-
Briefings in Bioinformatics Mar 2020In recent times, the reduced cost of DNA sequencing has resulted in a plethora of genomic data that is being used to advance biomedical research and improve clinical... (Review)
Review
In recent times, the reduced cost of DNA sequencing has resulted in a plethora of genomic data that is being used to advance biomedical research and improve clinical procedures and healthcare delivery. These advances are revolutionizing areas in genome-wide association studies (GWASs), diagnostic testing, personalized medicine and drug discovery. This, however, comes with security and privacy challenges as the human genome is sensitive in nature and uniquely identifies an individual. In this article, we discuss the genome privacy problem and review relevant privacy attacks, classified into identity tracing, attribute disclosure and completion attacks, which have been used to breach the privacy of an individual. We then classify state-of-the-art genomic privacy-preserving solutions based on their application and computational domains (genomic aggregation, GWASs and statistical analysis, sequence comparison and genetic testing) that have been proposed to mitigate these attacks and compare them in terms of their underlining cryptographic primitives, security goals and complexities-computation and transmission overheads. Finally, we identify and discuss the open issues, research challenges and future directions in the field of genomic privacy. We believe this article will provide researchers with the current trends and insights on the importance and challenges of privacy and security issues in the area of genomics.
Topics: Computer Security; Genetic Privacy; Genome, Human; Genome-Wide Association Study; Genomics; Humans
PubMed: 30759195
DOI: 10.1093/bib/bbz013 -
Journal of Telemedicine and Telecare Apr 2023Data privacy in telemedicine has been extensively considered and reviewed in the literature, such as explorations of consent, who can access information, and the... (Review)
Review
Data privacy in telemedicine has been extensively considered and reviewed in the literature, such as explorations of consent, who can access information, and the security of electronic systems. However, privacy breaches are also a potential concern in the physical setting and surroundings of the patient. Here we review clinical situations in which there is unanticipated loss of privacy, as well as potential physical and psychological safety concerns for the patient and others when privacy is limited. We identify ethical concerns and explore the challenges of supporting full true autonomous decision-making in this situation. We close with preliminary recommendations at the patient, clinician, and systems levels to help ensure privacy is maintained.
Topics: Humans; Privacy; Telemedicine; Confidentiality
PubMed: 36349356
DOI: 10.1177/1357633X221134952 -
Nature Computational Science Mar 2021The growing number of health-data breaches, the use of genomic databases for law enforcement purposes and the lack of transparency of personal genomics companies are...
The growing number of health-data breaches, the use of genomic databases for law enforcement purposes and the lack of transparency of personal genomics companies are raising unprecedented privacy concerns. To enable a secure exploration of genomic datasets with controlled and transparent data access, we propose a citizen-centric approach that combines cryptographic privacy-preserving technologies, such as homomorphic encryption and secure multi-party computation, with the auditability of blockchains. Our open-source implementation supports queries on the encrypted genomic data of hundreds of thousands of individuals, with minimal overhead. We show that real-world adoption of our system alleviates widespread privacy concerns and encourages data access sharing with researchers.
PubMed: 38183193
DOI: 10.1038/s43588-021-00044-9 -
Nurse Education Today Nov 2023The healthcare industry has increasingly been targeted by cybercrime putting patients, organizations, and employees at risk for financial loss and breach of privacy....
BACKGROUND
The healthcare industry has increasingly been targeted by cybercrime putting patients, organizations, and employees at risk for financial loss and breach of privacy. Malware events compromise system integrity and patient privacy which could lead to delays in treatment, loss of patient data, inability to provide care, and increase in patient harm. In addition, these attacks may also compromise private and personal information for those targeted.
OBJECTIVE
Nurses represent a large portion of frontline healthcare workers and are uniquely positioned to help prevent cyber-attacks. Nursing curriculum should include education about the risks to patient safety from cybercrime and the nurse's role in preventing cybercrime. Nursing education has focused on hygiene for patient safety. Adding cyber hygiene to the essential practices of pre-licensure and advanced practice nurses is a first step to protecting patients, organizations, and employees from the repercussions of a healthcare cyber-attack.
Topics: Humans; Education, Nursing; Hygiene; Curriculum; Educational Status; Health Personnel
PubMed: 37595324
DOI: 10.1016/j.nedt.2023.105940 -
Risk Analysis : An Official Publication... Aug 2022Internet of things (IoT) business partnership are formed by technological partners and traditional manufacturers. IoT sensors and devices capture data from...
