The use of digital technology amongst people living with a range of long-term health conditions to support self-management has increased dramatically. More recently, digital health technologies to share and exchange personal health data with others have been investigated. Sharing personal health data with others is not without its risks: sharing data creates threats to the privacy and security of personal data and plays a role in trust, adoption and continued use of digital health technology. Our work aims to inform the design of these digital health technologies by investigating the reported intentions of sharing health data with others, the associated user experiences when using these digital health technologies and the trust, identity, privacy and security (TIPS) considerations for designing digital health technologies that support the trusted sharing of personal health data to support the self-management of long-term health conditions. To address these aims, we conducted a scoping review, analysing over 12,000 papers in the area of digital health technologies. We conducted a reflexive thematic analysis of 17 papers that described digital health technologies that support sharing of personal health data, and extracted design implications that could enhance the future development of trusted, private and secure digital health technologies.
Many patients now use computers and smartphones to help themselves when they are living with a long-term condition. Recent technologies allow patients to share their own data with others but this can be risky. We review published work to investigate the user experiences that people had with technologies that allowed sharing data and how we can design better technology for sharing data with others that is trusted, private and secure.
Citation: Rathbone A, Stumpf S, Claisse C, Sillence E, Coventry L, Brown RD, et al. (2023) People with long-term conditions sharing personal health data via digital health technologies: A scoping review to inform design. PLOS Digit Health 2(5): e0000264. https://doi.org/10.1371/journal.pdig.0000264
Editor: Baki Kocaballi, University of Technology Sydney, AUSTRALIA
Received: October 31, 2022; Accepted: April 27, 2023; Published: May 24, 2023
Copyright: © 2023 Rathbone et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
Data Availability: All data are in the manuscript and/or supporting information files.
Funding: AR, CC and RDB were researchers funded by UKRI EPSRC (EP/R033900/1). SS, CC, ES, LC, RDB and ACD were investigators receiving a grant by UKRI EPSRC (EP/R033900/1). The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.
Competing interests: The authors have declared that no competing interests exist.
The use of digital technology amongst people living with a range of long-term health conditions (LTHCs) to support self-management [1–3] has increased dramatically. Online forums and social networking sites in which people living with LTHCs can share their experiences and expertise with their peers–other people living with the same condition–have been extensively investigated in terms of the informational, emotional and social support they can offer [3–8]. More recently, digital health technologies to share and exchange health data have been investigated, either through electronic patient health records (ePHRs) between patient and healthcare professionals [9–11], or through personally generated health data shared with others [11,12]. Personally generated health data is tracked through patients’ own devices, such as mobile apps, fitness trackers and other wearables, mostly through manual entry but increasingly tracking can be automated. This data is often obtained in the context of tracking and storing medication adherence, symptoms, side effects, and other activities and experiences, in a variety of ways [13–16] as part of individuals’ self-management of their condition(s). Thus, this includes data on patients’ physical activities such as steps and hours of sleep, emotional states such as mood and medical history such as symptoms they experienced. With the advent of novel wearable technology, it might also include more complex data such as heart rate and sleep patterns.
Sharing health data with others is not without its risks: sharing data is found to pose threats to the privacy and security of personal data [17,18] and plays a role in trust, adoption and continued use of digital health technologies [8–11,19,20]. We employ concepts common in trust, identity, privacy and security (TIPS) research. To share data with others, there needs to be some trust. We view trust as a social tie between two parties, in which one opens themselves up to vulnerability by sharing something with the other, with the expectation that the other party will behave appropriately . Users will have a digital identity that provides access to and use of digital health technology  in order to authenticate themselves and interact with systems, services and processes, either in the physical or digital world. Digital identities comprise and store one or more attributes, such as personal data, or medical records. Privacy and security are important aspects for trust, where privacy concerns a person’s ability to choose how their data are revealed to others [23,24], while security refers to the safety of a person’s data and protection against unwanted access [13,23]. Significant challenges remain for digital health technology designers to implement private, secure and trusted systems.
A number of related scoping reviews have been conducted in recent years, about: adoption of ePHRs by physicians and patients observing barriers to patients for involvement in their health management ; factors that impact patients’ use of ePHRs [26,27]; elements of user trust in digital health systems–pre-pandemic ; and digital literacy during COVID ‘Infodemic’ shaping digital health technology use . None of these reviews, to date, has focused on how digital health technologies afford the trusted sharing of personally generated health data for the self-management of health, focusing on LTHCs and incorporating design evaluations.
Our aim with this review is to inform the design of these digital health technologies by considering current best practice. We set out to investigate the reported intentions of sharing personally generated health data with others and the associated user experiences which drive adoption and continued use of digital health technologies. The second aim of our work was to highlight TIPS considerations for designing digital health technologies that support the trusted sharing of personally generated health data to support self-management of LTHCs. Our motivating research questions follow.
- Why do users share personally generated health data via digital health technologies?
- What are user experiences (UX) of sharing personally generated health data via digital health technologies, especially relating to trust, identity, privacy and security affecting the sharing of personally generated health data via digital health technologies?
- What are the design implications for digital health technologies that support the trusted sharing of personally generated health data for self-management of long-term health conditions?
To address these research questions, we conducted a scoping review  in this area. We analysed over 12,000 papers in the area of digital health technologies, then we conducted a thematic analysis of 17 papers that described digital health technologies that support sharing of personally generated health data in some form, and extracted design implications that could enhance the development of trusted, private and secure digital health technologies in future.
The review is organised as follows. We first present our methods for conducting our scoping review following the PRISMA-ScR process, giving details about the eligibility criteria, information sources, search terms, selection strategy and data charting and synthesis. We then present the results of conducting the scoping review, including an overview of the characteristics of the included publications and the results of a thematic analysis. We then discuss the results with a view to future research directions and conclude with a summary of our work.
