Our Privacy Practices”, or “Privacy Policy”) on the top or bottom of each page on their sites, which allows visitors to hyperlink to the full text of the policy. In the current study, all privacy policy documents were referred to on each page of the Web sites and were therefore easily accessible. The sole exception was a U.S. site, which posted its downloadable privacy policy solely on a page that asked visitors to register personal information.



Online privacy policies: Content

The previous section suggests that quantitatively, relatively few differences existed between privacy policies on a variety of sites: both in number and location the sites in our sample performed comparably. But if we look at the content of the privacy policies, considerable differences came to the fore and few obvious patterns could be found.

...privacy practices are often far from transparent, and uniform rules for adequate privacy practices appear to remain lacking.

Our study endorsed the results of other studies that found privacy policies to be heterogeneous and underdeveloped (e.g., EPIC, 1997). Despite continuing efforts to standardize online policies, for instance through webseal programs such as TRUSTe and VeriSign, and consumer privacy preferences tools such as P3P (Platform for Privacy Preferences, at and PrivacyBird, privacy practices are often far from transparent, and uniform rules for adequate privacy practices appear to remain lacking. Our survey suggests that online privacy policy documents in the telecardiology sector are diverse, both from the perspective of form and length, and the principles and rules that they contain.

In some cases privacy policies consisted of no more than a handful of sentences describing the company’s general approach to personal data processing. For example, the briefest policy that we found in the study (containing three sentences) described the organization’s intention to process patient information with care and respect for privacy, and referred to adherence to the use limitation and consent principles that national data protection law required. In contrast, a policy from a similar company outlined in a full–page document how it would use and secure personal data, how personal collection would be collected through the site, and how consumers would be able to object to data collection. Various U.S. policies were significantly more elaborate in describing the organization’s responsibilities in protecting personal information and in detailing consumers’ rights to control their data. In the most extensive privacy policy that we found, a five–page document, consumers were informed of the ways in which the organization protected individuals’ personal data, to which extent information would be used and disclosed, and how individuals would be able to assert their rights to access and complaint. Despite these variations in length and content, however, without exception all surveyed privacy policies referred — at least in some ways, and admittedly sometimes rather sketchily — to rules concerning individuals’ rights to control the use of their information, in particular with regard to disclosures to third parties.

If we look at the policies’ references to principles that are crucial to fair information practices — notice, choice, access, redress, security (FTC, 1998) — again considerable variations came to the fore. Most notably, the redress principle, which concerns consumers’ rights to file a complaint to the organization or a national authority in cases of (suspected) privacy violations, was contained in all U.S. privacy policies that were studied. In contrast, none of the policies from other countries included complaint procedures. On the other hand, virtually none of the U.S. policies referred to the organization’s use of security measures to protect consumer information, whereas a large share of the European Web sites mentioned their adoption of security techniques.

A review of the sites in our sample, including both information displayed on a given Web page and texts in privacy policy documents, found that U.S. companies frequently referred to legal duties and requirements concerning privacy and information security, whereas the other sites in the sample were less inclined to do so (with only three out of twelve mentioning privacy law or data protection legislation). The majority of U.S. sites referred to HIPAA (Health Insurance Portability and Accountability Act of 1996; see, U.S. law covering the protection of patient data and medical records.




Our analysis suggests that sites in our sample did not engage in conspicuous or extensive collection of consumer data. With one exception, online collection of personal information, such as requests for e–mail addresses or names, was limited, transparent and non–obligatory. This finding concurs with previous studies of online privacy practices, which noted that commercial sites increasingly collect less information on consumers, and that there seems to be a general trend towards more prevalent, prominent and complete notice and disclosure, greater choice, and more information about security (Adkinson, et al., 2002).

Our findings that less than half of the sites contained a privacy policy, and webseals were even more uncommon, suggest that the telecardiology sector is hardly adopting online privacy notices. Even the inclusion of mere privacy or security statements was rather limited. In view of continuing public and academic debates on privacy and the use of ICTs in the healthcare arena, this lack of attention over privacy comes as a bit of a surprise.

