-
Journal of Nuclear Medicine Technology Dec 2019The Health Insurance Portability and Accountability Act (HIPAA) of 1996 has made an impact on the operation of health-care organizations. HIPAA includes 5 titles, and... (Review)
Review
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 has made an impact on the operation of health-care organizations. HIPAA includes 5 titles, and its regulations are complex. Many are familiar with the HIPAA aspects that address protection of the privacy and security of patients' medical records. There are new rules to HIPAA that address the implementation of electronic medical records. HIPAA provides rules for protected health information (PHI) and what should be protected and secured. The privacy rule regulates the use and disclosure of PHI and sets standards that an entity working with health data must follow to protect patients' private medical information. The HIPAA security rule complements the privacy rule and requires entities to implement physical, technical, and administrative safeguards to protect the privacy of PHI. This article-part 1 of a 2-part series-is a refresher on HIPAA, its history, its rules, its implications, and the role that imaging professionals play.
Topics: Guideline Adherence; Health Information Exchange; Health Insurance Portability and Accountability Act; Privacy; United States
PubMed: 31182664
DOI: 10.2967/jnmt.119.227819 -
Nature Reviews. Genetics Jul 2022Recent developments in a variety of sectors, including health care, research and the direct-to-consumer industry, have led to a dramatic increase in the amount of... (Review)
Review
Recent developments in a variety of sectors, including health care, research and the direct-to-consumer industry, have led to a dramatic increase in the amount of genomic data that are collected, used and shared. This state of affairs raises new and challenging concerns for personal privacy, both legally and technically. This Review appraises existing and emerging threats to genomic data privacy and discusses how well current legal frameworks and technical safeguards mitigate these concerns. It concludes with a discussion of remaining and emerging challenges and illustrates possible solutions that can balance protecting privacy and realizing the benefits that result from the sharing of genetic information.
Topics: Genome; Genomics; Privacy
PubMed: 35246669
DOI: 10.1038/s41576-022-00455-y -
IEEE Transactions on Pattern Analysis... Feb 2022Multi-task learning (MTL) refers to the paradigm of learning multiple related tasks together. In contrast, in single-task learning (STL) each individual task is learned...
Multi-task learning (MTL) refers to the paradigm of learning multiple related tasks together. In contrast, in single-task learning (STL) each individual task is learned independently. MTL often leads to better trained models because they can leverage the commonalities among related tasks. However, because MTL algorithms can "leak" information from different models across different tasks, MTL poses a potential security risk. Specifically, an adversary may participate in the MTL process through one task and thereby acquire the model information for another task. The previously proposed privacy-preserving MTL methods protect data instances rather than models, and some of them may underperform in comparison with STL methods. In this paper, we propose a privacy-preserving MTL framework to prevent information from each model leaking to other models based on a perturbation of the covariance matrix of the model matrix. We study two popular MTL approaches for instantiation, namely, learning the low-rank and group-sparse patterns of the model matrix. Our algorithms can be guaranteed not to underperform compared with STL methods. We build our methods based upon tools for differential privacy, and privacy guarantees, utility bounds are provided, and heterogeneous privacy budgets are considered. The experiments demonstrate that our algorithms outperform the baseline methods constructed by existing privacy-preserving MTL methods on the proposed model-protection problem.
Topics: Algorithms; Learning; Privacy
PubMed: 32780696
DOI: 10.1109/TPAMI.2020.3015859 -
Sensors (Basel, Switzerland) Sep 2021Continuous authentication has been proposed as a possible approach for passive and seamless user authentication, using sensor data comprising biometric, behavioral, and... (Review)
Review
Continuous authentication has been proposed as a possible approach for passive and seamless user authentication, using sensor data comprising biometric, behavioral, and context-oriented characteristics. Since these are personal data being transmitted and are outside the control of the user, this approach causes privacy issues. Continuous authentication has security challenges concerning poor matching rates and susceptibility of replay attacks. The security issues are mainly poor matching rates and the problems of replay attacks. In this survey, we present an overview of continuous authentication and comprehensively discusses its different modes, and issues that these modes have related to security, privacy, and usability. A comparison of privacy-preserving approaches dealing with the privacy issues is provided, and lastly recommendations for secure, privacy-preserving, and user-friendly continuous authentication.
Topics: Biometry; Computer Security; Confidentiality; Privacy; Telemedicine
PubMed: 34502865
DOI: 10.3390/s21175967 -
Sensors (Basel, Switzerland) May 2022Under the Internet of Things paradigm, the emergence and use of a wide variety of connected devices and personalized telematics services have proliferated recently. As a... (Review)
Review
Under the Internet of Things paradigm, the emergence and use of a wide variety of connected devices and personalized telematics services have proliferated recently. As a result, along with the penetration of these devices in our daily lives, the users' security and privacy have been compromised due to some weaknesses in connected devices and underlying applications. This article focuses on analyzing the security and privacy of such devices to promote safe Internet use, especially by young people. First, the connected devices most used by the target group are classified, and an exhaustive analysis of the vulnerabilities that concern the user is performed. As a result, a set of differentiated security and privacy issues existing in the devices is identified. The study reveals that many of these vulnerabilities are related to the fact that device manufacturers often prioritize functionalities and services, leaving security aspects in the background. These companies even exploit the data linked to the use of these devices for various purposes, ignoring users' privacy rights. This research aims to raise awareness of severe vulnerabilities in devices and to encourage users to use them correctly. Our results help other researchers address these issues with a more global perspective.
