-
Perspectives in Health Information... 2023The objective of the study is to identify challenges and associated factors for privacy and security related to telehealth visits during the COVID-19 pandemic. The...
The objective of the study is to identify challenges and associated factors for privacy and security related to telehealth visits during the COVID-19 pandemic. The systematic search strategy used the databases of PubMed, ScienceDirect, ProQuest, Embase, CINAHL, and COCHRANE, with the search terms of telehealth/telemedicine, privacy, security, and confidentiality. Reviews included peer-reviewed empirical studies conducted from January 2020 to February 2022. Studies conducted outside of the US, non-empirical, and non-telehealth related were excluded. Eighteen studies were included in the final analysis. Three risk factors associated with privacy and security in telehealth practice included: environmental factors (lack of private space for vulnerable populations, difficulty sharing sensitive health information remotely), technology factors (data security issues, limited access to the internet, and technology), and operational factors (reimbursement, payer denials, technology accessibility, training, and education). Findings from this study can assist governments, policymakers, and healthcare organizations in developing best practices in telehealth privacy and security strategies.
Topics: Humans; Privacy; Pandemics; COVID-19; Confidentiality; Risk Factors; Telemedicine
PubMed: 37215337
DOI: No ID Found -
Sensors (Basel, Switzerland) Jun 2021In the course of the digitization of production facilities, tracking and tracing of assets in the supply chain is becoming increasingly relevant for the manufacturing... (Review)
Review
In the course of the digitization of production facilities, tracking and tracing of assets in the supply chain is becoming increasingly relevant for the manufacturing industry. The collection and use of real-time position data of logistics, tools and load carriers are already standard procedure in entire branches of the industry today. In addition to asset tracking, the technologies used also offer new possibilities for collecting and evaluating position and biometric data of employees. Thus, these technologies can be used for monitoring performance or for tracking worker behaviour, which can lead to additional burdens and stress for employees. In this context, the collection and evaluation of employee data can influence the workplace of the affected employee in the company to his or her disadvantage. The approach of Privacy by Design can help to benefit from all the advantages of these systems, while ensuring that the impact on employee privacy is kept to a minimum. Currently, there is no survey available that reviews tracking and tracing systems supporting this important and emerging field. This work provides a systematic overview from the perspective of the impact on employee privacy. Additionally, this paper identifies and evaluates the techniques used with regard to employee privacy in industrial tracking and tracing systems. This helps to reveal new privacy preserving techniques that are currently underrepresented, therefore enabling new research opportunities in the industrial community.
Topics: Female; Humans; Male; Privacy; Technology; Workplace
PubMed: 34209327
DOI: 10.3390/s21134501 -
Journal of Biomedical Informatics Jun 2013To report the results of a systematic literature review concerning the security and privacy of electronic health record (EHR) systems. (Review)
Review
OBJECTIVE
To report the results of a systematic literature review concerning the security and privacy of electronic health record (EHR) systems.
DATA SOURCES
Original articles written in English found in MEDLINE, ACM Digital Library, Wiley InterScience, IEEE Digital Library, Science@Direct, MetaPress, ERIC, CINAHL and Trip Database.
STUDY SELECTION
Only those articles dealing with the security and privacy of EHR systems.
DATA EXTRACTION
The extraction of 775 articles using a predefined search string, the outcome of which was reviewed by three authors and checked by a fourth.
RESULTS
A total of 49 articles were selected, of which 26 used standards or regulations related to the privacy and security of EHR data. The most widely used regulations are the Health Insurance Portability and Accountability Act (HIPAA) and the European Data Protection Directive 95/46/EC. We found 23 articles that used symmetric key and/or asymmetric key schemes and 13 articles that employed the pseudo anonymity technique in EHR systems. A total of 11 articles propose the use of a digital signature scheme based on PKI (Public Key Infrastructure) and 13 articles propose a login/password (seven of them combined with a digital certificate or PIN) for authentication. The preferred access control model appears to be Role-Based Access Control (RBAC), since it is used in 27 studies. Ten of these studies discuss who should define the EHR systems' roles. Eleven studies discuss who should provide access to EHR data: patients or health entities. Sixteen of the articles reviewed indicate that it is necessary to override defined access policies in the case of an emergency. In 25 articles an audit-log of the system is produced. Only four studies mention that system users and/or health staff should be trained in security and privacy.