We adopted a scoping review using the PRISMA-ScR (Preferred Reporting Items for Systematic Reviews and Meta-Analyses extension for Scoping Reviews) extension . The checklist consists of 20 essential and two optional reporting items. The method was supported by adopting a critical-reflective approach within the research team, to account for the interdisciplinary nature of the subject matter and the speed of digital health technology advances. Our team itself was comprised of experts in Health Psychology, Interaction Design and Computer Science, working together in the interdisciplinary field of Human Computer Interaction (HCI); and we adopted an interpretative stance to reflect on how the differing disciplinary perspectives of paper authors and researchers may shape their (and our, within the review team) choice of methodology, and use of language, terminology in study protocols, analyses, and reports of work. Our critical-reflective approach to the review was facilitated via regular meetings wherein the team discussed and reflected upon all steps of the scoping review method. This meant that we necessarily followed an iterative review process within each step: a single researcher (the first author and lead researcher) initially conducted the work in each step very quickly, the results of which were then brought back to the team for discussion, and then any refinements or changes were reintegrated into an enhanced cycle of work. In some cases, we iterated through this process multiple times. For example, concerning search terms, the lead researcher conducted the initial review based on a selection of search terms, the results of which were then discussed in a team setting. Based on this discussion we added synonyms and adjusted the search strategy. These refined terms were then implemented by the lead researcher. We iteratively cycled through this process three times before establishing the final search terms. We took similar approaches to eligibility criteria, information sources, selection strategy and especially data charting and synthesis.
2.1 Eligibility criteria
To be eligible for inclusion within the review, publications had to be in English but we did not place any geographic restrictions on the publication. We restricted the time range of publications from 2008 to February 2022, accounting for the rise in mobile applications (apps) popular in digital health technologies in that time period . Included publications had to conduct studies or evaluations with individuals with LTHCs sharing personally generated health data via digital health technologies with healthcare professionals or others. We excluded any data sharing between systems and different types of technology. Studies were excluded if they did not include a user evaluation or study. This was to ensure that conclusions drawn from the review were based on real-world, empirical evidence, from an end user perspective. Both quantitative and qualitative studies were eligible for inclusion.
2.2 Information sources
We conducted a comprehensive search of literature in applicable, online, bibliographic databases. We included APA PsychNet including PsychInfo, PsychArticles, PsychBooks & PsychExtra, ProQuest, Sage, Web of Science, PubMed, PubMed Central, ACM Digital Library, Science Direct, IEEE Xplore and Scopus.
2.3 Search terms
Through our critical-reflective approach we agreed on a set of search terms to retrieve appropriate publications. The key search terms were “digital health technology”, “personal health data” and “sharing”. For these search terms we also used relevant synonyms, for example, “mHealth” (i.e. digital health technologies over mobile devices), “patient-generated data” and “self-tracked data”. We also included search terms to indicate who these data might be shared with i.e., “peers” or “community”, and focused on “self-management” applications rather than clinical systems. Where hyphens were present in search terms, the search was repeated without to ensure that no relevant publications were missed. Boolean terms (AND, OR, NOT) were initially to be utilised during the search but we settled on using the more restrictive “AND” conjunction to focus our search. Searches of these terms were conducted over the full text of the publication, also covering the Abstract and keywords. Applying these search terms to our 10 information sources yielded a total of 12,178 records.
2.4 Selection strategy
Following the previous step, we deliberated on eligibility criteria for inclusion in the review, again guided by our critical-reflective approach. At this stage we removed duplicate publications that were returned from different databases, plus any abstracts, books or theses. A title and abstract review was conducted and publications that did not satisfy the eligibility criteria were discarded from further analyses. We then screened the remaining full text of publications for relevance. Publications were excluded for the following reasons: non-empirical studies, studies that did not include the use of digital health technologies, involving users not experiencing LTHCs, no investigations relevant to TIPS (we were guided by the definition of TIPS terms given in the Introduction), or no first-hand reports of their experience from users.
2.5 Data charting and synthesis
Information from publications was extracted using a standardised format to characterise the included work. The information covered publication metadata, information such as, sample size, study type (quantitative/qualitative), age range, population, and study methods. We describe the findings from this analysis in Results.
We then conducted a reflexive thematic analysis [32,33] on the included publications. We started by employing a deductive approach to draw out themes around the topics of intention, user experience, and design features related to TIPS, consistent with our research aims. We familiarised ourselves with the data and then coded the data inductively (lead researcher supported by team with members coordinating individual coding tasks for collaborative work) to generate initial themes from the codes and coded data. Coding was reviewed and themes were further defined, named and refined into sub-themes if necessary. All researchers were involved to ensure reliability and validity and reduced the risk of bias. Multiple rounds of discussion within the team took place to finalise coding. We applied these codes to the text of each publication. Each code could be applied multiple times in each publication and codes are not mutually exclusive; different codes can be applied to the same publication. The finalised codes are listed in Table 1 which also reports on how many code applications were made for each topic, theme and subtheme, across how many publications.
We present our findings from this thematic analysis in Results, illustrated by quotes. Themes and sub-themes are shown in bold italics.
Through applying the selection strategy, we removed duplicates (n = 10,950), leaving 1,228 records remaining. Abstracts (n = 46) and books/theses (n = 41) were removed. Reviews identified by title read (n = 128) and by abstract read (n = 74) were removed. From the remaining 939 records, removals were made for ‘other’ reasons (e.g., protocols (n = 24), editorials (n = 9), no access (n = 22)). Records in which the abstract did not specify the inclusion of a digital health technology were excluded from the review (n = 110). The full text of the remaining 774 publications were reviewed, according to our selection strategy described earlier. From these, publications that did not include users with LTHCs who engaged in sharing their own personally generated health data with healthcare professionals or others were removed (n = 516). Publications with no reference to trust, identity, privacy or security (TIPS) of data sharing were removed (n = 225). For example, we excluded  because it contained no references to TIPS and we excluded  because there was no personally generated health data or involved people with LTHCs. While  deals with gathering and analysing personally generated health data, it does not focus on TIPS or the sharing of this data hence it was excluded. Finally, publications in which the reported data was not the direct perspective of the user (n = 16) were removed. Overall, there were 17 studies eligible for inclusion in the review, as presented in Fig 1.
(DHT = digital health technology, LTC = Long Term Condition).
