-
Current Dermatology Reports 2021The purpose of review is to provide guidance on the use of social media within the context of dermatology and discuss its ethical, professional, and legal implications... (Review)
Review
PURPOSE OF REVIEW
The purpose of review is to provide guidance on the use of social media within the context of dermatology and discuss its ethical, professional, and legal implications in education, mentorship, networking, business, and clinical settings.
RECENT FINDINGS
Despite its fundamental value as a means of communication and knowledge sharing, social media carries legal, ethical, and professional challenges. Healthcare providers have run into issues such as misinformation, conflicts of interest, and overstepping patient-physician boundaries when using social media. An interesting finding is that dermatologists commonly engage with an online audience through social media marketing or being an influencer to improve business and extend their reach to clients; however, this warrants formal training and the need to monitor their own online presence to prevent legal consequences.
SUMMARY
Social media has become integral in everyday life; billions of people now receive information and stay connected with each other through social platforms. Within medicine, social media has enhanced various aspects of healthcare, such as professional networking, patient care, and patient education. In dermatology, social media allows dermatologists to promote their businesses and services through patient testimonials, posting advice on blogs, and networking with a large audience of potential patients. However, having a social media presence must be exercised with care, purpose, and transparency to maximize benefits and minimize harmful consequences. This is especially important when inappropriate social media posts by physicians can be scrutinized for breaching patient confidentiality, violating privacy, financial conflicts of interest, and possibly disseminating incorrect information.
PubMed: 34540357
DOI: 10.1007/s13671-021-00340-7 -
Annual International Conference of the... Jul 2022Mental health disorders, such as depression, affect a large and growing number of populations worldwide, and they may cause severe emotional, behavioral and physical...
Mental health disorders, such as depression, affect a large and growing number of populations worldwide, and they may cause severe emotional, behavioral and physical health problems if left untreated. As depression affects a patient's speech characteristics, recent studies have proposed to leverage deep-learning-powered speech analysis models for depression diagnosis, which often require centralized learning on the collected voice data. However, this centralized training requiring data to be stored at a server raises the risks of severe voice data breaches, and people may not be willing to share their speech data with third parties due to privacy concerns. To address these issues, in this paper, we demonstrate for the first time that speech-based depression diagnosis models can be trained in a privacy-preserving way using federated learning, which enables collaborative model training while keeping the private speech data decentralized on clients' devices. To ensure the model's robustness under attacks, we also integrate different FL defenses into the system, such as norm bounding, differential privacy, and secure aggregation mechanisms. Extensive experiments under various FL settings on the DAIC-WOZ dataset show that our FL model can achieve high performance without sacrificing much utility compared with centralized-learning approaches while ensuring users' speech data privacy. Clinical Relevance- The experiments were conducted on publicly available clinical datasets. No humans or animals were involved.
Topics: Depression; Humans; Learning; Privacy; Speech
PubMed: 36085955
DOI: 10.1109/EMBC48229.2022.9871861 -
Sensors (Basel, Switzerland) Sep 2023In smart cities, unmanned aerial vehicles (UAVS) play a vital role in surveillance, monitoring, and data collection. However, the widespread integration of UAVs brings...
