Assuring Trustworthy Data: A Dual-Criteria Analysis of Anonymization and System Reliability in Digital Health (A Systematic Review)
Resumo
Research Context: The Digital Health sector faces the critical challenge of reconciling clinical data privacy with system reliability and utility. The risk in Brazil is high; the sector is the most targeted by ransomware, facing catastrophic financial losses. Scientific and/or Practical Problem: A persistent gap exists in the literature concerning the systematic evaluation of how anonymization techniques impact integrity and the lack of consensus on the dual criteria (technical and sociotechnical) necessary to assess effectiveness in Health Information Systems (HIS). Proposed Solution and/or Analysis: A Systematic Literature Review (SLR) mapped anonymization techniques (RQ1), analyzed their reliability impact (RQ1.1), and identified formal criteria for user trust (RQ2), addressing the core privacy-utility dilemma. Related IS Theory: The study is based on the Sociotechnical Systems Theory (SST), recognizing that anonymization and reliability are outcomes of integrating technology with critical social factors, including governance and user trust. The research aligns with GranDSI-BR Challenges 2 and 4. Research Method: The SLR followed Kitchenham and PRISMA guidelines, utilizing the PICOC model. The search across four major databases yielded 20 high-quality articles published between 2020 and 2025. Summary of Results: Dominant techniques are Blockchain and Federated Learning (FL), substantially enhancing data integrity and the privacy-utility balance. Reliability is dually assessed by Technical criteria (e.g., Re-identification Risk) and Sociotechnical criteria (e.g., Governance, Public Perception). Contributions and Impact to IS area: The study consolidates a theoretical and empirical framework on anonymization’s influence on reliability, meeting GranDSI-BR Challenges 2 and 4. It offers practical subsidies for managers and regulators in designing verifiable and trustworthy digital health systems.Referências
Anusuya, R. and et al. (2022). Privacy-preserving blockchain-based ehr using zk-snarks. In Raman, I. and et al., editors, Computational intelligence, cyber security and computational models. Springer.
Boscarioli, C., Araujo, R. M., and Maciel, R. S. P. (2017). I GranDSI-BR – Grand Research Challenges in Information Systems in Brazil 2016–2026. Special Committee on Information Systems (CE-SI), Brazilian Computer Society (SBC).
Camêlo, M. and Alves, C. (2023). G-priv: Um guia para apoiar a especificação de requisitos de privacidade em conformidade com a lgpd. iSys - Brazilian Journal of Information Systems, 16.
Carvalho, L. P., Oliveira, J., Santoro, F. M., and Cappelli, C. (2021). Social network analysis, ethics and lgpd, considerations in research. iSys - Brazilian Journal of Information Systems, 14(2):28–52.
Chenthara, S. and et al. (2020). Healthchain: a novel framework on privacy preservation of electronic health records using blockchain technology. PLOS ONE.
Churi, P. and Pawar, A. (2024). Rubac: proposed access control for flexible utility–privacy model in healthcare. SN Computer Science, 5:297.
Dotter, C. and et al. (2025). Sharing health data for research purposes: results of a population survey in germany. BMC Health Services Research, 25:699.
Fakeeroodeen, Y. N. and Beeharry, Y. (2021). Hybrid data privacy and anonymization algorithms for smart health applications. SN Computer Science, 2(126).
Herwanto, G. B. and et al. (2024). Integrating contextual integrity in privacy requirements engineering: a study case in personal e-health applications. In Phillipson, F., Eichler, G., Erfurth, C., and Fahrnberger, G., editors, Innovations for Community Services. I4CS 2024, Communications in Computer and Information Science, v. 2109. Springer, Cham.
Kaspersky (2025). Novo estudo mostra aumento das vítimas de ransomware no Brasil. [link].
Kathole, A. B., Patil, S. D., Kumbhare, S., and et al. (2024). Electronic health records protection strategy by using blockchain approach. Multimedia Tools and Applications, 83:86883–86894.
Khaled, O. and Ali, A. F. (2025). Using blockchain and smart contracts to secure medical data management system. In Abdelgawad, A., Jamil, A., and Hameed, A. A., editors, Intelligent systems, blockchain, and communication technologies. ISBCom 2024, Lecture Notes in Networks and Systems, v. 1268. Springer, Cham.