3.1Characteristics of included publications
All of the included publications were collated into a table presenting their main characteristics (Table 2). The publications covered a range of LTHCs experienced by users but the most commonly investigated were mental health conditions such as anxiety and/or depression (n = 3), unspecified mental health issues (n = 1), alcohol dependency (n = 1), psychosis (n = 1) and early psychosis (n = 1), followed by cancer (n = 2), and diabetes (n = 2). Other LTHCs covered were spinal cord injury (n = 1), unspecified chronic disease (n = 1), Cystic Fibrosis (CF) (n = 1), Chronic Kidney Disease (CKD) (n = 1), Chronic Obstructive Pulmonary Disorder (COPD) (n = 1) and Inherited Retinal Disease (IRD) (n = 1). Across all of the publications reviewed, the studies included a total of 848 participants, with ages ranging from 4–75+ years. The majority of digital health technologies investigated in the publications were some form of web-based systems including platforms (n = 2), telemonitoring systems (n = 2), information systems (n = 1), ePHR prototypes (n = 1) or online portals (n = 1). However, we also note the rise of mHealth apps (n = 4). A large number of publications only investigated digital health technologies in general, as opposed to focusing on a specific one (n = 6).
Of the studies, 14 were solely qualitative and two utilised mixed methods using questionnaires coupled with opportunities for respondents to expand on their answers through an interview or open-ended questions. Only one study was quantitative. Due to the nature of the research area, most studies were exploratory in nature (n = 12).
Looking over the years (Fig 2), we can see an increase of publications, and this is set to continue in 2022 for which we only had 2 months of data. It should be noted that there are no relevant publications before 2014, a full 6 years after the rise of apps.
3.2 Thematic analysis of included publications
3.2.1 Intentions for using digital health technologies for tracking and sharing personally generated health data.
We focused on reported intentions as they can be a motivating factor in adopting and using digital health technologies, distinct from user experience or TIPS considerations. We found four main themes arising from our analysis. These centre around supporting individual self-management, engagement with the data for self-reflection, supporting the patient-care provider relationship and agency and ownership. We discuss these themes in more detail next.
A common theme found in the reviewed work was Support Patient Involvement, reported in five publications [41,45–47,51]. Users shared their personally generated health data to become more active in their personal health and care. Some positives noted from intention were: live updates of patient information; and treatment regimens and promoted adherence.
“Participants from all groups suggested it would be beneficial if the app could be used to record information, including details of their treatment regimen (eg, medication, fluid target, and diet), appointments, and linkup with existing electronic patient records. This could promote treatment adherence by providing reminders and alarms, for example, for their medication and encourage children to record when treatment had been completed.” 
Related to this theme is the sense of Agency and Ownership over their personally generated health data. Having control over their data was found to also go hand-in-hand with the ability to self-manage their condition:
“Participants also described a sense of increased agency and being empowered to manage their conditions through a central place where they could self-administer changes in their personal details and be in control of their own health data, including how it was used in research.” 
The sub-themes Engagement with Data for Self-Reflection [38–40,44] and Supporting Individual Self-Management [39,43,44] noted intentions that benefit individuals who share their data. After data is shared through an app, users are able to engage with their personally generated health data to reflect on symptoms and experiences of LTHCs. For example, a study with people with psychosis showed that digital health interventions with a symptom tracking functionality could “give people space to understand their experiences for themselves:
“Participants were positive about the ability of smartphone technology to keep a track of their symptoms and experiences. Many thought that this ability would actually enhance their understanding of psychotic experiences. “I think it would be a great help because people would be able to see the warning signs very early on and go ‘hang on a second, this isn’t right, what do I need to do to help myself’” 
Reflecting on one’s data is one way to Support their own self-management of a LTHC. Across three publications [39,43,44], participants highlighted the importance of tracking features in digital health technologies, in order for them to compare against others or to obtain further information about how their treatment is progressing. Others suggested that sharing to support self-management was beneficial for LTHCs so they could remain abreast of treatment efficacy.
“One patient said, “It would be nice to be able to keep up with how your treatment’s going, kind of knowing if you’re… getting better… A lot of times when you have Cancer you always have a question mark over your head–where am I?”” 
It was noted in three publications [38–40] that engaging with, and reflecting on, personal data promoted increased understanding of LTHCs and could further their self-management. This motivator to share seemed to endorse the concept of the ‘informed patient’ , allowing users to contemplate declines and improvements in their health and identify any causal factors.
3.2.2 User experience.
We analysed the experiences that users reported as part of sharing personally generated health data through digital health technologies. We divided these reports into two themes, positive and negative experiences, and we described their respective aspects which underlie these experiences as sub-themes.
Positive experiences were described in four of the 17 publications [39,40,42,47]. Three of these publications noted that data sharing within digital health technologies facilitated Instantaneous Access with relevant healthcare professionals, either as part of a routine engagement or when facing extraordinary circumstances e.g., away on holiday. It was suggested that users either felt more comfortable using a digital health technology as a medium to share data, as opposed to face to face interactions, or it was more convenient:
“Technology was viewed as a good way of accessing help and support when needed because participants reported often feeling restricted by traditional face-to-face service provision. “It’s not like a GP [general practitioner] where you’ve gotta go up the road and then speak to him. [using technology] You can easily sit in your own home and read through the app…when I’m going to a GP…I’m silent.””
“Individuals with SCI highlighted that the app could be particularly useful under extraordinary conditions (ie, outside of their daily routine). According to them, these were situations where even experienced wheelchair users might be hesitant or unable to use their usual means of contact (ie, telephone call). Frequently mentioned examples of such extraordinary circumstances were during holidays abroad, where one might not trust the foreign health care system, or when fallen ill. Wheelchair users also described nighttime and weekends as situations where the app could potentially come in handy. “You can directly get in touch with people, with specialists, I would appreciate that. For example, I once had a bruise when I lived in the south of France, then I actually did it exactly like that: I took pictures and thought about which doctors I knew and sent the photo.”” 
