-
Frontiers in Public Health 2023Digital health data collection is vital for healthcare and medical research. But it contains sensitive information about patients, which makes it challenging. To collect...
Digital health data collection is vital for healthcare and medical research. But it contains sensitive information about patients, which makes it challenging. To collect health data without privacy breaches, it must be secured between the data owner and the collector. Existing data collection research studies have too stringent assumptions such as using a third-party anonymizer or a private channel amid the data owner and the collector. These studies are more susceptible to privacy attacks due to third-party involvement, which makes them less applicable for privacy-preserving healthcare data collection. This article proposes a novel privacy-preserving data collection protocol that anonymizes healthcare data without using a third-party anonymizer or a private channel for data transmission. A clustering-based -anonymity model was adopted to efficiently prevent identity disclosure attacks, and the communication between the data owner and the collector is restricted to some elected representatives of each equivalent group of data owners. We also identified a privacy attack, known as "leader collusion", in which the elected representatives may collaborate to violate an individual's privacy. We propose solutions for such collisions and sensitive attribute protection. A greedy heuristic method is devised to efficiently handle the data owners who join or depart the anonymization process dynamically. Furthermore, we present the potential privacy attacks on the proposed protocol and theoretical analysis. Extensive experiments are conducted in real-world datasets, and the results suggest that our solution outperforms the state-of-the-art techniques in terms of privacy protection and computational complexity.
Topics: Humans; Privacy; Disclosure; Data Collection; Biomedical Research; Cluster Analysis
PubMed: 36935661
DOI: 10.3389/fpubh.2023.1125011 -
Sensors (Basel, Switzerland) Mar 2023The overwhelming popularity of technology-based solutions and innovations to address day-to-day processes has significantly contributed to the emergence of smart cities....
The overwhelming popularity of technology-based solutions and innovations to address day-to-day processes has significantly contributed to the emergence of smart cities. where millions of interconnected devices and sensors generate and share huge volumes of data. The easy and high availability of rich personal and public data generated in these digitalized and automated ecosystems renders smart cities vulnerable to intrinsic and extrinsic security breaches. Today, with fast-developing technologies, the classical username and password approaches are no longer adequate to secure valuable data and information from cyberattacks. Multi-factor authentication (MFA) can provide an effective solution to minimize the security challenges associated with legacy single-factor authentication systems (both online and offline). This paper identifies and discusses the role and need of MFA for securing the smart city ecosystem. The paper begins by describing the notion of smart cities and the associated security threats and privacy issues. The paper further provides a detailed description of how MFA can be used for securing various smart city entities and services. A new concept of blockchain-based multi-factor authentication named "BAuth-ZKP" for securing smart city transactions is presented in the paper. The concept focuses on developing smart contracts between the participating entities within the smart city and performing the transactions with zero knowledge proof (ZKP)-based authentication in a secure and privacy-preserved manner. Finally, the future prospects, developments, and scope of using MFA in smart city ecosystem are discussed.
PubMed: 36904955
DOI: 10.3390/s23052757 -
NPJ Digital Medicine Mar 2023While nearly all computational methods operate on pseudonymized personal data, re-identification remains a risk. With personal health data, this re-identification risk...
While nearly all computational methods operate on pseudonymized personal data, re-identification remains a risk. With personal health data, this re-identification risk may be considered a double-crossing of patients' trust. Herein, we present a new method to generate synthetic data of individual granularity while holding on to patients' privacy. Developed for sensitive biomedical data, the method is patient-centric as it uses a local model to generate random new synthetic data, called an "avatar data", for each initial sensitive individual. This method, compared with 2 other synthetic data generation techniques (Synthpop, CT-GAN), is applied to real health data with a clinical trial and a cancer observational study to evaluate the protection it provides while retaining the original statistical information. Compared to Synthpop and CT-GAN, the Avatar method shows a similar level of signal maintenance while allowing to compute additional privacy metrics. In the light of distance-based privacy metrics, each individual produces an avatar simulation that is on average indistinguishable from 12 other generated avatar simulations for the clinical trial and 24 for the observational study. Data transformation using the Avatar method both preserves, the evaluation of the treatment's effectiveness with similar hazard ratios for the clinical trial (original HR = 0.49 [95% CI, 0.39-0.63] vs. avatar HR = 0.40 [95% CI, 0.31-0.52]) and the classification properties for the observational study (original AUC = 99.46 (s.e. 0.25) vs. avatar AUC = 99.84 (s.e. 0.12)). Once validated by privacy metrics, anonymous synthetic data enable the creation of value from sensitive pseudonymized data analyses by tackling the risk of a privacy breach.