Topics: Adolescent; Computer Security; Humans; Privacy
PubMed: 35684588
DOI: 10.3390/s22113967 -
Human Molecular Genetics Oct 2021Debates surrounding genetic privacy have taken on different forms over the past 30 years. Taking genetic privacy to mean an interest that individuals, families, or even... (Review)
Review
Debates surrounding genetic privacy have taken on different forms over the past 30 years. Taking genetic privacy to mean an interest that individuals, families, or even communities have with respect to genetic information, we examine the metaphors used in these debates to chronicle the development of genetic privacy. In 1990-2000, we examine claims for ownership and of 'humanity' spurred by the launch of the Human Genome Project and related endeavors. In 2000-2010, we analyze the interface of law and ethics with research infrastructures such as biobanks, for which notions of citizenship and 'public goods' were central. In 2010-2020, we detail the relational turn of genetic privacy in response of large international research consortia and big data. Although each decade had its leading conceptions of genetic privacy, the subject is neither strictly chronological nor static. We conclude with reflections on the nature of genetic privacy and the necessity to bring together the unique and private genetic self with the human other.
Topics: Ethics, Clinical; Genetic Privacy; Human Genome Project; Humanities; Humans; Ownership
PubMed: 34155499
DOI: 10.1093/hmg/ddab164 -
Current Opinion in Psychology Feb 2020Communication Privacy Management (CPM) theory explains one of the most important, yet challenging social processes in everyday life, that is, managing disclosing and... (Review)
Review
Communication Privacy Management (CPM) theory explains one of the most important, yet challenging social processes in everyday life, that is, managing disclosing and protecting private information. The CPM privacy management system offers researchers, students, and the public a comprehensive approach to the complex and fluid character of privacy management in action. Following an overview of Communication Privacy Management framework, this review focuses on recent research utilizing CPM concepts that cross a growing number of contexts and illustrates the way people navigate privacy in action. Researchers operationalize the use of privacy rules and other core concepts that help describe and explain the ups and downs of privacy management people encounter.
Topics: Communication; Concept Formation; Humans; Privacy; Psychological Theory; Research
PubMed: 31526974
DOI: 10.1016/j.copsyc.2019.08.009 -
Sensors (Basel, Switzerland) Oct 2022Intelligent transportation systems will play a key role in the smart cities of the future. In particular, railway transportation is gaining attention as a promising... (Review)
Review
Intelligent transportation systems will play a key role in the smart cities of the future. In particular, railway transportation is gaining attention as a promising solution to cope with the mobility challenges in large urban areas. Thanks to the miniaturisation of sensors and the deployment of fast data networks, the railway industry is being augmented with contextual, real-time information that opens the door to novel and personalised services. Despite the benefits of this digitalisation, the high complexity of railway transportation entails a number of challenges, particularly from security and privacy perspectives. Since railway assets are attractive targets for terrorism, coping with strong security and privacy requirements such as cryptography and privacy-preserving methods is of utmost importance. This article provides a thorough systematic literature review on information security and privacy within railway transportation systems, following the well-known methodology proposed by vom Brocke et al. We sketch out the most relevant studies and outline the main focuses, challenges and solutions described in the literature, considering technical, societal, regulatory and ethical approaches. Additionally, we discuss the remaining open issues and suggest several research lines that will gain relevance in the years to come.
Topics: Privacy; Computer Security; Transportation
PubMed: 36298049
DOI: 10.3390/s22207698 -
Journal of Bioethical Inquiry Jun 2023The recently passed Privacy Legislation Amendment (Enforcement and Other Measures) Act 2022 (Cth) introduced important changes to the Australian Privacy Act 1988 (Cth)... (Review)
Review
The recently passed Privacy Legislation Amendment (Enforcement and Other Measures) Act 2022 (Cth) introduced important changes to the Australian Privacy Act 1988 (Cth) which increase penalties for serious and repeated interferences with privacy and strengthen the investigative and enforcement powers of the Information Commissioner. The amendments were made subsequent to a number of high profile data breaches and represent the first set of changes to the Privacy Act following the review of the Act commenced by the Attorney-General in October 2020. The submissions made to the review emphasized the need for more effective enforcement mechanisms to increase individuals' control over their personal information and as a form of deterrence. This article reviews the recent amendments to the Privacy Act and explains their effect. It comments upon the relevance of the amendments for health and medical data and other data collected in the context of healthcare, and refers to the Attorney-General's Department's review of the Privacy Act regarding other proposals relating to enforcement which have not as yet been put into effect in legislation.
Topics: Humans; Privacy; Australia; Personally Identifiable Information; Confidentiality
PubMed: 37432509
DOI: 10.1007/s11673-023-10249-4 -
The Lancet. Digital Health Apr 2023
Topics: Privacy; Confidentiality; Wearable Electronic Devices
PubMed: 36963905
DOI: 10.1016/S2589-7500(23)00055-9