Associated with this aspect is also that sharing personally generated health data through digital health technologies can Facilitate Disclosure which was described in two publications [39,40]. Users suggested that sharing personally generated health data via digital health technologies, as opposed to face to face, was advantageous if the data is perceived as sensitive which can then contribute to providing open and honest information:
““Or you can also ask the question anonymously if you are embarrassed, if the pressure injury is in an embarrassing place, for example. [Then it’s probably easier to ask such a question], I could imagine. Maybe if you’re embarrassed about having to take a picture [of a pressure injury] on your butt.”” 
“The fact that an app is anonymous appealed to some because direct clinician contact can reinforce people’s sense of guilt or failure if they have not completed therapy tasks or complied with medication. “You don’t feel guilty if you haven’t done your homework.”” 
One publication noted that users also experienced positive aspects of digital health technologies for the sharing of PGD in terms of Longevity of Data . This was especially salient for those who had previous experience of such:
“The following quotation from a patient with IRD (Inherited Retinal Disease) highlights an instance where she relocated to a different geographic area, which resulted in the loss of all her eye data, including her family history map of IRD. “From a personal perspective as well, we wouldn’t have lost our data and my mother would be able to know which side of the family all this came down from. So, if I’d have had that data we would still have that along with my letters from 1995. Yeah so, you will not lose your own data because it’s so important to you whereas we are just 1 in 60 million people in the United Kingdom.””
Negative user experiences were stated in five out of the 17 included publications [37,40,47,48,50]. The reported experiences fell into two broad themes, Fear of Misuse through Theft or Accidental Disclosure and Fear of Judgement of Self-Management Practices.
Four publications dealt with the theme of fearing that shared data may be misused by others. Concerns reported were theft or accidental disclosure:
“Hackers getting [into] everything…I had to change banks because…they had everything—my name and address—my mom’s maiden name.”
“If the app is asking you to pull it out every time you’re in a social situation, it gets embarrassing and that can add to the anxiety you feel in a social situation.”
The fear of accidental disclosure was especially present in rural communities, where there was a high chance that the user’s healthcare staff may possibly live within their local community and know the user and their family and/or friends personally. These negative experiences related to fear of misuse could be allayed by design features later discussed under Privacy and Security.
Users in two publications noted a Fear of Judgement of Self-Management Practices [47,48] when sharing personally generated health data through digital health technologies. While sharing data can also Facilitate Disclosure, there is a fear that healthcare professionals might be critical of one’s self-management practices:
“With the onset of diabetes, its “correct” management–as testified by the glycaemia levels and by the glycated haemoglobin value–is perceived as a factor used to evaluate the individual and his/her abilities, personal and parental, just as usually happens with educational performance. “There’s always this sentence that I will never forget: either you’re good or you’re not good! There’s a good patient, and there’s a bad one. So that being good means having good glycates. How can you say that a person is good on the basis of his or her glycates?”” 
3.2.3 Design features.
We now describe the design features that seemed to positively influence TIPS, as extracted from the reviewed publications.
Design features to inspire trust. Two publications [43,46] reported that features to support Mutual Disclosure enhanced trust. Users from one publication recommended that digital health technologies provide a space to share qualitative personally generated health data with peers so that they may compare and contrast personal experiences. In the reviewed digital health technologies, the ability to mutually disclose personally generated health data with peers increased the user’s perceived value of the digital health technology, essentially promoting trust and prompting engagement via inclusivity.
Three publications [39,40,46] considered Host Credibility an important factor affecting user trust in digital health technologies. If data sharing through a digital health technology originated from what was deemed to be a credible host, user trust increased and concerns surrounding the trustworthiness were somewhat allayed:
“Many participants said that endorsement of a DHI [Digital Health Intervention] by a valid institution (eg, university, health service, or respected, well known mental health charity) would be sufficiently reassuring and would increase DHI uptake.”
Some users believed that digital health technologies were better endorsed by individuals, as opposed to organisations, as they were less likely to be working toward an agenda they were unaware of. Recommendations from their care team were often sufficient for them to place trust in the digital health technology.
Sharing personally generated health data can be used for Personalisation, as described in three publications [39,44,46], and this feature can then inspire trust and improve self-management. Instead of generic advice, users would like their shared data to be taken into account to shape advice according to their individual preferences, lifestyle and health.
“Personalization technologies can help to better tailor the self-management app to an individual user’s needs and preferences […] by ensuring that recommendations regarding preventive measures are perceived as relevant and actionable rather than generic advice […] However, for personalization to be realised, users are required to disclose personal information.” 
Design features relating to Identity. Design features relating to identity were rarely mentioned in the reviewed publications. Only one publication touched on this theme, exploring Anonymisation to protect patient’s personal identity in real life and their digital identity. While the benefits of sharing data, especially for advancing research into LTHCs, were clear, users felt more comfortable sharing their personally generated health data with third parties if their data had first been anonymized and that any personally identifiable data were removed from the shared data, with obvious connections to privacy and security:
“Sharing of data in an anonymized form was perceived as a necessary safety feature by participants. “I would be happy to share my clinical information if it helps research or…but then maybe to disconnect my personal sort of data away from that.””
The same publication  described how their digital identity and associated data can contribute to a Larger Sample to build up information that is useful for the community, especially for rare diseases, which would also help healthcare professionals to increase understanding, education and inform optimum treatment pathway. This theme exemplifies benevolence as an aspect of trust but some users might value privacy over benevolence.
Design features relating to privacy. Privacy was the most prolific theme found in the included publications, with nine different publications covering design features that related to privacy. Eight publications [38–40,42,43,45,48,50] reported either user behaviour or requests for digital health technology that supported Selective Data Sharing. Behaviour with digital health technology that does not support these design features often involved users censoring or withholding certain personally generated health data dependent upon the recipient—being “a little less honest” . ‘Privacy by design’  was suggested as an approach to support granular permissions to access and share data which in turn can increase trust. Users also highlighted that it would be beneficial to selectively grant permissions, for example, granting periods of access to shared data as opposed to unrestricted and the ability to remove permissions to certain parties if and when deemed appropriate. Related to this theme is Hiding Information, referenced by one publication , to avoid accidental disclosure to bystanders who might observe app use—relating to the earlier Fear of Misuse through Theft or Accidental Disclosure theme. It is suggested that parts of apps could be hidden quickly and flexibly so that shared data cannot be seen by third parties.
