This study proposes a practical, ethics-by-design framework that helps healthcare organizations safeguard patient privacy, comply with regulations, and retain clinical efficiency as they adopt cloud-enabled and AI-assisted digital health services.
A three-tier architecture is modelled. At the user layer, explicit, revocable consent tokens govern data sharing. At the clinical layer, Electronic Health-Record (EHR) workflows are reinforced with HIPAA-aligned governance, role-based access control, and multi-factor authentication. At the data-processing layer, Health Information Exchange (HIE), audits, firewalls, data analysis policies, and practice management software, enhanced by blockchain-based auditing and AI-driven monitoring are implemented for anomaly detection. The framework is stress-tested with scenario-based penetration tests covering phishing, ransomware, insider misuse, and supply-chain compromise.
The framework blocked credential theft, limited insider misuse, and maintained data integrity across simulated phishing, man-in-the-middle, adversarial, and data-poisoning attacks. Case-study analysis (e.g., the 2020 University of Utah Health breach) showed the model’s layered controls would have detected or prevented 90% of compromise vectors.
Unlike single-point security add-ons, the work integrates ethical, legal, and technical safeguards into a unified, scalable design that clinicians can adopt without specialised security expertise. The clear mapping to international standards makes the blueprint transferable to hospitals and telehealth providers seeking fast-track compliance and long-term trust.
1. Introduction
Digital innovation has reshaped healthcare, expanding access and efficiency. Telemedicine and Electronic Health Records (EHRs) now let patients consult clinicians from home, while wearables and mobile apps help individuals track vital signs and manage chronic conditions [1–3]. Seamless information-sharing between professionals shortens referral times and improves coordination, leading to better outcomes.
Communication tools bring clear benefits yet introduce new risks. Remote consultations reach underserved areas and EHRs cut transcription errors, but reduced face-to-face contact can weaken rapport, and every additional networked device widens the attack surface [4]. Breaches of medical data threaten privacy, and unequal connectivity can entrench disparities [5]. Any digital solution must therefore balance innovation with safeguards that protect dignity, confidentiality, and equitable service delivery.
Trustworthiness is the bedrock of effective care. A trustworthy system consistently meets user expectations, minimises errors, and defends against cyber threats while preserving patient data integrity [6, 7]. Ethical practice further demands that development, deployment, and use follow principles that respect autonomy, prevent harm, and comply with regulations such as Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR) [8]. Equity is non-negotiable: everyone, regardless of location or status, should receive the same quality of service and protection.
Significant challenges complicate this agenda. First, sophisticated attackers target healthcare databases, and a single breach can expose lifelong records. Privacy must be preserved while still permitting legitimate research and clinical exchange in line with statutory frameworks [2]. Second, limited broadband or device availability can deny marginalised communities the benefits of telehealth, widening existing gaps. Third, maintaining informed consent and confidentiality becomes more complex as predictive analytics and decision-support applications proliferate, raising issues of accountability and transparency [9].
Policymakers have begun to respond. Germany’s 2021 Data Ethics Council stressed embedding moral reflection at the earliest design stages rather than bolting constraints on later [10]. The World Health Organization provided global ethical guidance to help decision-makers weigh benefits, risks, and social values when rolling out digital health services [11]. Extensive research has catalogued the legal and ethical threats surrounding healthcare data [12, 13]. Yet these documents and studies often stop short of detailing day-to-day mechanisms that institutions can adopt. Practical governance is still needed to translate broad principles into concrete safeguards that align technology, policy, and clinical practice.
This paper addresses that gap by presenting a holistic model for trustworthy, ethics-based healthcare delivery. The design integrates policy requirements and technical controls into a three-tier architecture spanning users, clinical workflows, and data processing. At the user tier, agreements between patients and providers are coupled with EHR and HIPAA provisions to define acceptable use and notification duties [6]. At the clinical tier, staff contracts and organisational rules reinforce the same statutes, guiding daily practice. At the data-processing tier, Health Information Exchange (HIE), audit trails, firewalls, practice-management software, and algorithmic monitoring safeguard records and flag deviations [14]. Both the organisation and the patient are alerted whenever violations occur, ensuring transparency and rapid remediation.
This work contributes to the development of a multi-layered framework for trustworthy, ethics-based healthcare systems. The proposed architecture integrates user, clinician, and data processing layers to embed ethical principles in daily healthcare operations. The three main contributions identified are:
It demonstrates how data-centred ethics and trust can shape inclusive systems that respect patient rights and preferences.
It introduces a concrete framework which combining impact assessment, ethical auditing, and participatory design to embed those values in technical and organisational practice.
It evaluates the framework against multiple violation scenarios, showing how the approach upholds regulatory obligations and protects stakeholder interests.