PubMed: 36899082
DOI: 10.1038/s41746-023-00771-5 -
Health Information Management : Journal... Feb 2023The implementation of emerging technologies has resulted in an increase of data breaches in healthcare organisations, especially during the COVID-19 pandemic. Health...
BACKGROUND
The implementation of emerging technologies has resulted in an increase of data breaches in healthcare organisations, especially during the COVID-19 pandemic. Health information and cybersecurity managers need to understand if, and to what extent, breach types and locations are associated with their organisation's business type.
OBJECTIVE
To investigate if breach type and breach location are associated with business type, and if so, investigate how these factors affect information systems and protected health information in for-profit versus non-profit organisations.
METHOD
The quantitative study was performed using chi-square tests for association and post-hoc comparison of column proportions analysis on an archival data set of reported healthcare data breaches from 2020 to 2022. Data from the Department of Health and Human Services website was retrieved and each organisation classified as for-profit or non-profit.
RESULTS
For-profit organisations experienced a significantly higher number of breaches due to theft, and non-profit organisations experienced a significantly higher number of breaches due to unauthorised access. Furthermore, the number of breaches that occurred on laptops and paper/films was significantly higher in for-profit organisations.
CONCLUSION
While the threat level of hacking techniques is the same in for-profit and non-profit organisations, certain breach types are more likely to occur within specific breach locations based on the organisation's business type. To protect the privacy and security of medical information, health information and cybersecurity managers need to align with industry-leading frameworks and controls to prevent specific breach types that occur in specific locations within their environments.
PubMed: 36840419
DOI: 10.1177/18333583231158886 -
Healthcare (Basel, Switzerland) Feb 2023Physicians must respect their patients' rights to informed consent, privacy, access to medical records, non-discrimination, treatment by a qualified doctor, and a second...
BACKGROUND
Physicians must respect their patients' rights to informed consent, privacy, access to medical records, non-discrimination, treatment by a qualified doctor, and a second medical opinion. Compliance with patients' rights is mandatory, and legal breaches are considered medical malpractice under Romanian law. This is the first study to assess physicians' practices nationally and create a geographical map of legal compliance.
RESULTS
We examined survey responses of 2978 physicians, including 1587 general practitioners and 1391 attending physicians from high-risk specialties. According to the findings, 46.67% of physicians' practices adhered to the law. Physicians' practices were homogenous across the country's regions. General practitioners were significantly more legally compliant than attending physicians were. Additionally, 94.02% of the physicians acknowledged malpractice anxiety, whereas only 17.67% had been accused of malpractice.
CONCLUSIONS
Our findings emphasize the need for further research and to voice issues about Romanian physicians' low level of legal compliance. This study provides a starting point for future studies to evaluate the benefits of interventional strategies in this field. Healthcare facilities should provide physicians with easily available resources when they are unsure about their legal obligations, and establish an observer organization that can detect unlawful conduct. Interventions should concentrate on education programs and expert guidance.
PubMed: 36833032
DOI: 10.3390/healthcare11040499 -
Drug and Alcohol Dependence Mar 2023The prevalence of drug use in Muslim communities is difficult to estimate due to religious, social, and cultural prohibition toward drug use. With Islam affecting all... (Review)
Review
Barriers and facilitators to accessing inpatient and community substance use treatment and harm reduction services for people who use drugs in the Muslim communities: A systematic narrative review of studies on the experiences of people who receive services and service providers.