Kitchenham, B. and Charters, S. (2007). Guidelines for performing systematic literature reviews in software engineering. Technical report, Keele University and University of Durham.
Kumar, P. C., Zimmer, M., and Vitak, J. (2024). A roadmap for applying the contextual integrity framework in qualitative privacy research. In Proceedings of the ACM on Human-Computer Interaction, volume 8, pages 1–29.
Madhavi, M., Sasirooba, T., and Kumar, G. K. (2024). Securing sensitive medical information with basic and pre-large coati optimization algorithm for e-health system data sanitation. Wireless Personal Communications, 136:1261–1281.
Moher, D., Liberati, A., Tetzlaff, J., Altman, D. G., and Group, P. (2009). Preferred reporting items for systematic reviews and meta-analyses: the prisma statement. Annals of Internal Medicine, pages 264–269.
Monteiro, M. and et al. (2024). Patterns of data anonymization. In Proceedings of the 29th European Conference on Pattern Languages of Programs, People, and Practices (EuroPLoP ’24), pages 1–9, New York. Association for Computing Machinery.
Mumford, E. (2006). The story of socio-technical design: Reflections on its successes, failures and potential. Inf. Syst. J., 16:317–342.
Ponemon Institute and IBM (2025). Relatório do custo das violações de dados 2025: A lacuna na supervisão da ia (resumo executivo). [link].
Purohit, R. M., Verma, J. P., Jain, R., and et al. (2025). Fedblocks: federated learning and blockchain-based privacy-preserved pioneering framework for iot healthcare using ipfs in web 3.0 era. Cluster Computing, 28:139.
Queiroz, M. J., Lino, N. C. Q., and Motta, G. H. M. B. (2016). Uma ontologia de domínio para preservação de privacidade em dados publicados pelo governo brasileiro. In Anais do XII Simpósio Brasileiro de Sistemas de Informação (SBSI), pages 009–016, Florianópolis, SC. Sociedade Brasileira de Computação (SBC).
Raghav, N. and Bhola, A. K. (2023). Healthcare framework for privacy-preserving based on hyperledger fabric. In Marriwala, N., Tripathi, C., Jain, S., and Kumar, D., editors, Mobile Radio Communications and 5G Networks, Lecture Notes in Networks and Systems, v. 588. Springer, Singapore.
Sami, K. T. and Toorani, M. (2024). Blockchain-based access control for electronic health records. In Abie, H., Gkioulos, V., Katsikas, S., and Pirbhulal, S., editors, Secure and Resilient Digital Transformation of Healthcare. SUNRISE 2023, Communications in Computer and Information Science, v. 1884. Springer, Cham.
Sposito, S. L., Sales, R. d. S., Canedo, E. D., and Silva, G. R. S. (2024). An anonymization library for rapid and diverse anonymization of brazilian personal data. In Concurso De Trabalhos De Conclusão De Curso Em Sistemas De Informação - Simpósio Brasileiro De Sistemas De Informação (SBSI ’24), pages 192–201, Porto Alegre. Sociedade Brasileira de Computação.
Tian, Y. and et al. (2024). Robust and privacy-preserving decentralized deep federated learning training: focusing on digital healthcare applications. IEEE/ACM Transactions on Computational Biology and Bioinformatics, 21(4):890–901.
Tseng, F. P. and et al. (2025). Patient privacy information retrieval with longformer and crf, followed by rule-based time information normalization: a dual-approach study. In Jonnagaddala, J., Dai, H. J., and Chen, C. T., editors, Large Language Models for Automatic Deidentification of Electronic Health Record Notes. IW-DMRN 2024, Communications in Computer and Information Science, v. 2148. Springer, Singapore.
Vovk, O., Piho, G., and Ross, P. (2021). Evaluation of anonymization tools for health data. In Bellatreche, L., Chernishev, G., Corral, A., Ouchani, S., and Vain, J., editors, Advances in Model and Data Engineering in the Digitalization Era. MEDI 2021, Communications in Computer and Information Science, v. 1481. Springer, Cham.
Watkins, M. and et al. (2023). Privacy-preserving data aggregation scheme for e-health. In Al-Sharafi, M. A. and et al., editors, Proceedings of the 2nd International Conference on Emerging Technologies and Intelligent Systems. ICETIS 2022, Lecture Notes in Networks and Systems, v. 573. Springer, Cham.