CONCLUSIONS
Recent years have witnessed the design of standards and the promulgation of directives concerning security and privacy in EHR systems. However, more work should be done to adopt these regulations and to deploy secure EHR systems.
Topics: Computer Security; Electronic Health Records; Europe; Health Insurance Portability and Accountability Act; Privacy; United States
PubMed: 23305810
DOI: 10.1016/j.jbi.2012.12.003 -
Sensors (Basel, Switzerland) Dec 2021Owing to the hasty growth of communication technologies in the Underwater Internet of Things (UIoT), many researchers and industries focus on enhancing the existing... (Review)
Review
Owing to the hasty growth of communication technologies in the Underwater Internet of Things (UIoT), many researchers and industries focus on enhancing the existing technologies of UIoT systems for developing numerous applications such as oceanography, diver networks monitoring, deep-sea exploration and early warning systems. In a constrained UIoT environment, communication media such as acoustic, infrared (IR), visible light, radiofrequency (RF) and magnet induction (MI) are generally used to transmit information via digitally linked underwater devices. However, each medium has its technical limitations: for example, the acoustic medium has challenges such as narrow-channel bandwidth, low data rate, high cost, etc., and optical medium has challenges such as high absorption, scattering, long-distance data transmission, etc. Moreover, the malicious node can steal the underwater data by employing blackhole attacks, routing attacks, Sybil attacks, etc. Furthermore, due to heavyweight, the existing privacy and security mechanism of the terrestrial internet of things (IoT) cannot be applied directly to UIoT environment. Hence, this paper aims to provide a systematic review of recent trends, applications, communication technologies, challenges, security threats and privacy issues of UIoT system. Additionally, this paper highlights the methods of preventing the technical challenges and security attacks of the UIoT environment. Finally, this systematic review contributes much to the profit of researchers to analyze and improve the performance of services in UIoT applications.
Topics: Acoustics; Computer Security; Internet of Things; Privacy; Technology
PubMed: 34960366
DOI: 10.3390/s21248262 -
Journal of Housing and the Built... 2022Grounded in psychological and social constructs, the need for privacy is reflected in human socio-spatial behaviour and in our own home. To discuss housing privacy, this...
Grounded in psychological and social constructs, the need for privacy is reflected in human socio-spatial behaviour and in our own home. To discuss housing privacy, this article presents a systematic literature review (SLR) that identified theoretical and methodological aspects relevant to the topic. The research was based on consolidated protocols to identify, select and evaluate articles published between 2000 and 2021 in three databases (Web of Science, Google Scholar and Scielo), with 71 eligible articles identified for synthesis. The results showed a concentration of studies in the American, European and Islamic context, and the increase in this production since 2018. This was guided by the inadequacy of architectural and urban planning projects, by new forms of social interaction and, recently, by the COVID-19 pandemic. From a theoretical point of view, the SLR demonstrated the importance of investigating privacy in housing from a comprehensive perspective, observing its different dimensions (physical, social and psychological) and characterizing the issues involved and the context under analysis. Methodologically, the main instruments identified were: (i) to behavioural analysis, questionnaires, interviews and observations; (ii) to built environment evaluation, in addition to the previous ones, space syntax analysis, architectural design and photographs analysis; (iii) for the general characterization of users, the data collection regarding the socio-demographic and cultural context and the meanings attributed to spatial organizations; (iv) to characterize the participants of the investigations, the analysis of personality traits, the ways to personalize the space, user satisfaction/preferences and the influence of social interactions on these perceptions.