“So, knowing, I suppose, where that data’s going, who’s got the data, or what it could be used for, the potential research…just knowing kind of an overview of what it’s for, what the reason this is for, then people can make that decision. I think it’s important.”
Whilst the information is found in privacy policies, our analysis suggests that data use, permissions and users rights regarding their data are not always clear, concise and transparent, as they are evidencing the need for reiteration. Communication of Privacy Considerations that digital health technology were making had an impact on privacy concerns [39,42]. To ensure the transparency of the privacy statement, developers must ensure that they relay information in a clear, concise, accessible method:
This may be achieved in various ways, from visualisation techniques to comprehensive privacy information. Communicating privacy policies well can lead to a sense of ownership of data, and in turn also inspire trust.
Design features relating to Security. Security design features were covered by three different publications [39,40,42]. In all these publications, we identified the theme of Data Handling Practices, which were important to users to help allay their Fear of Misuse by Others. Users were keen to know how their data was protected, and the host organisation’s data governance:
“In particular, participants raised questions regarding the storage, sharing, backup, and deletion of personal data. “On the one hand, that would be an advantage for me and certainly also an advantage if you could read it again. On the other hand, I simply have to ask myself, is the data even stored safely? Does it really stay where it is or is it passed on to third parties?””
“About two-thirds (16/21, 76%) of participants expressed concerns about data protection and information governance. However, participants stated that their fears about information safety could be allayed if services reassured them about data safety.” 
Our review adds to the continuing and evolving body of work that investigates digital health technology in the self-management of patient’s conditions [1–3,11,12]. While some of the research has started to investigate ePHRs, we focussed our review on digital health technology that supports sharing personally generated health data with others, which, to date, is an area that has not received much attention.
Our review of published works in the digital health technology space that directly report on and address TIPS in their designs has yielded only a small set of papers. Given the plethora of digital health technologies that are being developed based on personally generated health data and that these data may need to be shared, it is surprising that there are so few publications that investigate this topic. While there are more and more systems being designed that allow patients to share data with others–healthcare professionals, other patients, or even other organisations–through digital health technology platforms, the evidence base for making design choices during systems development is relatively poor. While there is increasing attention given to this topic, we argue that there needs to be more empirically backed research on how to design digital health technologies that support the sharing of personally generated health data so that we can develop successful, evidenced-based self-management solutions.
We do encourage researchers and practitioners to contribute further to knowledge in this area, and report in detail how these technologies were implemented, how interfaces were presented to users, and more importantly the effects that these design choices had on system use. This necessitates the adoption of common and standardised metrics to assess the user experience, and especially the effects on trust, privacy and security. For example, quantitative instruments to measure the user experience, such as SUS , UEQ  or meCue , are becoming more common outside of digital health technologies, with the added benefit that it is then possible to benchmark systems against a standard. Questionnaires to measure TIPS are also being developed, such as the trust scales  and Privacy Comfort Scale . As it stands, in the absence of quantitative measures, it is impossible to conduct any rigorous systematic reviews to evidence and inform the choice of digital health technology designs. It is hoped that in the future more quantitative work, especially around usability and TIPS, will enable a systematic review to be carried out.
Yet our reflexive thematic analysis has uncovered interesting directions to explore when developing digital health technologies that support data sharing. When we investigated the intentions behind sharing data with others, we found that tracking/sharing personally generated health data can be beneficial for different stakeholder groups in order to support their self-management, however, it is worth noting the ’self’ oriented nature of the sharing intentions: sharing data is focused on their own benefit, rather than sharing to help others in some way. Thus, data sharing with others almost becomes a by-product rather than the main functionality. This is also supported by previous research  into barriers to sharing data which supports that data is shared overwhelmingly for better management of their own condition instead of improving the health of others. It is hence necessary to consider how to motivate users to keep sharing data and how data sharing can be used for an individual’s benefit. This insight warrants further research into how shared data can be used by others to provide better self-management, for example, for better engagement with and access to healthcare professionals, or how shared data in combination with their own can help an individual to make better, more informed choices. This also suggests a lack of design exploration in this space, which supports users to interpret shared data in relation to their own.
Other noteworthy tensions arise also when we explored the design features around privacy and their intentions. A number of reports we reviewed stressed the importance of selective data sharing which places autonomy into the hands of the user. As previous work has pointed out , these desiderata are often in conflict with principles eschewed in biomedical ethics, such as equality and beneficence, and also lower the benevolence towards others with whom data is shared.
Many design features related to privacy and security and suggested how to increase user experiences around these themes. We were unable to establish how these design features, and privacy and security in general, related to trust in digital health technologies and how they might interact to increase or decrease trust. We will have to await further studies to provide knowledge in this area.
We have reported a scoping review of literature between 2008 and 2022 on the design of digital health technologies for sharing data with others, and the implications for intentions, user experience and TIPS. Conducting a thematic analysis of the 17 publications yielded the following insights:
- Sharing data was seen as a way to improve self-management of conditions by individuals, however, sharing behaviour was self-centric rather than focused on benevolence to others.
- While there seem to be positive aspects of instantaneous access and benevolence to sharing data, many fear misuse through Theft or Accidental Disclosure. Sharing data can also give rise to fears of being judged about their Self-Management Practices. This might place barriers in terms of privacy, security and indeed trust.
- Design features relating to trust were focused on host credibility and personalisation. It was found that mutual disclosure of sharing data can inspire trust.
- Identity was not a strong theme in our analysis and mainly focused on anonymisation of data. This might be due to lack of digital health technologies that focused on sharing with peers, where anonymisation matters more.
- Security was discussed relatively little and only in terms of high-level mechanisms. Little is still understood about security for sharing data in digital health technologies that is specifically user-focused.
- Privacy was the most covered aspect in terms of design features. Particularly important to users were the ability to selectively share data with others, and issues of transparent and informed consent to sharing data to allay their privacy concerns. Addressing these issues might lead to increased trust in and engagement with digital health technologies.