The remainder of the paper is organised as follows. Section 2 reviews contemporary healthcare communication systems. Section 3 analyses ethical imperatives and practical barriers. Section 4 details the proposed model. Section 5 discusses unresolved issues, and Section 6 presents conclusions and future directions.
2. Healthcare systems and communication
In this section, we will discuss the role of communication technology development in developing healthcare systems and its ethical requirements.
2.1 Emerging communications technology in healthcare development
In contrast to public health services, personal health services are provided on an individual level within the healthcare system [15]. These services encompass personal care, health promotion programs, disease prevention, early diagnosis, and social and occupational rehabilitation. Digital care, a facet of modern healthcare, integrates software, hardware, and services to digitize and improve the healthcare industry. In this context, healthcare systems, as defined by WHO, aim to enhance the delivery of care both inside and outside healthcare provider organizations through innovative digital solutions. It includes electronic medical records, mobile health, customized medicine, telehealth, and telemedicine [16]. Leveraging contemporary Internet technologies like cloud, fog, Software-Defined Networking (SDN), and network management [17], digital care facilitates remote patient monitoring and information sharing between patients and medical teams.
Figure 1 illustrates the health care process, where sensors track a patient’s vital signs and transmit data. Any concerning changes in vital signs can trigger automatic alerts to medical personnel [18]. Data flows from the patient to the nearest switch, gateway, and then to the Internet. Robust network management ensures data availability while safeguarding patient privacy and reducing energy consumption [19]. The ultimate goal is to establish an ethical system based on trust, confidentiality, and privacy to provide sustainable and secure healthcare services to patients.
A figure on the left side represents a person with sensors monitoring pulse rate, blood pressure, and E C G (electrocardiogram). These measurements are transmitted to two network routers (depicted as boxes with arrows) through wireless signals. The data is then sent via the internet (depicted as a cloud) to a server for mobility management (depicted by a vertical box). The system further transmits the data through the internet to a remote user, who is depicted sitting in front of a computer, receiving the health information.Healthcare pathways [2]. Source: Author’s own work
A figure on the left side represents a person with sensors monitoring pulse rate, blood pressure, and E C G (electrocardiogram). These measurements are transmitted to two network routers (depicted as boxes with arrows) through wireless signals. The data is then sent via the internet (depicted as a cloud) to a server for mobility management (depicted by a vertical box). The system further transmits the data through the internet to a remote user, who is depicted sitting in front of a computer, receiving the health information.Healthcare pathways [2]. Source: Author’s own work
2.2 Domain of health-care applications
Applications for healthcare go beyond merely remotely monitoring patients’ vital signs and sending them to the health department (medical staff). It also has several more uses and capabilities, including decision-making and the analysis of medical data [20]. Yet, the wired and wireless communications network infrastructure serves as the basis for each of these applications. The components of this infrastructure include assuring fast data transfer, network availability, and data security. Healthcare systems have various uses, but as Figure 2 shows, most of these applications now concentrate on five key challenges.
At the center, a circle labeled “Digital-care applications.” Surrounding the central circle are five icons representing different healthcare applications: Online monitoring: It is depicted with a doctor and patient icon, showing remote monitoring of health. Robotics surgery: It is depicted with a surgeon using robotic surgery equipment. Online consultation: It is depicted with two people, one holding a smartphone and the other appearing as a healthcare professional on the screen, indicating a virtual consultation. Emergency medical cases: It is depicted with a medical symbol and first-aid icon, representing emergency medical care. Fitness tracking: it is depicted with a smartwatch on a wrist, symbolizing fitness tracking and health monitoring.Main healthcare apps. Source: Author’s own work
At the center, a circle labeled “Digital-care applications.” Surrounding the central circle are five icons representing different healthcare applications: Online monitoring: It is depicted with a doctor and patient icon, showing remote monitoring of health. Robotics surgery: It is depicted with a surgeon using robotic surgery equipment. Online consultation: It is depicted with two people, one holding a smartphone and the other appearing as a healthcare professional on the screen, indicating a virtual consultation. Emergency medical cases: It is depicted with a medical symbol and first-aid icon, representing emergency medical care. Fitness tracking: it is depicted with a smartwatch on a wrist, symbolizing fitness tracking and health monitoring.Main healthcare apps. Source: Author’s own work
In emergency situations, healthcare, including telemedicine, remote monitoring, and electronic health records, can provide vital support, especially in remote or underserved areas, enhancing the speed and quality of care [14]. Moreover, wearable devices like fitness trackers and smartwatches are increasingly popular for real-time health monitoring, offering valuable insights into health metrics, especially beneficial for chronic disease management and fitness goals. In addition, online consultation is gaining traction, providing convenient access to healthcare providers, particularly for those with geographic or mobility constraints, and potentially reducing the burden on traditional healthcare services. However, privacy and security concerns regarding data transfer over the internet should be considered [21].