The content analysis of online privacy notices revealed the large majority of these to be rather narrow and ill–defined. Most policies referred only to a limited number of fair information principles, and the brief documents described information processing rules in rather general terms. The U.S. policies undoubtedly provided the most comprehensive and detailed texts about privacy practices. On the positive side: all sites that included privacy policies provided documents that were easy to find, access and read, thus fulfilling the first and major requirement of privacy disclosures (e.g., EPIC, 1997).

American sites are actually more advanced than European sites ... despite the common perception that privacy requirements in Europe are more demanding and far–reaching than the patchwork of state and federal laws in the U.S.

Overall, the research results bring to the fore two major themes. Firstly, most studies of online privacy policies have been concerned with sites hosted by U.S.–based organizations, or with a selection of the most popular sites (e.g., EPIC, 1999; a notable exception is Ladson and Fraunholz, 2005). Although nation–states tend to be seen as increasingly unimportant in the age of global Internet–based markets, our survey suggests significant differences between U.S. approaches to online privacy and other countries’ display of fair information practices. It looks as if American sites are actually more advanced than European sites when it comes to displaying webseals, adopting privacy policies, and describing data processing practices — despite the common perception that requirements in Europe are more demanding and far–reaching than the patchwork of state and federal laws in the U.S.

The fact that U.S. telecardiology companies appear to have developed more comprehensive policies than telemedical firms in other countries could be the result of HIPAA, which strongly encouraged American businesses to adopt protective measures for patient records and health information. If HIPAA is influencing commercial approaches to online privacy practices (and given the frequent references to HIPAA on U.S. Web sites this seems likely), government legislation could prove to be more effective than self–regulation in making sites adopt privacy notices. Perhaps other countries could benefit from the U.S. experience. Years of industry lobbying for self–regulation failed to establish satisfactory standards for online information disclosures (cf. FTC, 2000); legislation indeed seems to have noticeable and positive effects, at least in healthcare.

Secondly, the research findings suggest that broadly two strategies towards online privacy notices currently co–exist. One the one hand, there are some sites that obviously display a given organization’s commitment to privacy protection, through the posting of webseals or policies that can be considered as evidence of privacy being regulated (or at least demanding organizational attention and investment). On the other hand, there seems to be a significant number of sites that are remarkably quiet about privacy issues — almost as if there is no public concerns over the protection of health information in ICT–based medical systems. Perhaps these sites allude that privacy protection is such an obvious characteristic of telecardiology applications that it has been dealt with unobtrusively.




One of the major online privacy concerns emerging in the literature is that users have little control or knowledge about how their personal information is being collected (e.g., Ladson and Fraunholz, 2005). Online privacy policies could be seen as one of the responses to this concern. Admittedly, online privacy notices provide only a partial and, as long as they remain voluntary and non–standardized, perhaps even a severely limited approach to developing sites that respect fair information principles (cf. EPIC, 1999). But they could be indispensable tools for creating consumer trust. Online privacy notices are among the most significant tools to inform visitors about privacy protective strategies that companies employ. Notification of privacy practices is not only a prerequisite for respecting consumers’ privacy interests, but also a means to establish trust in the privacy–friendliness of sites (or the products or services that they advertise). As EPIC (1997) noted in one of its report on online privacy:

Users of Web–based services and operators of Web–based services have a common interest in promoting good privacy practices. Strong privacy standards provide assurance that personal information will not be misused, and should encourage the development of on–line commerce. We also believe it is matter of basic fairness to inform Web users when personal information is being collected and how it will be used.

