Patients and therapists felt that a home-based system could create a danger of allowing patients to have too much exercise, which can be demotivating and stop them from using it. There has to be a balance between protecting the stroke patient and not progressing their rehabilitation and giving too much exercise that is directly unsupervised.

The majority of patients described this as one of the most important factors in adhering to the exercises. The first prototype of the system used graphs as feedback. Patients did not find this helpful and required a simpler visual feedback system. Patients opted to see a ‘target movement’ next to their own movement. This allowed them to see how close their upper limb exercises were compared to an ideal movement. The smart system used a 3D graphic of a target movement, which was generally well received. One prototype of the system allowed patients to view the target movement and their own movement from three angles; however, patients found this unnecessary and overly complex. Patients agreed that they wanted an objective score of their movements and rehabilitation progress in addition to a display of their previous attempts over time. Finally, some patients reported that they would like the option to record their own notes. In the event of a fall at home or illness, they wanted a method to see if adverse conditions meant their rehabilitation was more difficult than usual.

Patients and therapists felt that all outcomes must be relevant to restoring upper limb function and activities of daily living as opposed to directly addressing impairments. The researchers found that displaying visual prompts to remind the patient to don the sensors was helpful to increase adherence. Patients also found providing a list of FAQs and a user manual with images and instructions of how to use the system helpful to aid their memory. Giving patients an example of the sensor output on the screen helped them to know if the system was working, and that they had donned the sensors in the correct position and on the correct limbs. In addition, colour coding the sensors for donning on the left and right arms helped to increase adherence to wearing the body sensors. Both patients and therapists felt engagement of family and/or carers in the development of any home-based rehabilitation system was vital, as they will often assist patient to do rehabilitation.

The StrokeBack system will consist of two parts:

The StrokeBack system is specific to upper limb rehabilitation and has been developed and tested during the performance of a subset of the ‘Wolf Motor Function Test’ (WMFT). The activities will encompass a wide range of levels of ability and functional tasks. The system generates extra impairment level data including: spasticity/stiffness, motor control, speed, smoothness, repeatability, fatigue and endurance, as well as effort put in.

The fundamental principle of the expert system is to become a diagnostic tool for the identification of key impairments, identified by analysis of data generated during the performance of standardised tasks. It offers a method of activity prescription. It consists of a BAN of external sensors, e.g. cameras with an aim to collect large amounts of rich highly informative data for real-time data analysis. Both real-time feedback and power consumption were not critical in this case.

The fundamental principles of the home-based system were the usability as a key to user adherence to prescriptions. The system was expected to be minimalistic and utilise a subset of the sensors allowing patients to easily interact with workstation activities. In this case, power consumption is critical, as well as the real-time data analysis and presentation.

One of the most controversial issues for PHRs is how the technology could threaten the privacy of patient information [9]. Network computer break-ins are becoming more common, thus storing medical information online can cause fear of the exposure of health information to unauthorised individuals. In addition to height, weight, blood pressure and other quantitative information about a patient’s physical body, medical records can reveal very sensitive information, including fertility, surgical procedures, emotional and psychological disorders, diseases, etc. Various threats exist to patient information confidentiality, example of are:

Unlike paper-based records that require manual control, digital health records are secured by technological tools. Rindfleisch [6] identifies three general classes of technological interventions that can improve security:

The extent of information security concerns surrounding PHRs extends beyond technological issues. Each transfer of information in treatment process must be authorised by patients even if it is for their benefit. No clearly defined architectural requirements and information use policies are yet available. While the trends and developments of ICT in healthcare have given rise to many positive developments, concerns about the use of ICT in user services mainly concentrate on the difficulty of respecting privacy and confidentiality when third parties may have a strong interest in getting access to personal health data electronically recorded and stored and difficulty in ensuring the security of shared personal data [10].

Therefore, the project is dedicated to respecting and protecting the personal data, considered as extremely sensitive since they refer to the identity and private life of the individual. It recognises the intent to create a potential for the circulation of personal data across local, national and professional borders, giving such data an enhanced European dimension, while respecting the principles of the European Convention of Human Rights, the rules of the Convention of the Council of Europe for the protection of individuals with regard to automatic processing of personal data and especially the European Directive 95/46/EC, for the protection of personal data will be strictly followed when addressing ethical issues.