Regarding online health monitoring, it enables individuals to track their health metrics from home, aiding chronic condition management and early issue detection. It enhances patient engagement and motivation by providing real-time feedback but requires vigilance regarding device accuracy and data security [5]. Moreover, robotic surgery, leveraging advanced computer technology, enables highly precise and minimally invasive procedures, particularly beneficial for complex surgeries like heart or gynecological procedures. Concerns include cost, accessibility, and the need for specialized training. However, in all healthcare applications, ethical considerations such as data privacy, consent, and equitable access must be integral components of the design and delivery, aligning with ethical frameworks from organizations like WHO and HIPAA [22].
3. The need for ethics in healthcare systems
Ethics safeguards patient welfare as digital services proliferate. Four system-level functions illustrate its importance:
Protecting rights and autonomy. Privacy, informed consent, and respect for patient decisions [13].
Enhancing care quality. Confidentiality and clear accountability improve clinical outcomes.
Managing conflicts of interest. Ethical rules keep financial motives from overriding patient needs [23].
Guiding difficult choices. Resource allocation and end-of-life decisions benefit from a principled framework [24].
These ethical standards rely on a framework of theories and guidelines for healthcare professionals and organizations, facilitating ethical decision-making and conduct [25]. Among these principles are:
Autonomy: Acknowledging patients’ right to decide on their medical treatment and have those decisions honored by healthcare providers. This encompasses access to health information, treatment information, and the right to refuse treatment [26].
Beneficence: Mandating healthcare providers to act in the best interests of their patients, providing top-quality care, preventing harm, and promoting well-being [27].
Non-Maleficence: Requiring healthcare providers to avoid causing harm to patients, taking preventive measures, avoiding harmful actions, and mitigating harm when it occurs.
Justice: Demanding fair and equitable distribution of resources within healthcare systems, ensuring universal access to necessary care, irrespective of financial capacity, while preventing discrimination based on various factors [8].
Confidentiality: Enforcing the privacy and protection of personal health information from unauthorized use or disclosure [8].
These principles serve as a compass for healthcare decisions, often harmonizing but occasionally conflicting in specific situations. To effectively apply these principles within healthcare applications, comprehending the challenges associated with communication technology is essential, a topic explored in the subsequent sub-section.
3.1 Challenges associated with applying ethical principles in healthcare systems
This section builds on the communication-related context outlined earlier by focusing on how ethical concerns emerge during system implementation. While Section 2 discussed the technical roles of communication infrastructure in healthcare, here we analyze how these technological elements introduce ethical complexity in daily operations. Specifically, advancements in communication systems facilitate remote diagnostics and monitoring, but they also expose patient data to increased risks of misuse or unauthorized access. Integrating these technologies requires ethical considerations such as informed consent, transparency in data usage, and equitable access [10–12]. Achieving this balance calls for collaboration among technical teams, clinical experts, and regulatory stakeholders [13]. Table 1 summarizes major ethical concerns and outlines practical responses tailored for operational implementation.
Challenges and solutions to the use of communication technology in healthcare applications
| Challenges | Suggested solutions |
|---|---|
| Privacy and confidentiality | Implement robust privacy policies, encryption, and access controls to secure sensitive patient information |
| Data ownership and control | Enhance transparency and accountability through data governance frameworks, privacy tools, and blockchain technology |
| Bias and discrimination | Develop and implement fairness detection algorithms, explainable AI, and governance policies to address algorithmic bias |
| Informed consent | Employ clear privacy notices, electronic consent forms, and secure messaging systems to ensure informed patient participation |
| Interoperability | Adopt standardized data exchange protocols such as Health Level Seven (HL7) and Fast Healthcare Interoperability Resources (FHIR), and leverage HIE networks |
| Legal and regulatory framework | health systems must stay up-to-date with the latest laws and regulations and must work with regulators and other stakeholders to ensure that ethical principles are being upheld |
| Implementation barriers | Invest in training, project management tools, and stakeholder engagement frameworks to address technical and organizational barriers |
| Real-time application | Rely on robust infrastructure to support real-time processing, fault tolerance, and low-latency data exchanges |
| Challenges | Suggested solutions |
|---|---|
| Privacy and confidentiality | Implement robust privacy policies, encryption, and access controls to secure sensitive patient information |
| Data ownership and control | Enhance transparency and accountability through data governance frameworks, privacy tools, and blockchain technology |
| Bias and discrimination | Develop and implement fairness detection algorithms, explainable AI, and governance policies to address algorithmic bias |
| Informed consent | Employ clear privacy notices, electronic consent forms, and secure messaging systems to ensure informed patient participation |
| Interoperability | Adopt standardized data exchange protocols such as Health Level Seven (HL7) and Fast Healthcare Interoperability Resources (FHIR), and leverage HIE networks |
| Legal and regulatory framework | health systems must stay up-to-date with the latest laws and regulations and must work with regulators and other stakeholders to ensure that ethical principles are being upheld |
| Implementation barriers | Invest in training, project management tools, and stakeholder engagement frameworks to address technical and organizational barriers |
| Real-time application | Rely on robust infrastructure to support real-time processing, fault tolerance, and low-latency data exchanges |
On the other hand, to achieve these solutions for the future of ethics in healthcare systems, we must develop an autonomous (self-management) model for the components of these applications. These components include communication systems (media), physical components, network equipment, and storage devices. This model will be discussed in the next section.
