-
Sensors (Basel, Switzerland) Aug 2023In the era of interconnected and intelligent cyber-physical systems, preserving privacy has become a paramount concern. This paper aims a groundbreaking proof-of-concept...
In the era of interconnected and intelligent cyber-physical systems, preserving privacy has become a paramount concern. This paper aims a groundbreaking proof-of-concept (PoC) design that leverages consortium blockchain technology to address privacy challenges in cyber-physical systems (CPSs). The proposed design introduces a novel approach to safeguarding sensitive information and ensuring data integrity while maintaining a high level of trust among stakeholders. By harnessing the power of consortium blockchain, the design establishes a decentralized and tamper-resistant framework for privacy preservation. However, ensuring the security and privacy of sensitive information within CPSs poses significant challenges. This paper proposes a cutting-edge privacy approach that leverages consortium blockchain technology to secure secrets in CPSs. Consortium blockchain, with its permissioned nature, provides a trusted framework for governing the network and validating transactions. By employing consortium blockchain, secrets in CPSs can be securely stored, shared, and accessed by authorized entities only, mitigating the risks of unauthorized access and data breaches. The proposed approach offers enhanced security, privacy preservation, increased trust and accountability, as well as interoperability and scalability. This paper aims to address the limitations of traditional security mechanisms in CPSs and harness the potential of consortium blockchain to revolutionize the management of secrets, contributing to the advancement of CPS security and privacy. The effectiveness of the design is demonstrated through extensive simulations and performance evaluations. The results indicate that the proposed approach offers significant advancements in privacy protection, paving the way for secure and trustworthy cyber-physical systems in various domains.
PubMed: 37631699
DOI: 10.3390/s23167162 -
Journal of Medical Internet Research Aug 2023The health care sector experiences 76% of cybersecurity breaches due to basic web application attacks, miscellaneous errors, and system intrusions, resulting in...
The health care sector experiences 76% of cybersecurity breaches due to basic web application attacks, miscellaneous errors, and system intrusions, resulting in compromised health data or disrupted health services. The European Commission proposed the European Health Data Space (EHDS) in 2022 to enhance care delivery and improve patients' lives by offering all European Union (EU) citizens control over their personal health data in a private and secure environment. The EU has taken an important step in homogenizing the health data environment of the European health ecosystem, although more attention needs to be paid to keeping the health data of EU citizens safe and secure within the EHDS. The pooling of health data across countries can have tremendous benefits, but it may also become a target for cybercriminals or state-sponsored hackers. State-of-the-art security measures are essential, and the current EHDS proposal lacks sufficient measures to warrant a cybersecure and resilient environment.
Topics: Humans; Ecosystem; Computer Security; Europe; European Union; Health Care Sector
PubMed: 37616048
DOI: 10.2196/48824 -
Journal of Healthcare Risk Management :... Oct 2023Creating adequate safeguards for physical and online locations (e.g., desktop computers, network servers) where protected health information (PHI) may be breached is...
Creating adequate safeguards for physical and online locations (e.g., desktop computers, network servers) where protected health information (PHI) may be breached is critical for management within entities compliant with the Health Information Portability and Accountability Act (HIPAA). With the increasing complexity of cyber breaches and budgetary issues, prioritizing which locations require the most immediate attention by top management through a data-driven model is more important than ever. Using CORAS threat modeling and five methods for multi-criteria decision-making, these locations were ranked from greatest to least risk of data breaches. Statistical methods were subsequently used for consistency and robustness checks. The findings illustrate that each type of covered entity under HIPAA must prioritize a different set of locations to safeguard first: health care providers must focus on the security of network servers, other portable electronic devices, and category of others (i.e., miscellaneous locations); health plans must focus on the security of paper and films, network servers, and others; and business associates must focus on the security of category of others, network servers, and other portable electronic devices. Combined with data on the source of the breaches (external vs. internal) and type of threats (e.g., hacking, theft), these findings provide recommendations for risk identification for privacy officers across health care.
Topics: United States; Humans; Confidentiality; Health Insurance Portability and Accountability Act; Social Responsibility; Health Facilities; Health Personnel; Computer Security
PubMed: 37616038
DOI: 10.1002/jhrm.21555 -
International Journal of Neonatal... Aug 2023Dried blood spot (DBS) cards from newborn screening (NBS) programs represent a wealth of biological data. They can be stored easily for a long time, have the potential...
