A Usable Security Heuristic Evaluation for the Online Health Social Networking Paradigm

International Journal of Human-Computer Interaction

Volumn 28, Issue 10, 2012, Pages 678-694

  Yeratziotis, Alexandros ^a   Pottas, Dalenca ^a   van Greunen, Darelle ^a  

^a NELSON MANDELA METROPOLITAN UNIVERSITY   (South Africa)

Author keywords

[No Author keywords available]

Indexed keywords

DESIGN IMPROVEMENTS; HEURISTIC EVALUATION; SECURITY AND PRIVACY; USABLE SECURITY; USERS' EXPERIENCES;

COMPUTER PRIVACY; HEALTH;

SOCIAL NETWORKING (ONLINE);

EID: 84866328564     PISSN: 10447318     EISSN: 15327590     Source Type: Journal    
DOI: 10.1080/10447318.2011.654202     Document Type: Article

References (50)

1. Adler, K.G. 2006. Web portals in primary care: An evaluation of patient readiness and willingness to pay for online services. Journal of Medical Internet Research, 8: e26 doi:10.2196/jmir.8.4.e26
2. AICPA. (2005). Comparison of international privacy concepts. http://www.aicpa.org/
3. AICPA. (2009). Privacy-An introduction to generally accepted privacy principles. http://www.aicpa.org/
4. Baker, K., Greenberg, S. and Gutwin, C. 2001. Heuristic evaluation of groupware based on the mechanics of collaboration. Proceedings of the 8th IFIP International Conference on Engineering for Human-Computer Interaction,: 123-140.
5. Ballard, J.K. 2010. Web site usability: A case study of student perceptions of educational web sites, University of Minnesota. (Unpublished doctoral dissertation)
6. Brunk, B. 2005. "A user-centric privacy space framework". In Security and usability: Designing secure systems that people can use, Edited by: Cranor, L. F. and Garfinkel, S. 401-420. Sebastopol, CA: O'Reilly Media.
7. Centre for Democracy and Technology. (2009). CDT's guide to online privacy. Privacy basics: The OECD guidelines, 2009. http://www.cdt.org/privacy/guide/basic/oecdguidelines.php
8. Cranor, L. F. 2005. "Privacy policies and privacy preferences". In Security and usability: Designing secure systems that people can use, Edited by: Cranor, L. F. and Garfinkel, S. 447-472. Sebastopol, CA: O'Reilly Media Inc.
9. Eysenbach, G. 2008. Medicine 2.0: Social networking, collaboration, participation, apomediation, and openness. Journal of Medical Internet Research, 10: e22 doi:10.2196/jmir.1030
10. Flenchais, I. and Sasse, M. A. 2007. Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-Science. International Journal of Human-Computer Studies, 67: 281-296. doi:10.1016/j.ijhcs.2007.10.002
11. Frost, J. H. and Massagli, M. P. 2008. Social Uses of personal health information within PatientsLikeMe, an online patient community: What can happen when patients have access to one another's data. Journal of Medical Internet Research, 10: e15 doi:10.2196/jmir.1053
12. Furnell, S. 2005. Why users cannot use security. Computers & Security, 24 June: 274-279. doi:10.1016/j.cose.2005.04.003
13. Furnell, S. M., Jusoh, A. and Katsabas, D. 2006. The challenges of understanding and using security: A survey of end-users. Computers & Security, 25: 27-35.
14. Google. (2011, June 24). An update on Google Health and Google PowerMeter [Blog post]. http://googleblog.blogspot.com/2011/06/update-on-google-health-and-google.html
15. Google Health. (2009). https://www.google.com/accounts/ServiceLogin?service=health&nui=1&continue=https%3A%2F%2Fhealth.google.com%2Fhealth%2Fp%2F&followup=https%3A%2F%2Fhealth.google.com%2Fhealth%2Fp%2F&rm=hide
16. Halamka, J. D., Mandl, K. D. and Tang, P. C. 2007. Early experiences with personal health records. Journal of the American Medical Informatics Association, 15: 1-7. doi:10.1197/jamia.M2562
17. Hertzum, M. and Jacobsen, N. E. 2001. The evaluator effect: A chilling fact about usability evaluation methods. International Journal of Human-Computer Interaction, 13: 421-443.
18. Hertzum, M., Juul, N. C., Jorgensen, N., & Norgaard, M. (2004). Usable security and e-banking: Ease of use vis-a-vis security (Tech. Rep.). http://www.ruc.dk/~nielsj/research/papers/ebanking-tr.pdf
19. Hornbaek, K. and Frokjaer, E. 2004. Usability inspection by metaphors of human thinking compared to heuristic evaluation. International Journal of Human-Computer Interaction, 17: 357-374.
20. IAPP. (2011). CICA releases privacy maturity model. https://www.privacyassociation.org/publications/2010_08_13_cica_releases_privacy_maturity_model/
21. ISO 9241-210. 2010. Ergonomics of human-system interaction-Part 210, Human-centred design for interactive systems.
22. ISO/IEC 27002. 2005. Information technology-Security techniques-Code of practice for information security management using: ISO/IEC 27002: ISO
23. ISO/IEC 27799. 2008. Health informatics-Information security management in health using: ISO/IEC 27002: ISO
24. Johnston, J., Eloff, J. H. P. and Labuschagne, L. 2003. Security and human computer interfaces. Computers & Security, 22: 675-684.