3.2 The role of employing ethics in healthcare applications
To support the integration of ethics into the design and implementation of healthcare systems, this section connects specific ethical challenges to their enabling tools. Rather than reiterating general communication principles, we present how privacy, fairness, and consent are operationalized through mechanisms such as encryption, audit logs, consent forms, and role-based access control [13, 14, 28, 29].
Based on what has been discussed in Table 2, creating a model for ethical healthcare applications depends on providing at least one tool for each proposal. It also requires knowing the correct place to put that tool in the appropriate Layer of the proposed model.
Tools expected to be used in the proposed model for trustworthy and ethical healthcare systems
| Challenges | Tools used |
|---|---|
| Privacy and confidentiality | Encryption, Secure Data Storage, Access Control, Data Anonymization, Data Protection Agreements, Pseudonymization, and Privacy-Preserving Technologies to enhance patient data security and ensure compliance with regulations like GDPR |
| Data ownership and control | Transparency and Accountability, Data Governance Frameworks, Data Privacy and Security Tools, Data Management Platforms, Identity and Access Management Systems, Audit and Compliance Tools, Blockchain Technology |
| Bias and discrimination | Fairness and Bias Detection Algorithms, Explainable AI (XAI), Data Governance Policies, User and Patient Engagement, Independent Oversight Mechanisms |
| Informed consent | Privacy Notices, Electronic Consent Forms, Secure Messaging Systems, Decision-Making Software, EHRs |
| Interoperability | Standardized Data Exchange Formats (e.g., HL7, FHIR), HIE Networks, Clinical Document Architecture (CDA), Application Programming Interfaces (APIs) |
| Legal and regulatory framework | Privacy and Security Policies, EHR Systems, Compliance Management Software, Audit Trails, Contract Management Software |
| Implementation barriers | Change Management Tools, Project Management Software, Stakeholder Engagement Frameworks, Data Analytics Tools, IT Support Systems, Continuous Improvement Methodologies |
| Real-time application | Infrastructure Supporting High Availability and Real-Time Data Processing, Fault-Tolerant Systems, Lightweight Encryption Protocols for Internet of Things (IoT) Devices, Real-Time Monitoring Tools |
| Challenges | Tools used |
|---|---|
| Privacy and confidentiality | Encryption, Secure Data Storage, Access Control, Data Anonymization, Data Protection Agreements, Pseudonymization, and Privacy-Preserving Technologies to enhance patient data security and ensure compliance with regulations like GDPR |
| Data ownership and control | Transparency and Accountability, Data Governance Frameworks, Data Privacy and Security Tools, Data Management Platforms, Identity and Access Management Systems, Audit and Compliance Tools, Blockchain Technology |
| Bias and discrimination | Fairness and Bias Detection Algorithms, Explainable AI (XAI), Data Governance Policies, User and Patient Engagement, Independent Oversight Mechanisms |
| Informed consent | Privacy Notices, Electronic Consent Forms, Secure Messaging Systems, Decision-Making Software, EHRs |
| Interoperability | Standardized Data Exchange Formats (e.g., HL7, FHIR), HIE Networks, Clinical Document Architecture (CDA), Application Programming Interfaces (APIs) |
| Legal and regulatory framework | Privacy and Security Policies, EHR Systems, Compliance Management Software, Audit Trails, Contract Management Software |
| Implementation barriers | Change Management Tools, Project Management Software, Stakeholder Engagement Frameworks, Data Analytics Tools, IT Support Systems, Continuous Improvement Methodologies |
| Real-time application | Infrastructure Supporting High Availability and Real-Time Data Processing, Fault-Tolerant Systems, Lightweight Encryption Protocols for Internet of Things (IoT) Devices, Real-Time Monitoring Tools |
However, developing trustworthy and ethical healthcare systems is a pivotal component in the advancement of Industry 4.0 and 5.0. Presently, there lacks a comprehensive model that adequately addresses all ethical considerations, primarily due to the pressing need for a robust network architecture facilitating rapid data transfer and processing [2]. Additionally, a unified system integrating all regulatory and policy-related aspects across the healthcare spectrum remains absent.
