Radio Frequency Identification (RFID) is a wireless technology that utilizes radio waves to automatically capture data for identifying and tracking objects and/or people. As the use of RFID has grown, so has the chorus of privacy invasions against this identity-aware technology. With the planned deployment and use of RFID in healthcare, there are concerns regarding the social, technological and regulatory complexity of the RFID technology vis-à-vis the requirements of the Health Insurance Portability and Accountability Act (HIPAA). In this paper we use the principles of Fair Information Practice (FIP) as a guideline to examine the design of Privacy Enhancing Technologies (PETs). The outcome shows that PETs fail to incorporate the FIP principles and the importance of examining the social aspect of this ubiquitous technology from a sociotechnical perspective. The socio-technical perspective, with its emphasis on the examination of complex relations among social and technical interactions of RFID, can provide a useful insight to assess the societal impact and changes to individual behavior that may arise from privacy concerns. We believe that, using the groundwork laid down in this study, future research along these directions could contribute significantly to addressing privacy concerns expressed about RFID in the context of healthcare.
Parks, Rachida; Yao, Wen; and Chu, Chao-Hsien, "RFID Privacy Concerns: A Conceptual Analysis in the Healthcare Sector" (2009). AMCIS 2009 Proceedings. 253.