This seems particularly relevant to the telemedicine market, which is currently in a transitory stage towards becoming more essential to the healthcare system. Even though telecardiology is expected to yield important benefits for future healthcare, at the same time it needs to take into account privacy risks that could hinder its spread and success. Businesses that fail to display privacy notices on their sites are therefore missing an important chance. End of article


About the author

Lynsey Dubbeld is postdoc at the department Science, Technology, Health & Policy Studies at the University of Twente. She holds an MA in philosophy, an MSc in science and technology studies, and a PhD in philosophy. She has published articles on closed–circuit television, surveillance, privacy, telemedicine, and fashion. In 2001, she published a book on contemporary Dutch prison architecture (In de geborgenheid van de gevangenis: de betekenis van de nieuwe Nederlandse gevangenisbouw. Amsterdam: Amsterdam University Press). Her PhD thesis explored the privacy implications of camera surveillance in railway stations. Her most recent research project focused on privacy and information security issues in telemedicine.
E–mail: dubbeldl [at] yahoo [dot] com



1. Telemedicine is generally defined as the delivery of healthcare services and the exchange of health care information across distances via ICTs (Moore, 1999, p. 245; Mair and Whitten, 2000, p. 1517; Wootton, 2001, p. 557). It includes a variety of systems and applications, ranging from online physician consultation to virtual reality–based surgery, and distance learning. This study focuses on telemedical applications designed specifically for heart disease management, i.e. telemedical devices for diagnosis, monitoring and care of (potential) cardiac patients. Examples are portable ECG recorders to enable at a distance diagnosis and monitoring of heart rhythm disease, pacemaker implants equipped with SMS emergency alarm systems, and mobile phones with integrated ECG recorders. In general, these types of devices intend to replace or supplement physician–patient interactions, for instance through automation of ECG storage, or the introduction of medical service centers that respond to patients’ calls.

2. The exploration of online privacy approaches started with a survey of companies’ literal references to privacy and security. In addition, references to fair information practices, data protection principles, and physicians’ professional duty of medical confidentiality were also considered under the rubric of privacy.
Security was understood to relate to information security, i.e. security of computer systems and/or security of personal data processed in these systems (e.g., Anderson, 2000).
Even though information security tends to be considered an element of (or precondition for) privacy (e.g., Rindfleisch, 1997; TRUSTe, 2005), this article will discuss security separately as well. This approach was informed by amongst others Fraunholz’s study of six Australian business–to–consumers e–commerce organizations’ online privacy policies, which revealed that one of the major themes concerned data security and transactional security (Ladson and Fraunholz, 2005, p. 66).

3. A privacy policy is generally defined as a comprehensive description of a domain’s information practices (e.g., Adkinson, et al., 2002, p. 17). In contrast, a privacy (or information practice) statement or security statement is a discrete statement that describes a particular practice regarding consumers’ personal information (Adkinson, et al., 2002, p. 17).

4. For instance, the FTC’s 2000 survey examined Web sites’ collection of information about consumers as well as a set of content analysis questions designed to examine the extent to which sites’ privacy disclosures implemented each of the fair information practice principles (FTC, 2000, p. 12). In contrast with this approach, however, we have looked at all privacy practices notices that are posted on sites, making no distinction between policies that concern online data processing practices, and those that refer to privacy strategies adopted in the services or products that are described on the sites.



William F. Adkinson, Jr., Jeffrey A. Eisenach, and Thomas M. Lenard, 2002. Privacy online: A report on the information practices and policies of commercial Web sites. Washington, D.C.: Progress & Freedom Foundation, and at, accessed 24 April 2006.

James G. Anderson, 2000. “Security of distributed electronic patient record: A case–based approach to identifying policy issues,” International Journal of Medical Informatics, volume 60, number 2, pp. 111–118. .

Jeffrey Bauer and Marc Ringel, 1999. Telemedicine and the reinvention of healthcare. New York: McGraw–Hill.

Marcelino Cabrera, 2004. “Editorial: eHealth and the ageing society,” IPTS Report, issue 81, pp. 2–3, at, accessed 24 April 2006.

California HealthCare Foundation (CHF), 1999. “Medical privacy and confidentiality survey,” at, accessed 24 April 2006.

Kevin Dean, 2005. “Introduction — Essays from health innovators,” In: Kevin Dean (editor). Thought Leaders: Essays from health innovators. San Jose, Calif.: Cisco Systems, pp. 4–7, at http:/, accessed 24 April 2006.