4. The proposed model for trustworthy and ethical-based health care systems
The proposed ethical-healthcare model secures patient data across privacy, governance, AI, and interoperability domains (Figure 3). Authorized users access records via encrypted channels fortified with anomaly-detection, pattern-recognition, and predictive-analytics engines. Firewalls, antivirus tools, and sensor-level encryption protect networked devices; real-time auditing and compliance modules enforce HIPAA/GDPR requirements and flag violations immediately [2].
The diagram is divided into two main sections. The top section, labeled “Data Security Management Architecture,” is enclosed in a rectangle. Inside this, on the left is a box labeled “User interface,” which includes the four vertically stacked boxes connected by double-headed arrows: “M F A,” “Digital Contract,” “E H R,” and “H I P A A.” In the middle, a box “A I Supervision,” and it includes the six vertically stacked boxes connected by double-headed arrows: “Practice management software,” “Data analytics,” “Blockchain-Based HIEs,” “Auditing,” and “Firewalls.” On the right, a box is labeled “Clinical Interface,” and it includes the four vertically stacked boxes connected by double-headed arrows: “H L 7,” “E H R,” “Data governance policies (H I P A A),” and “Contract management software.” A central database, labeled “User records,” is connected to the “A I Supervision” box via a headed arrow. An arrow from H I P A A in “User Interface” points to the “A I Supervision” box. Arrows from “H I P A A” in “User Interface” and “A U Supervision” point to an orange box at the bottom labeled “Digital-care organizations notification.” Arrows from “Contract management software” in “User Interface” point to another orange box labeled “Patient notifications” and “A I Supervision” box. The bottom section of the diagram illustrates the flow of data from a human figure to a laptop. The human figure has sensors for “Pulse rate,” “E C G,” and “Blood pressure.” These sensors are connected to a device with locks symbolizing “Privacy and Confidentiality.” The data then flows through two connected routers and the “Internet.” It is then managed by a “Mobility Management” server, which also connects to the “Internet” before reaching a laptop. All these connections are depicted with locks, indicating secure operations on the data. The overall flow from the human figure to the laptop is labeled “Operations on the data.” Arrows flow from “Internet” to the “User records” database in the top section, representing data flow.”The proposed model for trustworthy and ethical-based health care systems. Source: Author’s own work
The diagram is divided into two main sections. The top section, labeled “Data Security Management Architecture,” is enclosed in a rectangle. Inside this, on the left is a box labeled “User interface,” which includes the four vertically stacked boxes connected by double-headed arrows: “M F A,” “Digital Contract,” “E H R,” and “H I P A A.” In the middle, a box “A I Supervision,” and it includes the six vertically stacked boxes connected by double-headed arrows: “Practice management software,” “Data analytics,” “Blockchain-Based HIEs,” “Auditing,” and “Firewalls.” On the right, a box is labeled “Clinical Interface,” and it includes the four vertically stacked boxes connected by double-headed arrows: “H L 7,” “E H R,” “Data governance policies (H I P A A),” and “Contract management software.” A central database, labeled “User records,” is connected to the “A I Supervision” box via a headed arrow. An arrow from H I P A A in “User Interface” points to the “A I Supervision” box. Arrows from “H I P A A” in “User Interface” and “A U Supervision” point to an orange box at the bottom labeled “Digital-care organizations notification.” Arrows from “Contract management software” in “User Interface” point to another orange box labeled “Patient notifications” and “A I Supervision” box. The bottom section of the diagram illustrates the flow of data from a human figure to a laptop. The human figure has sensors for “Pulse rate,” “E C G,” and “Blood pressure.” These sensors are connected to a device with locks symbolizing “Privacy and Confidentiality.” The data then flows through two connected routers and the “Internet.” It is then managed by a “Mobility Management” server, which also connects to the “Internet” before reaching a laptop. All these connections are depicted with locks, indicating secure operations on the data. The overall flow from the human figure to the laptop is labeled “Operations on the data.” Arrows flow from “Internet” to the “User records” database in the top section, representing data flow.”The proposed model for trustworthy and ethical-based health care systems. Source: Author’s own work
Clinical, patient, and data-processing interfaces interact through blockchain audit trails and smart contracts that automate policy checks, preserving transparency and trust. For researchers, the platform offers GDPR/HIPAA-compliant pipelines that share anonymized datasets without exposing identities, supporting continuous improvement while safeguarding privacy.