Internet of things (IoT) business partnership are formed by technological partners and traditional manufacturers. IoT sensors and devices capture data from manufacturers' products. Data enforce product/service innovation thanks to data sharing among companies. However, data sharing among firms increases the risk of data breaches. The latter is due to two phenomena: information linkage and privacy interdependency. Data Protection Authorities (DPA) protect data users' rights and fine firms if there is an infringement of privacy laws. DPA sanction the responsible for the infringement of privacy laws. We present two different business scenarios: the first occurs when each firm is a data owner; the second occurs when only the manufacturer is the data owner. For both scenarios, we present two fair penalty schemes that suggest the following: total amount of the fine; and how to share the fine among participants. Penalties critically vary at how innovation networks are structured in IoT industries. Our penalties provide incentives to data sharing since they redistribute firms' responsibility against data breaches. Our penalties may mitigate the risk on the manufacturer if is the unique responsible for data handling.
Topics: Computer Security; Humans; Information Dissemination; Internet of Things; Privacy; Social Responsibility
PubMed: 33368451
DOI: 10.1111/risa.13661 -
Journal of Medical Ethics Apr 2023Video recording is widely available in modern operating rooms. Here, I argue that, if patient consent and suitable technology are in place, video recording of surgery is...
Video recording is widely available in modern operating rooms. Here, I argue that, if patient consent and suitable technology are in place, video recording of surgery is an ethical duty. I develop this as a arguing for professional and institutional duties, as distinguished for A professional duty to protect is described in mental healthcare. Practitioners have to take reasonable steps to prevent serious, foreseeable harm to their clients and others, even if that entails a non-consensual breach of confidentiality. I argue surgeons have a similar duty to patients which means that, provided the patient consents, surgery should be routinely videoed. This avoids non-consensual breaches of patient confidentiality and is aligned with stated professional obligations.An institutional duty to protect means institutions have to take reasonable steps to prevent serious, foreseeable harm at the hands of their surgeons. Rulli and Millum highlighted how institutions can meet their duty using a more consequentialist approach that balances wider interests.To test the force and scope of such duties, I examine potential impacts of routine videoing on aspects of autonomy, justice, beneficence and non-maleficence. I find routine videoing can benefit areas including safety, candour, consent and fairness in access (to surgical careers and expertise). Countervailing claims, for example, on liability, confidentiality and privacy can be resisted-such that where consent and the technology are in place, routine videoing meets a In other words, its use should be standard of care.
Topics: Humans; Informed Consent; Confidentiality; Moral Obligations; Social Justice
PubMed: 35459741
DOI: 10.1136/medethics-2022-108171 -
Sensors (Basel, Switzerland) Sep 2022The overwhelming acceptance and growing need for Internet of Things (IoT) products in each aspect of everyday living is creating a promising prospect for the involvement... (Review)
Review
The overwhelming acceptance and growing need for Internet of Things (IoT) products in each aspect of everyday living is creating a promising prospect for the involvement of humans, data, and procedures. The vast areas create opportunities from home to industry to make an automated lifecycle. Human life is involved in enormous applications such as intelligent transportation, intelligent healthcare, smart grid, smart city, etc. A thriving surface is created that can affect society, the economy, the environment, politics, and health through diverse security threats. Generally, IoT devices are susceptible to security breaches, and the development of industrial systems could pose devastating security vulnerabilities. To build a reliable security shield, the challenges encountered must be embraced. Therefore, this survey paper is primarily aimed to assist researchers by classifying attacks/vulnerabilities based on objects. The method of attacks and relevant countermeasures are provided for each kind of attack in this work. Case studies of the most important applications of the IoT are highlighted concerning security solutions. The survey of security solutions is not limited to traditional secret key-based cryptographic solutions, moreover physical unclonable functions (PUF)-based solutions and blockchain are illustrated. The pros and cons of each security solution are also discussed here. Furthermore, challenges and recommendations are presented in this work.
Topics: Blockchain; Computer Security; Delivery of Health Care; Humans; Internet of Things
PubMed: 36236531
DOI: 10.3390/s22197433 -
EPJ Data Science 2021Data visualizations are a valuable tool used during both statistical analysis and the interpretation of results as they graphically reveal useful information about the...