This area of work is still in its infancy, and it arguably requires interdisciplinarity to engage with, given the intersection of health and care with technology and design. We call upon researchers and practitioners working in Digital Health, HCI, Health Security, and related fields, to report their experiences with digital health technologies which support data sharing and the collection of more robust measures that can yield insights into the design of future technologies that can improve the self-management of chronic conditions.
- 1. Huh J, Hartzler A, Munson S, Anderson N, Edwards K, Gore JL, et al. Brainstorming design for health: helping patients utilize patient-generated information on the web. In: Proceedings of the ACM 2012 conference on Computer Supported Cooperative Work Companion [Internet]. Seattle, Washington, USA: Association for Computing Machinery; 2012 [cited 2020 Apr 24]. p. 11–2. (CSCW ‘12). Available from: https://doi.org/10.1145/2141512.2141519
- 2. Jacobs M, Johnson J, Mynatt ED. MyPath: Investigating Breast Cancer Patients’ Use of Personalized Health Information [Internet]. Association for Computing Machinery; 2018 [cited 2020 Apr 24]. Available from: https://doi.org/10.1145/3274347
- 3. Zhang J. Supporting Information Needs of Transitional Phases in Diabetes Management Through Online Health Communities. In: Companion of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing [Internet]. Portland, Oregon, USA: Association for Computing Machinery; 2017 [cited 2020 Apr 24]. p. 107–11. (CSCW ‘17 Companion). Available from: https://doi.org/10.1145/3022198.3024942
- 4. Grimes A, Landry BM, Grinter RE. Characteristics of shared health reflections in a local community. In: Proceedings of the 2010 ACM conference on Computer supported cooperative work [Internet]. Savannah, Georgia, USA: Association for Computing Machinery; 2010 [cited 2020 Jun 1]. p. 435–44. (CSCW ‘10). Available from: https://doi.org/10.1145/1718918.1718992
- 5. Huh J. Clinical Questions in Online Health Communities: The Case of “See your doctor” Threads. In: Proceedings of the 18th ACM Conference on Computer Supported Cooperative Work & Social Computing [Internet]. Vancouver, BC, Canada: Association for Computing Machinery; 2015 [cited 2020 Apr 24]. p. 1488–99. (CSCW ‘15). Available from: https://doi.org/10.1145/2675133.2675259
- 6. Hwang KO, Ottenbacher AJ, Green AP, Cannon-Diehl MR, Richardson O, Bernstam EV, et al. Social support in an Internet weight loss community. International Journal of Medical Informatics. 2010;79(1):5–13. pmid:19945338
- 7. Mohd Roffeei SH, Abdullah N, Basar SKR. Seeking social support on Facebook for children with Autism Spectrum Disorders (ASDs). Int J Med Inform. 2015 May;84(5):375–85. pmid:25701266
- 8. Nakikj D, Mamykina L. A Park or A Highway: Overcoming Tensions in Designing for Socio-emotional and Informational Needs in Online Health Communities. In: Proceedings of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing [Internet]. Portland, Oregon, USA: Association for Computing Machinery; 2017 [cited 2020 Apr 24]. p. 1304–19. (CSCW ‘17). Available from: https://doi.org/10.1145/2998181.2998339
- 9. Chen Y, Xu H. Privacy management in dynamic groups: understanding information privacy in medical practices. In: Proceedings of the 2013 conference on Computer supported cooperative work [Internet]. San Antonio, Texas, USA: Association for Computing Machinery; 2013 [cited 2020 Apr 24]. p. 541–52. (CSCW ‘13). Available from: https://doi.org/10.1145/2441776.2441837
- 10. O’Kane AA, Mentis HM, Thereska E. Non-static nature of patient consent: shifting privacy perspectives in health information sharing. In: Proceedings of the 2013 conference on Computer supported cooperative work [Internet]. San Antonio, Texas, USA: Association for Computing Machinery; 2013 [cited 2020 Apr 24]. p. 553–62. (CSCW ‘13). Available from: https://doi.org/10.1145/2441776.2441838
- 11. Wicks P, Massagli M, Frost J, Brownstein C, Okun S, Vaughan T, et al. Sharing Health Data for Better Outcomes on PatientsLikeMe. Journal of Medical Internet Research. 2010;12(2):e19. pmid:20542858
- 12. Frost JH, Massagli MP. Social uses of personal health information within PatientsLikeMe, an online patient community: what can happen when patients have access to one another’s data. J Med Internet Res. 2008 May 27;10(3):e15. pmid:18504244
- 13. Bussone A, Stumpf S, Buchanan G. It Feels Like I’M Managing Myself: HIV+ People Tracking Their Personal Health Information. In: Proceedings of the 9th Nordic Conference on Human-Computer Interaction [Internet]. New York, NY, USA: ACM; 2016. p. 55:1–55:10. (NordiCHI ‘16). Available from: http://doi.acm.org/ https://doi.org/10.1145/2971485.2971542
- 14. Frost M, Doryab A, Faurholt-Jepsen M, Kessing LV, Bardram JE. Supporting disease insight through data analysis: refinements of the monarca self-assessment system. In: Proceedings of the 2013 ACM international joint conference on Pervasive and ubiquitous computing [Internet]. Zurich, Switzerland: Association for Computing Machinery; 2013 [cited 2020 Jun 1]. p. 133–42. (UbiComp ‘13). Available from: https://doi.org/10.1145/2493432.2493507
- 15. Kim YH, Jeon JH, Lee B, Choe EK, Seo J. OmniTrack: A Flexible Self-Tracking Approach Leveraging Semi-Automated Tracking. Proc ACM Interact Mob Wearable Ubiquitous Technol. 2017 Sep 11;1(3):67:1–67:28.
- 16. Owen T, Pearson J, Thimbleby H, Buchanan G. ConCap: Designing to Empower Individual Reflection on Chronic Conditions using Mobile Apps. In: Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services [Internet]. Copenhagen, Denmark: Association for Computing Machinery; 2015 [cited 2020 Jun 1]. p. 105–14. (MobileHCI ‘15). Available from: https://doi.org/10.1145/2785830.2785881
- 17. Nissenbaum H. A Contextual Approach to Privacy Online. Daedalus. 2011 Sep 29;140(4):32–48.