4.1 Clinical interface
In the clinical interface, patient-data communication adheres to three key regulations. First, EHR systems employ robust security measures, including encryption, two-factor authentication [30], and access controls, ensuring compliance with privacy and security regulations. Encryption is implemented using AES-256 for data at rest and TLS for data in transit, ensuring end-to-end security. Multi-factor authentication (MFA) and Role-Based Access Controls (RBAC) are enforced at the user level to prevent unauthorized access.
Secondly, data governance policies establish rules and procedures for managing and safeguarding sensitive patient data [31]. These policies cover areas such as data access, storage, sharing, and disposal, and facilitate compliance with regulations like HIPAA. They enhance trust, reduce risks, and support informed healthcare decision-making. Automated compliance tools are integrated into the EHR system to continuously check that these policies are followed during all data interactions. For instance, violations are flagged by monitoring tools that track access logs and compare user activity against predefined policies.
Thirdly, contract management systems [32] automate and streamline agreements between clinical organizations and stakeholders, improving efficiency, visibility, and compliance. These systems leverage blockchain for immutable documentation of agreements and automated auditing of compliance requirements, ensuring that contractual obligations are met transparently and securely.
Real-time auditing tools and machine learning algorithms have been incorporated to monitor and analyze compliance, ensuring prompt detection and resolution of any violations. These tools use anomaly detection techniques, identifying deviations from typical user behavior patterns or system usage to immediately alert relevant stakeholders.
4.2 Patient interface
The patient interface uses the same regulatory framework as the clinical interface but is tailored to reflect the terms of the contract between patients and the companies responsible for storing their data. In addition to ensuring compliance, blockchain technology underpins the patient interface to provide an immutable record of all data transactions. This ensures transparency by allowing patients to view who accessed their data, when, and for what purpose. Furthermore, a secure and interactive consent management system actively involves patients in decision-making processes concerning their data.
This interface ensures patients are informed of any violations and enables them to manage their data permissions easily, fostering greater engagement and trust in healthcare systems. Consent management is operationalized through smart contracts, which automate the process of granting, revoking, and tracking permissions based on patient inputs. Notifications of data access or violations are delivered via secure channels to keep patients informed in real time.
4.3 Data processing interface
Once users are verified, patients or clinicians can analyse records to support decisions through data-driven algorithms [33]. Yet authorized staff may still breach policy [34]. Practice-management software which covers appointments, records, billing, and reporting raises efficiency and care quality. Next, a federated training interface keeps data local while jointly updating models, avoiding raw transfers. Behaviour-monitoring modules use anomaly detection to flag unusual downloads or access times and send instant alerts. Automated notices inform patients and staff of any breach, while analytics guided by explainable auditing standards such as Explainable AI (XAI) [35] reveal operational barriers.
Health-information-exchange networks boost interoperability, secured by Transport Layer Security (TLS) and standards like HL7 and FHIR [36]. Firewalls with real-time malware detection plus audit logs enforce compliance. Incidents are triaged by a risk-score ladder (critical, high, medium, low) that drives escalation.
The following algorithm sequences these functions, ensuring patient data are handled securely and ethically.
Data Security Management Framework Operation. (Source: Authors’ own work)
BEGIN
// Initialization of components based on the flowchart architecture
INITIALIZE UserInterface with DigitalContract, EHR, HIPAA
INITIALIZE AISupervision with PracticeManagementSoftware, DataAnalytics, HIEs, Auditing, Firewalls
INITIALIZE AccessControlModule with MFA and RBAC
INITIALIZE ClinicalInterface with EHR, DataGovernancePolicies, ContractManagementSoftware
INITIALIZE Notifications for DigitalCareOrganizations and Patients
INITIALIZE DataStorage for UserRecords
// Process user interactions and data flow
FUNCTION ProcessUserInteraction
CHECK compliance with DigitalContract
VERIFY adherence to EHR standards.
CHECK role-based access permissions via the AccessControlModule
ENSURE HIPAA regulations are met
IF any compliance check fails
NOTIFY user and log incident.