Data visualizations are a valuable tool used during both statistical analysis and the interpretation of results as they graphically reveal useful information about the structure, properties and relationships between variables, which may otherwise be concealed in tabulated data. In disciplines like medicine and the social sciences, where collected data include sensitive information about study participants, the sharing and publication of individual-level records is controlled by data protection laws and ethico-legal norms. Thus, as data visualizations - such as graphs and plots - may be linked to other released information and used to identify study participants and their personal attributes, their creation is often prohibited by the terms of data use. These restrictions are enforced to reduce the risk of breaching data subject confidentiality, however they limit analysts from displaying useful descriptive plots for their research features and findings. Here we propose the use of anonymization techniques to generate privacy-preserving visualizations that retain the statistical properties of the underlying data while still adhering to strict data disclosure rules. We demonstrate the use of (i) the well-known -anonymization process which preserves privacy by reducing the granularity of the data using suppression and generalization, (ii) a novel deterministic approach that replaces individual-level observations with the centroids of each nearest neighbours, and (iii) a probabilistic procedure that perturbs individual attributes with the addition of random stochastic noise. We apply the proposed methods to generate privacy-preserving data visualizations for exploratory data analysis and inferential regression plot diagnostics, and we discuss their strengths and limitations.
PubMed: 33442528
DOI: 10.1140/epjds/s13688-020-00257-4 -
Psychological Services Nov 2017There is an increasing call to attend to the needs of students in distress (Reynolds, 2013). Furthermore, research has begun to highlight links between distress, risky,...
There is an increasing call to attend to the needs of students in distress (Reynolds, 2013). Furthermore, research has begun to highlight links between distress, risky, or dangerous behaviors as well as issues in mental health in the higher education population (Deasy, Coughlan, Pironom, Jourdan, & Mannix-McNamara, 2014). The National Alliance on Mental Health and the Jed Foundation (National Alliance on Mental Illness & the Jed Foundation, 2016) estimate that about 20% of enrolled college students will face some type of mental illness. As such, the work of mental health professionals, which has been increasing with time, will continue to play a pivotal role on today's campus (Kitzrow, 2009). Yet mental health in higher education is too pervasive and significant of a topic for counseling and psychological centers to handle by themselves (Joint Task Force in Student Learning, 1998; Mitchell et al., 2012). Therefore, a collaborative approach is warranted as higher education professionals strive to meet the increasing mental health demands of the student population. Case studies amalgamated from housing and residence life professionals are used to gain a greater understanding of how interdepartmental work is carried out without compromising or breaching ethical or legal regulations as set by the Family Educational Rights and Privacy Act, the Health Insurance Portability and Accountability Act, and/or organizational standards like that of the International Association of Counseling Services Inc. (International Association for Counseling Services Inc., 2014) Specifically, the cases demonstrate ways inter- and intradepartmental staffers can work as a team, safeguard private and confidential information, and concurrently create an environment in which care is nurtured. (PsycINFO Database Record
Topics: Adult; Confidentiality; Counseling; Health Insurance Portability and Accountability Act; Humans; Intersectoral Collaboration; Mental Disorders; Mental Health Services; Student Health Services; Students; United States; Universities; Young Adult
PubMed: 29120202
DOI: 10.1037/ser0000155 -
Human Genetics Aug 2018Canada's regulatory frameworks governing privacy and research are generally permissive of genomic data sharing, though they may soon be tightened in response to public... (Review)
Review
Canada's regulatory frameworks governing privacy and research are generally permissive of genomic data sharing, though they may soon be tightened in response to public concerns over commercial data handling practices and the strengthening of influential European privacy laws. Regulation can seem complex and uncertain, in part because of the constitutional division of power between federal and provincial governments over both privacy and health care. Broad consent is commonly practiced in genomic research, but without explicit regulatory recognition, it is often scrutinized by research or privacy oversight bodies. Secondary use of health-care data is legally permissible under limited circumstances. A new federal law prohibits genetic discrimination, but is subject to a constitutional challenge. Privacy laws require security safeguards proportionate to the data sensitivity, including breach notification. Special categories of data are not defined a priori. With some exceptions, Canadian researchers are permitted to share personal information internationally but are held accountable for safeguarding the privacy and security of these data. Cloud computing to store and share large scale data sets is permitted, if shared responsibilities for access, responsible use, and security are carefully articulated. For the moment, Canada's commercial sector is recognized as "adequate" by Europe, facilitating import of European data. Maintaining adequacy status under the new European General Data Protection Regulation (GDPR) is a concern because of Canada's weaker individual rights, privacy protections, and regulatory enforcement. Researchers must stay attuned to shifting international and national regulations to ensure a sustainable future for responsible genomic data sharing.
Topics: Canada; Computer Security; Databases, Genetic; Genetic Privacy; Genetic Research; Humans; Personally Identifiable Information
PubMed: 30014188
DOI: 10.1007/s00439-018-1905-0