Personal Data Protection in Smart Home Activity Monitoring for Digital Health: A Case Study
Claudio Bettini, Azin Moradbeikie, Gabriele Civitarese
TL;DR
This paper addresses privacy challenges in sensor-based HAR for smart-home digital health by presenting a privacy-by-design framework implemented in the SERENADE pilot. It defines a structured privacy model with clearly delineated roles, data types, and authorization, and enforces protections through pseudonymization, strict access control, encryption, and secure data flows. A dedicated dataflow architecture separates identifying data from sensor data, and D4 outdoor mobility data are handled with privacy-preserving analyses and anonymized outputs for clinicians. The implemented Docker-based platform demonstrates practical integration of privacy safeguards with clinical workflows, IRB compliance, and attention to regulatory and AI-act considerations, while outlining future enhancements like TEEs and extended encryption.
Abstract
Researchers in pervasive computing have worked for decades on sensor-based human activity recognition (HAR). Among the digital health applications, the recognition of activities of daily living (ADL) in smart home environments enables the identification of behavioral changes that clinicians consider as a digital bio-marker of early stages of cognitive decline. The real deployment of sensor-based HAR systems in the homes of elderly subjects poses several challenges, with privacy and ethical concerns being major ones. This paper reports our experience applying privacy by design principles to develop and deploy one of these systems.