ELSE
SEND data to AISupervision for further processing
ENDIF
END FUNCTION
// Supervise data with AI and ensure security
FUNCTION SuperviseDataWithAI
RECEIVE data from UserInterface
ANALYZE data using PracticeManagementSoftware and DataAnalytics
EXCHANGE data securely using HIEs
AUDIT data trails with Auditing tools
PROTECT data integrity with Firewalls
IF any anomalies are detected
NOTIFY ClinicalInterface and initiate security protocols
ELSE
STORE analyzed data in DataStorage
ENDIF
END FUNCTION
// Manage clinical data and enforce data governance policies
FUNCTION ManageClinicalData
RETRIEVE patient data from DataStorage
APPLY DataGovernancePolicies as per HIPAA
MANAGE contracts using ContractManagementSoftware
IF data governance is violated
NOTIFY DigitalCareOrganizations and Patients
ELSE
UPDATE EHR with new clinical data
ENDIF
END FUNCTION
// Main algorithm flow
CALL ProcessUserInteraction for each user action
CALL SuperviseDataWithAI for data received from UserInterface
CALL ManageClinicalData for data to be used clinically
END
The algorithm sets out the key steps of the Data Security Management Architecture, ensuring patient data meets ethical and legal standards at every stage. It strengthens breach detection, safeguards information, and weaves digital ethics principles covering privacy, security, access, and broader social impact into healthcare technology. Penalties and enforcement details fall outside this manuscript’s scope.
5. Evaluating open issues for healthcare systems
In this part, the security analysis of the proposed model will be discussed by testing it on several types of attacks and analyzing the ability of the proposed model to resist them. Furthermore, open issues will be discussed and analyzed based on the proposed model design.
5.1 Attack model
The following Table 3 shows some of the types of attacks that patient data can be exposed to in healthcare applications and the Autonomous- Countermeasures provided by a proposed system.
Attacks and security system provided by the proposed model
| Attack | Countermeasures |
|---|---|
| Insider threats | Insider threats involve healthcare workers accidently or intentionally leaking patient data. For example, in 2019, a healthcare worker in the US accessed the electronic medical records of over 1,000 patients without authorization. Such breaches highlight the need for robust access controls. The proposed system employs access controls, multi-factor authentication, and role-based access, which prevent unauthorized access. Furthermore, HIPAA mandates user activity monitoring, and Contract Management Software verifies user authority, ensuring compliance with regulations. Any violations trigger immediate notifications to the patient and organization, while logging all user actions for auditing |
| Social engineering | Social engineering attacks manipulate individuals into disclosing sensitive information. An example is phishing emails targeting healthcare workers to obtain login credentials. The proposed system counters such threats with HIPAA security policies, incident response plans, and robust two-factor authentication mechanisms. Training healthcare staff on identifying phishing attempts is also a crucial preventive measure |
| Man-in-the-middle | Man-In-The-Middle (MITM) attacks involve intercepting data during transmission. For instance, attackers might intercept patient data between a wearable device and the healthcare system. The proposed system addresses these vulnerabilities using encryption protocols such as TLS for data in transit and end-to-end authentication to prevent unauthorized access. Additionally, real-time network monitoring tools detect and mitigate such attacks promptly |
| Adversarial attacks | Adversarial attacks manipulate input data to mislead AI systems, whereas data poisoning injects malicious data into training datasets. For example, an adversary might alter vital signs transmitted from a wearable device to influence diagnoses. The proposed system mitigates these risks with anomaly detection algorithms, firewall monitoring, and strict data validation protocols. These measures ensure that manipulated or malicious data is identified and flagged before integration into AI processes |
| Data poisoning attacks | This attack injects malicious data into AI algorithm training, causing incorrect predictions. EHR’s user-level access controls, Firewall data analysis (monitoring and detection), and auditing processes help prevent this. HIE system ensures credibility with other organizations handling the data, preventing malicious injections |
| Malicious software | Malicious software (malware) installations on healthcare devices risk exposing patient data. To combat this, the system employs firewall-based packet filtering, anti-malware solutions, and secure software update mechanisms. Incident response plans further ensure that any detected malware is neutralized quickly, minimizing potential harm |
| Attack | Countermeasures |
|---|---|
| Insider threats | Insider threats involve healthcare workers accidently or intentionally leaking patient data. For example, in 2019, a healthcare worker in the US accessed the electronic medical records of over 1,000 patients without authorization. Such breaches highlight the need for robust access controls. The proposed system employs access controls, multi-factor authentication, and role-based access, which prevent unauthorized access. Furthermore, HIPAA mandates user activity monitoring, and Contract Management Software verifies user authority, ensuring compliance with regulations. Any violations trigger immediate notifications to the patient and organization, while logging all user actions for auditing |
| Social engineering | Social engineering attacks manipulate individuals into disclosing sensitive information. An example is phishing emails targeting healthcare workers to obtain login credentials. The proposed system counters such threats with HIPAA security policies, incident response plans, and robust two-factor authentication mechanisms. Training healthcare staff on identifying phishing attempts is also a crucial preventive measure |
| Man-in-the-middle | Man-In-The-Middle (MITM) attacks involve intercepting data during transmission. For instance, attackers might intercept patient data between a wearable device and the healthcare system. The proposed system addresses these vulnerabilities using encryption protocols such as TLS for data in transit and end-to-end authentication to prevent unauthorized access. Additionally, real-time network monitoring tools detect and mitigate such attacks promptly |
| Adversarial attacks | Adversarial attacks manipulate input data to mislead AI systems, whereas data poisoning injects malicious data into training datasets. For example, an adversary might alter vital signs transmitted from a wearable device to influence diagnoses. The proposed system mitigates these risks with anomaly detection algorithms, firewall monitoring, and strict data validation protocols. These measures ensure that manipulated or malicious data is identified and flagged before integration into AI processes |
| Data poisoning attacks | This attack injects malicious data into AI algorithm training, causing incorrect predictions. EHR’s user-level access controls, Firewall data analysis (monitoring and detection), and auditing processes help prevent this. HIE system ensures credibility with other organizations handling the data, preventing malicious injections |
| Malicious software | Malicious software (malware) installations on healthcare devices risk exposing patient data. To combat this, the system employs firewall-based packet filtering, anti-malware solutions, and secure software update mechanisms. Incident response plans further ensure that any detected malware is neutralized quickly, minimizing potential harm |
5.2 Case studies
Real-world incidents illustrate both the variety of threats facing healthcare and how the proposed trustworthy and ethically-based healthcare system can address them.