In smart cities, unmanned aerial vehicles (UAVS) play a vital role in surveillance, monitoring, and data collection. However, the widespread integration of UAVs brings forth a pressing concern: security and privacy vulnerabilities. This study introduces the SP-IoUAV (Secure and Privacy Preserving Intrusion Detection and Prevention for UAVS) model, tailored specifically for the Internet of UAVs ecosystem. The challenge lies in safeguarding UAV operations and ensuring data confidentiality. Our model employs cutting-edge techniques, including federated learning, differential privacy, and secure multi-party computation. These fortify data confidentiality and enhance intrusion detection accuracy. Central to our approach is the integration of deep neural networks (DNNs) like the convolutional neural network-long short-term memory (CNN-LSTM) network, enabling real-time anomaly detection and precise threat identification. This empowers UAVs to make immediate decisions in dynamic environments. To proactively counteract security breaches, we have implemented a real-time decision mechanism triggering alerts and initiating automatic blacklisting. Furthermore, multi-factor authentication (MFA) strengthens access security for the intrusion detection system (IDS) database. The SP-IoUAV model not only establishes a comprehensive machine framework for safeguarding UAV operations but also advocates for secure and privacy-preserving machine learning in UAVS. Our model's effectiveness is validated using the CIC-IDS2017 dataset, and the comparative analysis showcases its superiority over previous approaches like FCL-SBL, RF-RSCV, and RBFNNs, boasting exceptional levels of accuracy (99.98%), precision (99.93%), recall (99.92%), and -Score (99.92%).
PubMed: 37836907
DOI: 10.3390/s23198077 -
Sensors (Basel, Switzerland) Nov 2023Biomedical Microelectromechanical Systems (BioMEMS) serve as a crucial catalyst in enhancing IoT communication security and safeguarding smart healthcare systems....
Biomedical Microelectromechanical Systems (BioMEMS) serve as a crucial catalyst in enhancing IoT communication security and safeguarding smart healthcare systems. Situated at the nexus of advanced technology and healthcare, BioMEMS are instrumental in pioneering personalized diagnostics, monitoring, and therapeutic applications. Nonetheless, this integration brings forth a complex array of security and privacy challenges intrinsic to IoT communications within smart healthcare ecosystems, demanding comprehensive scrutiny. In this manuscript, we embark on an extensive analysis of the intricate security terrain associated with IoT communications in the realm of BioMEMS, addressing a spectrum of vulnerabilities that spans cyber threats, data manipulation, and interception of communications. The integration of real-world case studies serves to illuminate the direct repercussions of security breaches within smart healthcare systems, highlighting the imperative to safeguard both patient safety and the integrity of medical data. We delve into a suite of security solutions, encompassing rigorous authentication processes, data encryption, designs resistant to attacks, and continuous monitoring mechanisms, all tailored to fortify BioMEMS in the face of ever-evolving threats within smart healthcare environments. Furthermore, the paper underscores the vital role of ethical and regulatory considerations, emphasizing the need to uphold patient autonomy, ensure the confidentiality of data, and maintain equitable access to healthcare in the context of IoT communication security. Looking forward, we explore the impending landscape of BioMEMS security as it intertwines with emerging technologies such as AI-driven diagnostics, quantum computing, and genomic integration, anticipating potential challenges and strategizing for the future. In doing so, this paper highlights the paramount importance of adopting an integrated approach that seamlessly blends technological innovation, ethical foresight, and collaborative ingenuity, thereby steering BioMEMS towards a secure and resilient future within smart healthcare systems, in the ambit of IoT communication security and protection.
Topics: Humans; Privacy; Computing Methodologies; Ecosystem; Micro-Electrical-Mechanical Systems; Quantum Theory; Communication; Delivery of Health Care; Computer Security
PubMed: 37960646
DOI: 10.3390/s23218944 -
Health Informatics Journal 2021Although data protection is compulsory when personal data is shared, there is no systematic method available to evaluate to what extent each individual is at risk of a...
Although data protection is compulsory when personal data is shared, there is no systematic method available to evaluate to what extent each individual is at risk of a privacy breach. We use a collection of measures that quantify how much information is needed to uncover sensitive information. Combined with visualization techniques, our approach can be used to perform a detailed privacy analysis of medical data. Because privacy is evaluated per variable, these adjustments can be made while incorporating how likely it is that these variables will be exploited to uncover sensitive information in practice, as is mandatory in the European Union. Additionally, the analysis of privacy can be used to evaluate to what extent knowledge on specific variables in the data can contribute to privacy breaches, which can subsequently guide the use of anonymization techniques, such as generalization.