- 18. Weitzman ER, Cole E, Kaci L, Mandl KD. Social but safe? Quality and safety of diabetes-related online social networks. J Am Med Inform Assoc. 2011 May 1;18(3):292–7. pmid:21262920
- 19. Gordon P, Camhi E, Hesse R, Odlum M, Schnall R, Rodriguez M, et al. Processes and outcomes of developing a continuity of care document for use as a personal health record by people living with HIV/AIDS in New York City. Int J Med Inform. 2012 Oct;81(10):e63–73. pmid:22841825
- 20. Luque AE, van Keken A, Winters P, Keefer MC, Sanders M, Fiscella K. Barriers and Facilitators of Online Patient Portals to Personal Health Records Among Persons Living With HIV: Formative Research. JMIR Res Protoc. 2013 Jan 22;2(1):e8. pmid:23612564
- 21. Waldman AE. Privacy as trust: information privacy for an information age. Cambridge University Press; 2018.
- 22. El Maliki T, Seigneur JM. Online Identity and User Management Services. In: Vacca JR, editor. Computer and Information Security Handbook (Second Edition) [Internet]. Boston: Morgan Kaufmann; 2013 [cited 2020 Jun 1]. p. 459–84. Available from: http://www.sciencedirect.com/science/article/pii/B9780123943972000258
- 23. Belanger F, Hiller JS, Smith AJ. Trustworthiness in electronic commerce: the role of privacy, security, and site attributes. The Journal of Strategic Information Systems. 2002;245–70.
- 24. Westin AF. Privacy and freedom. Washington and Lee Law Review. 1968;25(1):166.
- 25. Archer N, Fevrier-Thomas U, Lokker C, McKibbon KA, Straus SE. Personal health records: a scoping review. Journal of the American Medical Informatics Association. 2011 Jul 1;18(4):515–22. pmid:21672914
- 26. Abd-alrazaq AA, Bewick BM, Farragher T, Gardner P. Factors that affect the use of electronic personal health records among patients: A systematic review. International Journal of Medical Informatics. 2019 Jun 1;126:164–75. pmid:31029258
- 27. Tapuria A, Porat T, Kalra D, Dsouza G, Xiaohui S, Curcin V. Impact of patient access to their electronic health record: systematic review. Informatics for Health and Social Care. 2021 Jun 2;46(2):194–206. pmid:33840342
- 28. Adjekum A, Blasimme A, Vayena E. Elements of Trust in Digital Health Systems: Scoping Review. Journal of Medical Internet Research. 2018 Dec 13;20(12):e11254. pmid:30545807
- 29. COVID-19 infodemic and digital health literacy in vulnerable populations: A scoping review—Mohamed-Amine Choukou, Diana C Sanchez-Ramirez, Margriet Pol, Mohy Uddin, Caroline Monnin, Shabbir Syed-Abdul, 2022 [Internet]. [cited 2023 Feb 14]. Available from: https://journals.sagepub.com/doi/10.1177/20552076221076927
- 30. Tricco AC, Lillie E, Zarin W, O’Brien KK, Colquhoun H, Levac D, et al. PRISMA Extension for Scoping Reviews (PRISMA-ScR): Checklist and Explanation. Ann Intern Med. 2018 Oct 2;169(7):467–73. pmid:30178033
- 31. Xu W, Liu Y. mHealthApps: A Repository and Database of Mobile Health Apps. JMIR mHealth and uHealth. 2015 Mar 18;3(1):e4026. pmid:25786060
- 32. Braun V, Clarke V. Using thematic analysis in psychology. Qualitative Research in Psychology. 2006;3(2):77–101.
- 33. Braun V, Clarke V. One size fits all? What counts as quality practice in (reflexive) thematic analysis? Qualitative Research in Psychology. 2021 Jul 3;18(3):328–52.
- 34. Cheng KG, Hayes GR, Hirano SH, Nagel MS, Baker D. Challenges of integrating patient-centered data into clinical workflow for care of high-risk infants. Pers Ubiquit Comput. 2015 Jan 1;19(1):45–57.
- 35. Ahmed SI, Haque MdR, Chen J, Dell N. Digital Privacy Challenges with Shared Mobile Phone Use in Bangladesh. Proc ACM Hum-Comput Interact. 2017 Dec 6;1(CSCW):17:1–17:20.
- 36. Castro LA, Favela J, Quintana E, Perez M. Behavioral data gathering for assessing functional status and health in older adults using mobile phones. Pers Ubiquit Comput. 2015 Feb 1;19(2):379–91.