Authentication and authorisation are two main means for allowing access for the user to a resource. Authentication involves such issues like identifying the user by means of either a simple login/password check to elaborate biometric analysis involving fingerprints, retina scans and voice and/or face recognition. Authorisation then performs checks whether a given user may be granted access to a given resource or not.

Such processes have been part of any secure system from the beginning of computing systems. Their complication has increased recently with the rapid growth of the amount of information resources and number of user accounts in each system, platform and/or network. This increases network administrators’ work on properly securing their network and databases against unauthorised access at the same time providing users’ with uninterrupted access to resources that they should be authorised to access.

However, currently employed methods for performing authentication and authorisation, in most cases, require user authentication every time he moves between resources stored on differently protected sites causing annoyance and loss of time. On the other hand, approach to authorising users based on user-resource association requires tedious administrators’ job to properly secure access to different resources and gives rise to frequent faults when users are either authorised to access resources that they should not have access to or not being able to access those that they should be able to.

This problem has been identified and addressed in almost all the systems since long time [17]. Administrators are offered means for specifying access rights per-user group, policy definition mechanisms and macros allowing them to simplify management of access right to both existing and new users. Despite the fact that these tools are used, the problems of authentication and authorisation still contain loop holes attributed mostly to human errors than to machine security as such. Our proposed seamless authentication and authorisation is aimed to simplify further the process of securing access to multiple-interconnected systems as well as making authorisation less prompt to faults.

Authentication is the process of authenticating a user across multiple account protected resources and platforms, i.e. agreeing between different authentication authorities means of establishing trust relationships and dependability for transferring users authentication status, i.e. checking that a user is who they claim to be. The process will include customisation of means of authentication whereby users will not be required to perform authentication while transferring from one trusted party to another using single authentication.

In the case of moving from a party with lower authentication requirements to one requiring higher level of authentication, user will only be required to perform extra security checks while accessing differently protected resources instead of performing the whole authentication process from the beginning. Approaches like this have been already proposed, most known being Windows Passport or Live Account [18], where user may move between sites that support this technology. However, such methods do not take into account differences between authentication means required by different sites. This limits applicability of technologies to social websites aiming to keep a record of users accessing their services.

Authorisation in computer terms refers to granting access to a resource to a given user. In most computer systems, granting access is related to belonging to a specific user group meant to allowing administrators defining single access rights rules for a group of users. However, this makes it very difficult when it comes to more per-user access granting, especially in systems with large number of user accounts. What we propose is to unify and simplify means of granting user access to given resources.

The process will define sets of resource authorisation dependencies whereby access to one resource may be implicitly granted upon prior-assigned access rights to another resource. This will allow removing the need for the security administrator to provide access rights to every user to every resource, instead concentrating on defining security interdependencies between resources and defining user access right only to key global resources. Note that this will not remove a possibility to explicitly grant or block access to a given resource to a given user, if required.

The PHR platform developed internally by Intracom S. A. Telecom Solutions, name intLIFE, has been enhanced and geared to diverse health application through a number of FP7-funded research projects, such as Artemis-CHIRON [19], ICT-PSP-NEXES [20], AAL-PAMAP [21], FP7-StrokeBack [22] and FP7-ARMOR [23]. Special adaptations have been geared to allow safe sharing of patients’ clinical data with appropriate measures, as described earlier, for the protection of private data, ensuring controlled access to it while ensuring that any data distributed cannot be traced back to the person from whom data has been taken from. This way a medical system based on PHR system could be safely applied for the purpose of deriving clinical models build from large amount of data for subsequently allowing more reliable feature-based clinical diagnosis on other patients and detection of conditions not possible earlier. In order to provide necessary privacy and security safeguards EHR/PHR, Vital Signs Monitoring and Management subsystems are all connected via secure and encrypted interfaces controlled via authentication, authorisation, and anonymising modules.