Wohlin, C., Runeson, P., Host, M., Ohlsson, M. C., Regnell, B., and Wesslen, A. (2012). Experimentation in Software Engineering. Springer, Berlin, Heidelberg.
Wu, H., Dwivedi, A. D., and Srivastava, G. (2021). Security and privacy of patient information in medical systems based on blockchain technology. ACM Transactions on Multimedia Computing, Communications, and Applications (TOMM), 17(2s):1–17.
Zala, K., Thakkar, H. K., Dholakia, N., and et al. (2024). Designing an attribute-based encryption scheme with an enhanced anonymity model for privacy protection in e-health. SN Computer Science, 5:203.
Boscarioli, C., Araujo, R. M., and Maciel, R. S. P. (2017). I GranDSI-BR – Grand Research Challenges in Information Systems in Brazil 2016–2026. Special Committee on Information Systems (CE-SI), Brazilian Computer Society (SBC).
Camêlo, M. and Alves, C. (2023). G-priv: Um guia para apoiar a especificação de requisitos de privacidade em conformidade com a lgpd. iSys - Brazilian Journal of Information Systems, 16.
Carvalho, L. P., Oliveira, J., Santoro, F. M., and Cappelli, C. (2021). Social network analysis, ethics and lgpd, considerations in research. iSys - Brazilian Journal of Information Systems, 14(2):28–52.
Chenthara, S. and et al. (2020). Healthchain: a novel framework on privacy preservation of electronic health records using blockchain technology. PLOS ONE.
Churi, P. and Pawar, A. (2024). Rubac: proposed access control for flexible utility–privacy model in healthcare. SN Computer Science, 5:297.
Dotter, C. and et al. (2025). Sharing health data for research purposes: results of a population survey in germany. BMC Health Services Research, 25:699.
Fakeeroodeen, Y. N. and Beeharry, Y. (2021). Hybrid data privacy and anonymization algorithms for smart health applications. SN Computer Science, 2(126).
Herwanto, G. B. and et al. (2024). Integrating contextual integrity in privacy requirements engineering: a study case in personal e-health applications. In Phillipson, F., Eichler, G., Erfurth, C., and Fahrnberger, G., editors, Innovations for Community Services. I4CS 2024, Communications in Computer and Information Science, v. 2109. Springer, Cham.
Kaspersky (2025). Novo estudo mostra aumento das vítimas de ransomware no Brasil. [link].
Kathole, A. B., Patil, S. D., Kumbhare, S., and et al. (2024). Electronic health records protection strategy by using blockchain approach. Multimedia Tools and Applications, 83:86883–86894.
Khaled, O. and Ali, A. F. (2025). Using blockchain and smart contracts to secure medical data management system. In Abdelgawad, A., Jamil, A., and Hameed, A. A., editors, Intelligent systems, blockchain, and communication technologies. ISBCom 2024, Lecture Notes in Networks and Systems, v. 1268. Springer, Cham.
Kitchenham, B. and Charters, S. (2007). Guidelines for performing systematic literature reviews in software engineering. Technical report, Keele University and University of Durham.
Kumar, P. C., Zimmer, M., and Vitak, J. (2024). A roadmap for applying the contextual integrity framework in qualitative privacy research. In Proceedings of the ACM on Human-Computer Interaction, volume 8, pages 1–29.
Madhavi, M., Sasirooba, T., and Kumar, G. K. (2024). Securing sensitive medical information with basic and pre-large coati optimization algorithm for e-health system data sanitation. Wireless Personal Communications, 136:1261–1281.
Moher, D., Liberati, A., Tetzlaff, J., Altman, D. G., and Group, P. (2009). Preferred reporting items for systematic reviews and meta-analyses: the prisma statement. Annals of Internal Medicine, pages 264–269.
Monteiro, M. and et al. (2024). Patterns of data anonymization. In Proceedings of the 29th European Conference on Pattern Languages of Programs, People, and Practices (EuroPLoP ’24), pages 1–9, New York. Association for Computing Machinery.
Mumford, E. (2006). The story of socio-technical design: Reflections on its successes, failures and potential. Inf. Syst. J., 16:317–342.