Topics: Computer Security; Data Anonymization; Humans; Privacy
PubMed: 34075842
DOI: 10.1177/1460458220983398 -
Frontiers in Public Health 2023Digital health data collection is vital for healthcare and medical research. But it contains sensitive information about patients, which makes it challenging. To collect...
Digital health data collection is vital for healthcare and medical research. But it contains sensitive information about patients, which makes it challenging. To collect health data without privacy breaches, it must be secured between the data owner and the collector. Existing data collection research studies have too stringent assumptions such as using a third-party anonymizer or a private channel amid the data owner and the collector. These studies are more susceptible to privacy attacks due to third-party involvement, which makes them less applicable for privacy-preserving healthcare data collection. This article proposes a novel privacy-preserving data collection protocol that anonymizes healthcare data without using a third-party anonymizer or a private channel for data transmission. A clustering-based -anonymity model was adopted to efficiently prevent identity disclosure attacks, and the communication between the data owner and the collector is restricted to some elected representatives of each equivalent group of data owners. We also identified a privacy attack, known as "leader collusion", in which the elected representatives may collaborate to violate an individual's privacy. We propose solutions for such collisions and sensitive attribute protection. A greedy heuristic method is devised to efficiently handle the data owners who join or depart the anonymization process dynamically. Furthermore, we present the potential privacy attacks on the proposed protocol and theoretical analysis. Extensive experiments are conducted in real-world datasets, and the results suggest that our solution outperforms the state-of-the-art techniques in terms of privacy protection and computational complexity.
Topics: Humans; Privacy; Disclosure; Data Collection; Biomedical Research; Cluster Analysis
PubMed: 36935661
DOI: 10.3389/fpubh.2023.1125011 -
Sensors (Basel, Switzerland) Apr 2022Protecting the privacy of individuals is of utmost concern in today's society, as inscribed and governed by the prevailing privacy laws, such as GDPR. In serial data,...
Protecting the privacy of individuals is of utmost concern in today's society, as inscribed and governed by the prevailing privacy laws, such as GDPR. In serial data, bits of data are continuously released, but their combined effect may result in a privacy breach in the whole serial publication. Protecting serial data is crucial for preserving them from adversaries. Previous approaches provide privacy for relational data and serial data, but many loopholes exist when dealing with multiple sensitive values. We address these problems by introducing a novel privacy approach that limits the risk of privacy disclosure in republication and gives better privacy with much lower perturbation rates. Existing techniques provide a strong privacy guarantee against attacks on data privacy; however, in serial publication, the chances of attack still exist due to the continuous addition and deletion of data. In serial data, proper countermeasures for tackling attacks such as correlation attacks have not been taken, due to which serial publication is still at risk. Moreover, protecting privacy is a significant task due to the critical absence of sensitive values while dealing with multiple sensitive values. Due to this critical absence, signatures change in every release, which is a reason for attacks. In this paper, we introduce a novel approach in order to counter the composition attack and the transitive composition attack and we prove that the proposed approach is better than the existing state-of-the-art techniques. Our paper establishes the result with a systematic examination of the republication dilemma. Finally, we evaluate our work using benchmark datasets, and the results show the efficacy of the proposed technique.
Topics: Benchmarking; Humans; Privacy; Probability; Records
PubMed: 35408425
DOI: 10.3390/s22072811 -
Journal of Law and Medicine Dec 2023People with (a history of) hepatitis C have concerns about privacy and the confidentiality of their health information. This is often due to the association between...
People with (a history of) hepatitis C have concerns about privacy and the confidentiality of their health information. This is often due to the association between hepatitis C and injecting drug use and related stigma. In Australia, recent data breaches at a major private health insurer and legislative reforms to increase access to electronic health records have heightened these concerns. Drawing from interviews with people with lived experience of hepatitis C and stakeholders working in this area, this article explores the experiences and concerns of people with (a history of) hepatitis C in relation to the sharing of their health records. It considers the potential application of health privacy principles in the context of hepatitis C and argues for the development of guidelines concerning the privacy of health records held by health departments and public hospitals. Such principles might also inform reforms to legislation regarding access to health records.