PubMed: 35317451
DOI: 10.1007/s10901-022-09939-z -
Sensors (Basel, Switzerland) Apr 2021Owing to progressive population aging, elderly people (aged 65 and above) face challenges in carrying out activities of daily living, while placement of the elderly in a... (Review)
Review
Owing to progressive population aging, elderly people (aged 65 and above) face challenges in carrying out activities of daily living, while placement of the elderly in a care facility is expensive and mentally taxing for them. Thus, there is a need to develop their own homes into smart homes using new technologies. However, this raises concerns of privacy and data security for users since it can be handled remotely. Hence, with advancing technologies it is important to overcome this challenge using privacy-preserving and non-intrusive models. For this review, 235 articles were scanned from databases, out of which 31 articles pertaining to in-home technologies that assist the elderly in living independently were shortlisted for inclusion. They described the adoption of various methodologies like different sensor-based mechanisms, wearables, camera-based techniques, robots, and machine learning strategies to provide a safe and comfortable environment to the elderly. Recent innovations have rendered these technologies more unobtrusive and privacy-preserving with increasing use of environmental sensors and less use of cameras and other devices that may compromise the privacy of individuals. There is a need to develop a comprehensive system for smart homes which ensures patient safety, privacy, and data security; in addition, robots should be integrated with the existing sensor-based platforms to assist in carrying out daily activities and therapies as required.
Topics: Activities of Daily Living; Aged; Aging; Computer Security; Humans; Privacy; Technology
PubMed: 33925161
DOI: 10.3390/s21093082 -
Health Information Management : Journal... 2015Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR... (Meta-Analysis)
Meta-Analysis Review
BACKGROUND
Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist.
OBJECTIVE
This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems.
METHOD
Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings.
RESULTS
Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques.
CONCLUSION
This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.
Topics: Access to Information; Computer Security; Confidentiality; Electronic Health Records; Guideline Adherence; Humans
PubMed: 26464299
DOI: 10.1177/183335831504400304 -
International Journal of... 2017The objective of this systematic review was to systematically review papers in the United States that examine current practices in privacy and security when telehealth... (Review)
Review
The objective of this systematic review was to systematically review papers in the United States that examine current practices in privacy and security when telehealth technologies are used by healthcare providers. A literature search was conducted using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses Protocols (PRISMA-P). PubMed, CINAHL and INSPEC from 2003 - 2016 were searched and returned 25,404 papers (after duplications were removed). Inclusion and exclusion criteria were strictly followed to examine title, abstract, and full text for 21 published papers which reported on privacy and security practices used by healthcare providers using telehealth. Data on confidentiality, integrity, privacy, informed consent, access control, availability, retention, encryption, and authentication were all searched and retrieved from the papers examined. Papers were selected by two independent reviewers, first per inclusion/exclusion criteria and, where there was disagreement, a third reviewer was consulted. The percentage of agreement and Cohen's kappa was 99.04% and 0.7331 respectively. The papers reviewed ranged from 2004 to 2016 and included several types of telehealth specialties. Sixty-seven percent were policy type studies, and 14 percent were survey/interview studies. There were no randomized controlled trials. Based upon the results, we conclude that it is necessary to have more studies with specific information about the use of privacy and security practices when using telehealth technologies as well as studies that examine patient and provider preferences on how data is kept private and secure during and after telehealth sessions.
PubMed: 29238448
DOI: 10.5195/ijt.2017.6231 -
JMIR MHealth and UHealth Jul 2022COVID-19 digital contact-tracing apps were created to assist public health authorities in curbing the pandemic. These apps require users' permission to access specific...
BACKGROUND
COVID-19 digital contact-tracing apps were created to assist public health authorities in curbing the pandemic. These apps require users' permission to access specific functions on their mobile phones, such as geolocation, Bluetooth or Wi-Fi connections, or personal data, to work correctly. As these functions have privacy repercussions, it is essential to establish how contact-tracing apps respect users' privacy.
OBJECTIVE
This study aimed to systematically map existing contact-tracing apps and evaluate the permissions required and their privacy policies. Specifically, we evaluated the type of permissions, the privacy policies' readability, and the information included in them.