- 37. Alexander DS, Kiser S, North S, Roberts CA, Carpenter DM. Exploring community members’ perceptions to adopt a Tele-COPD program in rural counties. Explor Res Clin Soc Pharm. 2021 May 6;2:100023. pmid:35481132
- 38. Allan S, Bradstreet S, Mcleod H, Farhall J, Lambrou M, Gleeson J, et al. Developing a Hypothetical Implementation Framework of Expectations for Monitoring Early Signs of Psychosis Relapse Using a Mobile App: Qualitative Study. J Med Internet Res. 2019 Oct 24;21(10):e14366. pmid:31651400
- 39. Amann J, Fiordelli M, Scheel-Sailer A, Brach M, Rubinelli S. Opportunities and Challenges of a Self-Management App to Support People With Spinal Cord Injury in the Prevention of Pressure Injuries: Qualitative Study. JMIR Mhealth Uhealth. 2020 Dec 9;8(12):e22452. pmid:33295876
- 40. Bucci S, Morris R, Berry K, Berry N, Haddock G, Barrowclough C, et al. Early Psychosis Service User Views on Digital Technology: Qualitative Analysis. JMIR Mental Health. 2018 Oct 31;5(4):e10091. pmid:30381280
- 41. Cronin RM, Conway D, Condon D, Jerome RN, Byrne DW, Harris PA. Patient and healthcare provider views on a patient-reported outcomes portal. J Am Med Inform Assoc. 2018 Nov 1;25(11):1470–80. pmid:30239733
- 42. Gilbert RM, Sumodhee D, Pontikos N, Hollyhead C, Patrick A, Scarles S, et al. Collaborative Research and Development of a Novel, Patient-Centered Digital Platform (MyEyeSite) for Rare Inherited Retinal Disease Data: Acceptability and Feasibility Study. JMIR Form Res. 2022 Jan 31;6(1):e21341. pmid:35099396
- 43. Haggstrom DA, Carr T. Uses of Personal Health Records for Communication Among Colorectal Cancer Survivors, Caregivers, and Providers: Interview and Observational Study in a Human-Computer Interaction Laboratory. JMIR Hum Factors. 2022 Jan 25;9(1):e16447. pmid:35076406
- 44. Hall S, Sattar S, Ahmed S, Haase KR. Exploring Perceptions of Technology Use to Support Self-Management Among Older Adults with Cancer and Multimorbidities. Semin Oncol Nurs. 2021 Dec;37(6):151228. pmid:34753638
- 45. Nicholas J, Shilton K, Schueller SM, Gray EL, Kwasny MJ, Mohr DC. The Role of Data Type and Recipient in Individuals’ Perspectives on Sharing Passively Collected Smartphone Data for Mental Health: Cross-Sectional Questionnaire Study. JMIR mHealth and uHealth. 2019 Apr 5;7(4):e12578. pmid:30950799
- 46. Nightingale R, Hall A, Gelder C, Friedl S, Brennan E, Swallow V. Desirable Components for a Customized, Home-Based, Digital Care-Management App for Children and Young People With Long-Term, Chronic Conditions: A Qualitative Exploration. J Med Internet Res. 2017 Jul 4;19(7):e235. pmid:28676470
- 47. Öberg U, Isaksson U, Jutterström L, Orre CJ, Hörnsten Å. Perceptions of Persons With Type 2 Diabetes Treated in Swedish Primary Health Care: Qualitative Study on Using eHealth Services for Self-Management Support. JMIR Diabetes. 2018 Mar 12;3(1):e7. pmid:30291075
- 48. Maria Piras E, Zanutto A. “One day it will be you who tells us doctors what to do!”. Exploring the “Personal” of PHR in paediatric diabetes management. Information Technology & People. 2014 Jan 1;27(4):421–39.
- 49. Rutland SB, Bergquist RP, Hager A, Geurs R, Mims C, Gutierrez HH, et al. A Mobile Health Platform for Self-Management of Pediatric Cystic Fibrosis: Qualitative Study of Adaptation to Stakeholder Needs and Integration in Clinical Settings. JMIR Form Res. 2021 Jan 26;5(1):e19413. pmid:33496667
- 50. Tieu L, Sarkar U, Schillinger D, Ralston JD, Ratanawongsa N, Pasick R, et al. Barriers and Facilitators to Online Portal Use Among Patients and Caregivers in a Safety Net Health Care System: A Qualitative Study. J Med Internet Res. 2015 Dec 3;17(12):e275. pmid:26681155
- 51. You CW, Chuang Y, Lin HY, Tsai JT, Huang YC, Kuo CH, et al. SoberComm: Using Mobile Phones to Facilitate Inter-family Communication with Alcohol-dependent Patients. Proc ACM Interact Mob Wearable Ubiquitous Technol. 2019 Sep 9;3(3):119:1–119:31.
- 52. Zhang D, Lim J, Zhou L, Dahl AA. Breaking the Data Value-Privacy Paradox in Mobile Mental Health Systems Through User-Centered Privacy Protection: A Web-Based Survey Study. JMIR Mental Health. 2021 Dec 24;8(12):e31633. pmid:34951604
- 53. Zhou L, Parmanto B. User Preferences for Privacy Protection Methods in Mobile Health Apps: A Mixed-Methods Study. Int J Telerehabil. 12(2):13–26. pmid:33520091
- 54. Riggare S. E-patients hold key to the future of healthcare. BMJ [Internet]. 2018;360. Available from: https://www.bmj.com/content/360/bmj.k846 pmid:29483151
- 55. Cavoukian A. Privacy by design and the emerging personal data ecosystem. 2012;
- 56. Brooke J. SUS-A quick and dirty usability scale. Usability evaluation in industry. 1996;189(194):4–7.
- 57. Schrepp M, Thomaschewski J, Hinderks A. Construction of a Benchmark for the User Experience Questionnaire (UEQ). International Journal of Interactive Multimedia and Artificial Intelligence [Internet]. 2017 [cited 2022 Oct 3];4(Regular Issue). Available from: https://www.ijimai.org/journal/bibcite/reference/2604
- 58. Minge M, Thüring M, Wagner I, Kuhr CV. The meCUE Questionnaire: A Modular Tool for Measuring User Experience. In: Soares M, Falcão C, Ahram TZ, editors. Advances in Ergonomics Modeling, Usability & Special Populations. Cham: Springer International Publishing; 2017. p. 115–28. (Advances in Intelligent Systems and Computing).
- 59. Sillence E, Blythe JM, Briggs P, Moss M. A Revised Model of Trust in Internet-Based Health Information and Advice: Cross-Sectional Questionnaire Study. Journal of Medical Internet Research. 2019 Nov 11;21(11):e11125. pmid:31710297
- 60. Bussone A, Kasadha B, Stumpf S, Durrant AC, Tariq S, Gibbs J, et al. Trust, Identity, Privacy, and Security Considerations for Designing a Peer Data Sharing Platform Between People Living With HIV. Proc ACM Hum-Comput Interact. 2020 Oct 14;4(CSCW2):173:1–173:27.
- 61. Brown R, Coventry L, Sillence E, Blythe J, Stumpf S, Bird J, et al. Collecting and sharing self-generated health and lifestyle data: Understanding barriers for people living with long-term health conditions–a survey study. DIGITAL HEALTH. 2022 Jan 1;8:20552076221084456. pmid:35284085
- 62. Loi M, Christen M, Kleine N, Weber K. Cybersecurity in health–disentangling value tensions. Journal of Information, Communication and Ethics in Society. 2019 Jan 1;17(2):229–45.