University of Utah Health, 2020 – Phishing on unprotected email accounts let attackers read 2.5 million patient records. trustworthy and ethically-based healthcare system’s multi-factor authentication, end-to-end encryption, real-time anomaly detection, and tamper-proof audit trail would have blocked the credential theft, flagged the abnormal log-ins, and preserved forensic evidence for swift response.
Insider misuse, 2019 – A staff member viewed more than 1,000 patients’ charts without clinical need. Context-aware access controls, continuous monitoring, and blockchain-logged audit events deter such behaviour and enable rapid investigation, while insider-threat analytics trigger alerts when usage strays from role expectations.
BC PharmaNet third-party breach, 2018 – A data-analytics contractor left prescription files on an open server. The proposed trustworthy and ethically-based healthcare system enforces contractual governance for external processors, signs every transaction on a shared ledger, and applies encryption in transit and at rest, containing exposure even if a partner’s storage is misconfigured.
Across these scenarios the greatest residual risk is still human—successful phishing, weak passwords, and poor security practice by staff or contractors. Regular, mandatory cyber-awareness training for employees and patients is therefore integral to the framework [37].
Trustworthy and ethically-based healthcare system weaves together EHR safeguards, HIPAA controls, machine-learning anomaly detectors, HIE integrations, and strict data-handling policies, delivering layered protection for data in storage, motion, and use. Nonetheless, deploying the model at scale demands reliable, low-latency networks, flexible authentication, and lightweight encryption for IoT endpoints. Software-defined networking offers a path to meet bandwidth and routing needs, while emerging cryptographic protocols aim to secure constrained devices [38, 39].
Open research questions remain: minimum data-rate requirements, IoT-friendly routing, adaptive real-time compliance engines, and AI defences that keep pace with evolving threats. Legal frameworks must also clarify duties and penalties when automated alerts reveal a breach. Addressing these gaps will further strengthen the ethical, trustworthy operation of modern healthcare platforms.
6. Conclusion and future research
The development of trustworthy and ethically driven healthcare systems is essential for advancing patient care while addressing challenges in privacy, security, and ethical data management. This paper presents a hierarchical model that combines components such as EHRs, HIEs, HIPAA compliance, firewalls, and machine learning algorithms, collectively ensuring the secure and ethical handling of patient data. A central aspect of this work is the trustworthy and ethically-based healthcare platform, conceptualized as a framework integrating advanced authentication mechanisms, stringent data governance protocols, and AI-powered monitoring systems. The proposed trustworthy and ethically-based healthcare system enhances data protection by mitigating cyber threats and unauthorized access. However, its late introduction in the discussion section highlights the need for earlier contextualization to improve coherence with the broader framework. The model’s efficacy was demonstrated through case studies addressing threats such as phishing, insider breaches, and data misuse. These evaluations underscore its ability to safeguard sensitive information. Nonetheless, human vulnerabilities, particularly susceptibility to phishing and social engineering attacks, remain a significant concern. Addressing these requires cybersecurity training for healthcare professionals and patients to foster a culture of accountability and vigilance.
Future research directions include practical implementation strategies, scalability assessments, and the development of lightweight encryption protocols adaptable to IoT devices. Additionally, operationalizing the trustworthy and ethically-based healthcare platform as a fully realized framework will advance secure and ethically compliant healthcare systems, enabling seamless integration into real-world healthcare environments.