25. Katsabas, D., Furnell, S. M. and Dowland, P. S. 2005. Using human-computer interaction principles to promote usable security. Proceedings of the Fifth International Network Conference (INC 2005),: 5e7
26. Law, E. L. 2007. "Heuristic evaluation". In R3UEMs: Review, Report and Refine International Workshop, Edited by: Scapin, D. and Law, E. 61-63. MAUSE.
27. Law, E. L. and Hvannberg, E. T. 2004. Analysis of strategies for improving and estimating the effectiveness of heuristic evaluation. Proceedings of the third Nordic Conference on Human-Computer Interaction,: 241-250. doi:10.1145/1028014.1028051
28. Ling, C. and Salvendy, G. 2005. Extension of heuristic evaluation method: a review and re-appraisal. International Journal of Ergonomics and Human Factors, 27: 179-197.
29. Ling, C. and Salvendy, G. 2007. "Optimizing heuristic evaluation process in e-commerce: Use of the Taguchi Method". In International Journal of Human-Computer Interaction Vol. 22, 271-287.
30. Molich, R. and Nielsen, J. 1990. Improving computer dialogue. Communications of the ACM, 33: 338-348.
31. Nielsen, J. 1994. "Heuristic evaluation". In Usability inspection methods, Edited by: Nielsen, J. and Mack, R. L. 25-62. New York, NY: Wiley.
32. NIST Special Publication 800-53. 2009. INFORMATION SECURITY-Recommended security controls for federal information systems and organizations using (NIST Special Publication 800-53)
33. Paddison, C. and Englefield, P. 2004. Applying heuristics to accessibility inspections. Interacting With Computers, 16: 507-521.
34. Pierotti, D. (1995). Heuristic evaluation: A system checklist. In Usability analysis and design. Norwalk, CT: Xerox Corporation. http://www.stcsig.org/usability/topics/articles/he-checklist.html
35. Purdy, R. (2008). The power and the perils of using social networking tools in the NHS. A masterclass for the NHS Faculty of Health Informatics. http://www.library.nhs.uk/SpecialistLibrarySearch/Download.aspx?resID=289920
36. Roessler, T., & Saldhana, A. (2009). Web security context: User interface guidelines (W3C working draft). http://www.w3.org/TR/wsc-ui/
37. Rosenbaum, S., Rohn, J. A. and Humburg, J. 2000. A toolkit for strategic usability: results from workshops, panels, and surveys. CHI'00 Proceedings of the SIGCHI conference on Human Factors in Computing Systems,: 337-344.
38. Rozinov, K. 2004. Are usability and security two opposite directions in computer systems? (White paper). Brooklyn, New York, Department of Computer and Information Science, Polytechnic University.
39. Sim, G., Read, J. C. and Cockton, G. 2009. "Evidence-based design of heuristics for computer assisted assessment". In Proceedings of the 12th IFIP TC 13 International Conference 204-216.
40. Somervell, J. and McCrickard, D.S. 2005. Better discount evaluation: Illustrating how critical parameters support heuristic creation. Interacting with Computers, 17: 592-612.
41. Straub, T. and Baier, H. 2004. "A framework for evaluating the usability and the utility of pki-enabled applications". In EuroPKI 2004, Proceedings of the 1st European PKI Workshop 112-125.
42. Vredenburg, K., Mao, J., Smith, P. W. and Carey, T. 2002. "A survey of user-centered design practice". In Conference on Human Factors in Computing Systems; SIGCHI Conference on Human Factors in Computing Systems: Changing Our World Changing Ourselves 471-478.
43. Whitten, A., & Tygar, J. D. (2003). Safe staging for computer security. Proceedings of the CHI2003 Workshop on Human-Computer Interaction and Security Systems. www.andrewpatrick.ca/CHI2003/HCISEC/hcisec-workshop-whitten.pdf
44. Whitten, A. and Tygar, J. D. 2005. "Why Johnny can't encrypt: A usability evaluation of PGP 5.0". In Security and usability: Designing secure systems that people can use, Edited by: Cranor, L. F. and Garfinkel, S. 669-692. Sebastopol, CA: O'Reilly Media.
45. Woolrych, A. and Cockton, G. 2001a. "Understanding inspection methods: Lessons from an assessment of heuristic evaluation". In People & computers XV, Edited by: Blandford, A. and Vanderdonckt, J. 171-192. New York, NY: Springer-Verlag.
46. Woolrych, A. and Cockton, G. 2001b. "Why and when five test users aren't enough". In Proceedings of IHM-HCI 2001 Conference, Edited by: Vanderdonckt, J., Blandford, A. and Derycke, A. Vol. 2, 105-108. Toulouse, France: Cépadèus.
47. Woolrych, A. and Cockton, G. 2002. Sale must end: should discount methods be cleared off HCI's shelves?. Interactions, 9: 13-18.
48. Yee, K. 2002. User interaction design for secure systems. ICICS' 02: Proceedings of the 4th International Conference on Information and Communications Security,: 278-290.
49. Yeratziotis, A., Pottas, D. and van Greunen, D. 2011. "A three-phase process to develop heuristics". In Proceedings of the 13th ZA-WWW Conference
50. Zickmund, S. L., Hess, R., Bryce, C. L., McTigue, K., Olshansky, E.Fitzgerald, K. 2007. Interest in the use of computerized patient portals: role of the provider-patient relationship. Journal of General Internet Medicine,: 20-26. doi:10.1007/s11606-007-0273-6