BACKGROUND
The prevalence of drug use in Muslim communities is difficult to estimate due to religious, social, and cultural prohibition toward drug use. With Islam affecting all aspects of life in the Muslim world, people who use drugs do it clandestinely to avoid stigma and exclusion from the community, leading to a low number of them seeking treatment for their drug use. This review explored the barriers and facilitators to accessing inpatient and community substance use treatment and harm reduction services for people who use drugs in Muslim communities.
METHODS
This review was in accordance with PRISMA. Seven databases were systematically searched for qualitative, quantitative, and mixed methods studies conducted in countries where at least 70% of the population were Muslim or where data were presented separately for Muslim communities in other countries. Eligible articles were reviewed, and key qualitative themes were abstracted and compared across studies and settings.
RESULTS
Twenty-four studies were included from Iran, Bangladesh, Afghanistan, Tajikistan, Kazakhstan, Kyrgyzstan, Egypt, Lebanon, and UAE. Two themes were identified: a psychosocial theme included denial of the problem severity, lack of trust in the treatment system, fear of breach in confidentiality and privacy, the need for community support, religion and women who use drugs. Additionally, an organizational theme included affordability, treatment Service characteristics, lack of Awareness, service providers' Attitudes, drug use registration and fear of legal consequences of drug use. Stigma was also identified as an over-arching theme. The Mixed Methods Appraisal Tool (MMAT) was used to assess the quality of the included studies with where 12 of the studies met all 5 the quality criteria. No studies were excluded for having lower quality scores.
CONCLUSION
This review reflected how diverse the Muslim world is in drug use. It is important to use mosques to raise awareness on people who use drugs and reduce stigma. Providing holistic services for people who use drugs specially women will improve their access to treatment and harm reduction services in the Muslim world.
Topics: Humans; Female; Islam; Harm Reduction; Inpatients; Substance-Related Disorders; Social Stigma; Qualitative Research
PubMed: 36805826
DOI: 10.1016/j.drugalcdep.2023.109790 -
PloS One 2023More knowledge about the long-term impact of sperm donation is essential as the donor's attitude towards donation may change over time. Personal and social developments...
BACKGROUND
More knowledge about the long-term impact of sperm donation is essential as the donor's attitude towards donation may change over time. Personal and social developments may prompt a rethinking of previous actions and decisions, or even regret. Thus, the aim of this study was to explore the experiences and attitudes of men who were sperm donors more than 10 years ago.
METHODS
From May to September 2021, semi-structured, qualitative interviews were conducted with 23 former donors (> 10 years since last donation) from Cryos International sperm bank. Two participants were non-anonymous donors and 21 were anonymous. The interviews were conducted by phone or via video (mean 24 minutes). All interviews were recorded, transcribed verbatim and rendered anonymous. Data were analyzed using thematic analysis.
RESULTS
The analysis showed that most men had been donors for monetary and altruistic purposes, and now considered sperm donation as a closed chapter that was 'unproblematic and in the past'. Most men valued anonymity and emphasized the non-relatedness between donor and donor conceived offspring. Knowledge about recipients and donor offspring was seen as 'damaging' as it could create unwanted feelings of relatedness and responsibility towards them. All men acknowledged donor conceived persons' potential interests in knowing about their genetic heritage in order to understand appearance and personal traits, but also emphasized the donors' rights to anonymity. Potential breach of anonymity was generally considered 'highly problematic' as it was expected to disturb their families and force a relationship on them.
CONCLUSION
This study reports on former donors who might not have volunteered for research due to lack of interest or protection of privacy. The majority of men valued anonymity and clearly demarcated a line between sperm donation and fatherhood, which was enforced by not knowing about the donor offspring or recipients.