Topics: Humans; Privacy; Electronic Health Records; Confidentiality; Hepacivirus; Hepatitis C
PubMed: 38459877
DOI: No ID Found -
International Journal of... 2019Telehealth is a great approach for providing high quality health care services to people who cannot easily access these services in person. However, because of...
BACKGROUND
Telehealth is a great approach for providing high quality health care services to people who cannot easily access these services in person. However, because of frequently reported health data breaches, many people may hesitate to use telehealth-based health care services. It is necessary for telehealth care providers to demonstrate that they have taken sufficient actions to protect their patients' data security and privacy. The government provided a HIPAA audit protocol that is highly useful for internal security and privacy auditing on health care systems, however, this protocol includes extensive details that are not always specific to telehealth and therefore is difficult to be used by telehealth practitioners.
OBJECTIVE
The goal of this study was to develop and validate a telehealth privacy and security self-assessment questionnaire for telehealth providers.
METHODS
In our previous work, we performed a systematic review on the security and privacy protection offered in various telehealth systems. The results from this systematic review and the HIPAA audit protocol were used to guide the development of the self-assessment questionnaire. The draft of the questionnaire was created by the research team and distributed to a group of telehealth providers for evaluating the relevance and clarity of each statement in the draft. The questionnaire was adjusted and finalized according to the collected feedback and face-to-face discussions by the research team. A website was created to distribute the questionnaire and manage the answers from study participants. A psychometric analysis was performed to evaluate the reliability of the questionnaire.
RESULTS
There were 84 statements in the draft questionnaire. Five telehealth providers provided their feedback to the statements in this draft. They indicated that a number of these statements were either redundant or beyond the capacity of telehealth care practitioners, who typically do not have formal training in information security. They also pointed out that the wording of some statements needed to be adjusted. The final released version of the questionnaire had 49 statements. In total, 31 telehealth providers across the nation participated in the study by answering all the statements in this questionnaire. The psychometric analysis indicated that the reliability of this questionnaire was high.
CONCLUSION
With the availability of this self-assessment questionnaire, telehealth providers can perform a quick self-assessment on their telehealth systems. The assessment results may be used to identify possible vulnerabilities in telehealth systems and practice or demonstrate to patients the sufficient security and privacy protection to patients' data.
PubMed: 31341542
DOI: 10.5195/ijt.2019.6276 -
The Journal of Law, Medicine & Ethics :... Mar 2020This article focuses on state privacy, security, and data breach regulation of mobile-app mediated health research, concentrating in particular on research studies...
This article focuses on state privacy, security, and data breach regulation of mobile-app mediated health research, concentrating in particular on research studies conducted or participated in by independent scientists, citizen scientists, and patient researchers. Prior scholarship addressing these issues tends to focus on the lack of application of the HIPAA Privacy and Security Rules and other sources of federal regulation. One article, however, mentions state law as a possible source of privacy and security protections for individuals in the particular context of mobile app-mediated health research. This Article builds on this prior scholarship by: (1) assessing state data protection statutes that are potentially applicable to mobile app-mediated health researchers; and (2) suggesting statutory amendments that could better protect the privacy and security of mobile health research data. As discussed in more detail below, all fifty states and the District of Columbia have potentially applicable data breach notification statutes that require the notification of data subjects of certain informational breaches in certain contexts. In addition, more than two-thirds of jurisdictions have potentially applicable data security statutes and almost one-third of jurisdictions have potentially applicable data privacy statutes. Because all jurisdictions have data breach notification statutes, these statutes will be assessed first.
Topics: Citizen Science; Computer Security; Confidentiality; Government Regulation; Humans; Mandatory Reporting; Mobile Applications; Research; Research Personnel; State Government; United States
PubMed: 32342742
DOI: 10.1177/1073110520917033