METHODS
We used custom Google searches and existing lists of contact-tracing apps to identify potentially eligible apps between May 2020 and November 2021. We included contact-tracing or exposure notification apps with a Google Play webpage from which we extracted app characteristics (eg, sponsor, number of installs, and ratings). We used Exodus Privacy to systematically extract the number of permissions and classify them as dangerous or normal. We computed a Permission Accumulated Risk Score representing the threat level to the user's privacy. We assessed the privacy policies' readability and evaluated their content using a 13-item checklist, which generated a Privacy Transparency Index. We explored the relationships between app characteristics, Permission Accumulated Risk Score, and Privacy Transparency Index using correlations, chi-square tests, or ANOVAs.
RESULTS
We identified 180 contact-tracing apps across 152 countries, states, or territories. We included 85.6% (154/180) of apps with a working Google Play page, most of which (132/154, 85.7%) had a privacy policy document. Most apps were developed by governments (116/154, 75.3%) and totaled 264.5 million installs. The average rating on Google Play was 3.5 (SD 0.7). Across the 154 apps, we identified 94 unique permissions, 18% (17/94) of which were dangerous, and 30 trackers. The average Permission Accumulated Risk Score was 22.7 (SD 17.7; range 4-74, median 16) and the average Privacy Transparency Index was 55.8 (SD 21.7; range 5-95, median 55). Overall, the privacy documents were difficult to read (median grade level 12, range 7-23); 67% (88/132) of these mentioned that the apps collected personal identifiers. The Permission Accumulated Risk Score was negatively associated with the average App Store ratings (r=-0.20; P=.03; 120/154, 77.9%) and Privacy Transparency Index (r=-0.25; P<.001; 132/154, 85.7%), suggesting that the higher the risk to one's data, the lower the apps' ratings and transparency index.
CONCLUSIONS
Many contact-tracing apps were developed covering most of the planet but with a relatively low number of installs. Privacy-preserving apps scored high in transparency and App Store ratings, suggesting that some users appreciate these apps. Nevertheless, privacy policy documents were difficult to read for an average audience. Therefore, we recommend following privacy-preserving and transparency principles to improve contact-tracing uptake while making privacy documents more readable for a wider public.
Topics: COVID-19; Contact Tracing; Data Management; Humans; Mobile Applications; Policy; Privacy
PubMed: 35709334
DOI: 10.2196/35195 -
International Psychogeriatrics Feb 2022Virtual reality (VR) is a promising tool with the potential to enhance care of cognitive and affective disorders in the aging population. VR has been implemented in... (Review)
Review
IMPORTANCE
Virtual reality (VR) is a promising tool with the potential to enhance care of cognitive and affective disorders in the aging population. VR has been implemented in clinical settings with adolescents and children; however, it has been less studied in the geriatric population.
OBJECTIVE
The objective of this study is to determine the existing levels of evidence for VR use in clinical settings and identify areas where more evidence may guide translation of existing VR interventions for older adults.
DESIGN AND MEASUREMENTS
We conducted a systematic review in PubMed and Web of Science in November 2019 for peer-reviewed journal articles on VR technology and its applications in older adults. We reviewed article content and extracted the number of study participants, study population, goal of the investigation, the level of evidence, and categorized articles based on the indication of the VR technology and the study population.
RESULTS
The database search yielded 1554 total results, and 55 articles were included in the final synthesis. The most represented study design was cross-sectional, and the most common study population was subjects with cognitive impairment. Articles fell into three categories for VR Indication: Testing, Training, and Screening. There was a wide variety of VR environments used across studies.
CONCLUSIONS
Existing evidence offers support for VR as a screening and training tool for cognitive impairment in older adults. VR-based tasks demonstrated validity comparable to some paper-based assessments of cognition, though more work is needed to refine diagnostic specificity. The variety of VR environments used shows a need for standardization before comparisons can be made across VR simulations. Future studies should address key issues such as usability, data privacy, and confidentiality. Since most literature was generated from high-income countries (HICs), it remains unclear how this may be translated to other parts of the world.
Topics: Adolescent; Aged; Cognition; Cognitive Dysfunction; Cross-Sectional Studies; Humans; Mental Health; Virtual Reality
PubMed: 33757619
DOI: 10.1017/S104161022100017X