Ponemon Institute and IBM (2025). Relatório do custo das violações de dados 2025: A lacuna na supervisão da ia (resumo executivo). [link].
Purohit, R. M., Verma, J. P., Jain, R., and et al. (2025). Fedblocks: federated learning and blockchain-based privacy-preserved pioneering framework for iot healthcare using ipfs in web 3.0 era. Cluster Computing, 28:139.
Queiroz, M. J., Lino, N. C. Q., and Motta, G. H. M. B. (2016). Uma ontologia de domínio para preservação de privacidade em dados publicados pelo governo brasileiro. In Anais do XII Simpósio Brasileiro de Sistemas de Informação (SBSI), pages 009–016, Florianópolis, SC. Sociedade Brasileira de Computação (SBC).
Raghav, N. and Bhola, A. K. (2023). Healthcare framework for privacy-preserving based on hyperledger fabric. In Marriwala, N., Tripathi, C., Jain, S., and Kumar, D., editors, Mobile Radio Communications and 5G Networks, Lecture Notes in Networks and Systems, v. 588. Springer, Singapore.
Sami, K. T. and Toorani, M. (2024). Blockchain-based access control for electronic health records. In Abie, H., Gkioulos, V., Katsikas, S., and Pirbhulal, S., editors, Secure and Resilient Digital Transformation of Healthcare. SUNRISE 2023, Communications in Computer and Information Science, v. 1884. Springer, Cham.
Sposito, S. L., Sales, R. d. S., Canedo, E. D., and Silva, G. R. S. (2024). An anonymization library for rapid and diverse anonymization of brazilian personal data. In Concurso De Trabalhos De Conclusão De Curso Em Sistemas De Informação - Simpósio Brasileiro De Sistemas De Informação (SBSI ’24), pages 192–201, Porto Alegre. Sociedade Brasileira de Computação.
Tian, Y. and et al. (2024). Robust and privacy-preserving decentralized deep federated learning training: focusing on digital healthcare applications. IEEE/ACM Transactions on Computational Biology and Bioinformatics, 21(4):890–901.
Tseng, F. P. and et al. (2025). Patient privacy information retrieval with longformer and crf, followed by rule-based time information normalization: a dual-approach study. In Jonnagaddala, J., Dai, H. J., and Chen, C. T., editors, Large Language Models for Automatic Deidentification of Electronic Health Record Notes. IW-DMRN 2024, Communications in Computer and Information Science, v. 2148. Springer, Singapore.
Vovk, O., Piho, G., and Ross, P. (2021). Evaluation of anonymization tools for health data. In Bellatreche, L., Chernishev, G., Corral, A., Ouchani, S., and Vain, J., editors, Advances in Model and Data Engineering in the Digitalization Era. MEDI 2021, Communications in Computer and Information Science, v. 1481. Springer, Cham.
Watkins, M. and et al. (2023). Privacy-preserving data aggregation scheme for e-health. In Al-Sharafi, M. A. and et al., editors, Proceedings of the 2nd International Conference on Emerging Technologies and Intelligent Systems. ICETIS 2022, Lecture Notes in Networks and Systems, v. 573. Springer, Cham.
Wohlin, C., Runeson, P., Host, M., Ohlsson, M. C., Regnell, B., and Wesslen, A. (2012). Experimentation in Software Engineering. Springer, Berlin, Heidelberg.
Wu, H., Dwivedi, A. D., and Srivastava, G. (2021). Security and privacy of patient information in medical systems based on blockchain technology. ACM Transactions on Multimedia Computing, Communications, and Applications (TOMM), 17(2s):1–17.
Zala, K., Thakkar, H. K., Dholakia, N., and et al. (2024). Designing an attribute-based encryption scheme with an enhanced anonymity model for privacy protection in e-health. SN Computer Science, 5:203.
Publicado
25/05/2026
Como Citar
INOCÊNCIO, Giovana Nunes; MARTINA, Jean Everson.
Assuring Trustworthy Data: A Dual-Criteria Analysis of Anonymization and System Reliability in Digital Health (A Systematic Review). In: SIMPÓSIO BRASILEIRO DE SISTEMAS DE INFORMAÇÃO (SBSI), 22. , 2026, Vitória/ES.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2026
.
p. 1238-1256.
DOI: https://doi.org/10.5753/sbsi.2026.248772.