Topics: Humans; Male; Semen; Attitude; Tissue Donors; Spermatozoa; Denmark
PubMed: 36791066
DOI: 10.1371/journal.pone.0281022 -
Biomedical Materials & Devices (New... Feb 2023Artificial intelligence (AI) has the potential to make substantial progress toward the goal of making healthcare more personalized, predictive, preventative, and... (Review)
Review
Artificial intelligence (AI) has the potential to make substantial progress toward the goal of making healthcare more personalized, predictive, preventative, and interactive. We believe AI will continue its present path and ultimately become a mature and effective tool for the healthcare sector. Besides this AI-based systems raise concerns regarding data security and privacy. Because health records are important and vulnerable, hackers often target them during data breaches. The absence of standard guidelines for the moral use of AI and ML in healthcare has only served to worsen the situation. There is debate about how far artificial intelligence (AI) may be utilized ethically in healthcare settings since there are no universal guidelines for its use. Therefore, maintaining the confidentiality of medical records is crucial. This study enlightens the possible drawbacks of AI in the implementation of healthcare sector and their solutions to overcome these situations.
PubMed: 36785697
DOI: 10.1007/s44174-023-00063-2 -
Sensors (Basel, Switzerland) Jan 2023Industry 5.0 is projected to be an exemplary improvement in digital transformation allowing for mass customization and production efficiencies using emerging... (Review)
Review
Industry 5.0 is projected to be an exemplary improvement in digital transformation allowing for mass customization and production efficiencies using emerging technologies such as universal machines, autonomous and self-driving robots, self-healing networks, cloud data analytics, etc., to supersede the limitations of Industry 4.0. To successfully pave the way for acceptance of these technologies, we must be bound and adhere to ethical and regulatory standards. Presently, with ethical standards still under development, and each region following a different set of standards and policies, the complexity of being compliant increases. Having vague and inconsistent ethical guidelines leaves potential gray areas leading to privacy, ethical, and data breaches that must be resolved. This paper examines the ethical dimensions and dilemmas associated with emerging technologies and provides potential methods to mitigate their legal/regulatory issues.
PubMed: 36772190
DOI: 10.3390/s23031151 -
Journal of Cloud Computing (Heidelberg,... 2023Supporting security and data privacy in cloud workflows has attracted significant research attention. For example, private patients' data managed by a workflow deployed...
Supporting security and data privacy in cloud workflows has attracted significant research attention. For example, private patients' data managed by a workflow deployed on the cloud need to be protected, and communication of such data across multiple stakeholders should also be secured. In general, security threats in cloud environments have been studied extensively. Such threats include data breaches, data loss, denial of service, service rejection, and malicious insiders generated from issues such as multi-tenancy, loss of control over data and trust. Supporting the security of a cloud workflow deployed and executed over a dynamic environment, across different platforms, involving different stakeholders, and dynamic data is a difficult task and is the sole responsibility of cloud providers. Therefore, in this paper, we propose an architecture and a formal model for security enforcement in cloud workflow orchestration. The proposed architecture emphasizes monitoring cloud resources, workflow tasks, and the data to detect and predict anomalies in cloud workflow orchestration using a multi-modal approach that combines deep learning, one class classification, and clustering. It also features an adaptation scheme to cope with anomalies and mitigate their effect on the workflow cloud performance. Our prediction model captures unsupervised static and dynamic features as well as reduces the data dimensionality, which leads to better characterization of various cloud workflow tasks, and thus provides better prediction of potential attacks. We conduct a set of experiments to evaluate the proposed anomaly detection, prediction, and adaptation schemes using a real COVID-19 dataset of patient health records. The results of the training and prediction experiments show high anomaly prediction accuracy in terms of precision, recall, and F1 scores. Other experimental results maintained a high execution performance of the cloud workflow after applying adaptation strategy to respond to some detected anomalies. The experiments demonstrate how the proposed architecture prevents unnecessary wastage of resources due to anomaly detection and prediction.
PubMed: 36691661
DOI: 10.1186/s13677-022-00387-2