Electronic Privacy Information Center (EPIC), 1999. Surfer beware III: Privacy policies without privacy protection. Washington, D.C.: Electronic Privacy Information Center, at, accessed 24 April 2006.

Electronic Privacy Information Center (EPIC), 1997. Surfer beware: Personal privacy and the Internet. Washington, D.C.: Electronic Privacy Information Center, at, accessed 24 April 2006.

Bill Helling, 1998. “Web–site sensitivity to privacy concerns: Collecting personally identifiable information and passing persistent cookies,” First Monday, volume 3, number 2 (February), at, accessed 24 April 2006.

Donna L. Hoffman, Thomas P. Novak, and Marcos A. Peralta, 1999. “Information privacy in the marketspace: Implications for the commercial uses of anonymity on the Web,” Information Society, volume 15, number 2, pp. 129–139.

Alicia Ladson and Bardo Fraunholz, 2005. “Facilitating online privacy on eCommerce websites: An Australian experience,” Information, Communication & Ethics in Society, volume 3, number 2, pp. 59–68.

Frances Mair and Pamela Whitten, 2000. “Systematic review of studies of patient satisfaction with telemedicine,” British Medical Journal, volume 320, number 7248, pp. 1517–1520.

Mary Moore, 1999. “The evolution of telemedicine,” Future Generation Computer Systems, volume 15, number 2, pp. 245–254.

Andreas Ligtvoet, 2003. Prisma Strategic Guideline 2: eHealth. Aarhus: Danish Technological Institute, at, accessed 24 April 2006.

Michael Rigby, Ruth Roberts, and Michael Thick (editors), 2000. Taking health telematics into the 21st century. Abingdon: Radcliffe Medical Press.

Thomas C. Rindfleisch, 1997. “Privacy, information technology, and health care,” Communications of the ACM, volume 40, number 8, pp. 93–100.

Ruth Roberts, Michael Rigby, and Katherine Birch, 2000. “Telematics in healthcare: New paradigm, new issues,” In: Michael Rigby, Ruth Roberts and Michael Thick (editors). Taking health telematics into the 21st century. Abingdon: Radcliffe Medical Press, pp. 1–14.

Carlos Rodriguez and Marcelino Cabrera, 2004. “Location–based healthcare services,” IPTS Report, volume 81, pp. 12–20, and at, accessed 24 April 2006.

Ben Stanberry, 1997. “The legal and ethical aspects of telemedicine: 1: Confidentiality and the patient’s rights of access,” Journal of Telemedicine and Telecare, volume 3, number 4, pp. 179–187.

TRUSTe, 2005. “TRUSTe data security guidelines version 2.0,” at, accessed 24 April 2006.

U.S. Congress. Office of Technology Assessment (OTA), 1993. Protecting privacy in computerized medical information. Washington, D.C.: Office of Technology Assessment, U.S. Congress, and at, accessed 24 April 2006.

U.S. Federal Trade Commission (FTC), 2000. Privacy online: Fair information practices in the electronic marketplace. Washington, D.C.: Federal Trade Commission, at, accessed 24 April 2006.

U.S. Federal Trade Commission (FTC), 1999. Self–regulation and privacy online: A report to Congress. Washington, D.C.: Federal Trade Commission, at, accessed 24 April 2006.

U.S. Federal Trade Commission (FTC), 1998. Privacy online: A report to Congress. Washington, D,C,: Federal Trade Commission, at, accessed 24 April 2006.

Richard Wootton, 2001. “Recent advances: Telemedicine,” British Medical Journal, volume 323, number 7312, pp. 557–560, and at, accessed 24 April 2006.


Editorial history

Paper received 29 March 2006; accepted 18 April 2006.

©2006, First Monday

Copyright ©2006, Lynsey Dubbeld

Privacy and security disclosures on telecardiology Web sites by Lynsey Dubbeld

First Monday, Volume 11, Number 5 — 1 May 2006

A Great Cities Initiative of the University of Illinois at Chicago University Library.

© First Monday, 1995-2019. ISSN 1396-0466.