Dried blood spot (DBS) cards from newborn screening (NBS) programs represent a wealth of biological data. They can be stored easily for a long time, have the potential to support medical and public health research, and have secondary usages such as quality assurance and forensics, making it the ideal candidate for bio-banking. However, worldwide policies vary with regard to the duration of storage of DBS cards and how it can be used. Recent advances in genomics have also made it possible to perform extended genetic testing on DBS cards in the newborn period to diagnose both actionable and non-actionable childhood and adult diseases. Both storage and secondary uses of DBS cards raise many ethical, clinical, and social questions. The openness of the key stakeholders, namely, parents and healthcare providers (HCPs), to store the DBS cards, and for what duration and purposes, and to extended genetic testing is largely dependent on local cultural-social-specific factors. The study objective is to assess the parents' and HCPs' awareness and receptivity toward DBS retention, its secondary usage, and extended genetic testing. A cross-sectional, self-administrated survey was adopted at three hospitals, out of which two were public hospitals with maternity services, between June and December 2022. In total, 452 parents and 107 HCPs completed and returned the survey. Overall, both HCPs and parents were largely knowledgeable about the potential benefits of DBS card storage for a prolonged period and its secondary uses, and they supported extended genetic testing. Knowledge gaps were found in respondents with a lower education level who did not know that a DBS card could be stored for an extended period ( < 0.001), could support scientific research ( = 0.033), and could aid public health research, and future policy implementation ( = 0.030). Main concerns with regard to DBS card storage related to potential privacy breaches and anonymity (Parents 70%, HCPs 60%). More parents, compared to HCPs, believed that storing DBS cards for secondary research does not lead to a reciprocal benefit to the child ( < 0.005). Regarding extended genetic testing, both groups were receptive and wanted to know about actionable childhood- and adult-onset diseases. More parents (four-fifths) rather than HCPs (three-fifths) were interested in learning about a variant with unknown significance ( < 0.001). Our findings report positive support from both parents and HCPs toward the extended retention of DBS cards for secondary usage and for extended genetic testing. However, more efforts to raise awareness need to be undertaken in addition to addressing the ethical concerns of both parents and HCPs to pave the way forward toward policy-making for DBS bio-banking and extended genetic testing in Hong Kong.
PubMed: 37606482
DOI: 10.3390/ijns9030045 -
Nurse Education Today Nov 2023The healthcare industry has increasingly been targeted by cybercrime putting patients, organizations, and employees at risk for financial loss and breach of privacy....
BACKGROUND
The healthcare industry has increasingly been targeted by cybercrime putting patients, organizations, and employees at risk for financial loss and breach of privacy. Malware events compromise system integrity and patient privacy which could lead to delays in treatment, loss of patient data, inability to provide care, and increase in patient harm. In addition, these attacks may also compromise private and personal information for those targeted.
OBJECTIVE
Nurses represent a large portion of frontline healthcare workers and are uniquely positioned to help prevent cyber-attacks. Nursing curriculum should include education about the risks to patient safety from cybercrime and the nurse's role in preventing cybercrime. Nursing education has focused on hygiene for patient safety. Adding cyber hygiene to the essential practices of pre-licensure and advanced practice nurses is a first step to protecting patients, organizations, and employees from the repercussions of a healthcare cyber-attack.
Topics: Humans; Education, Nursing; Hygiene; Curriculum; Educational Status; Health Personnel
PubMed: 37595324
DOI: 10.1016/j.nedt.2023.105940 -
European Journal of Cardio-thoracic... Sep 2023The General Data Protection Regulation (GDPR), enacted in the European Union in 2018, has significantly transformed the landscape of personal data management and... (Review)
Review
The General Data Protection Regulation (GDPR), enacted in the European Union in 2018, has significantly transformed the landscape of personal data management and protection. This article provides an overview of GDPR's impact, focusing on its applicability, fundamental principles and influence on data management practices, particularly within the European Society of Thoracic Surgeons (ESTS) database. GDPR's reach extends to all entities collecting and processing personal data of European Union residents, regardless of their location. It encompasses various data types, emphasizing meticulous handling and protection of identifiable information. Special categories of data, such as health and sensitive attributes, require even more stringent protection. The regulation sets legal, fair and transparent data processing principles, emphasizing accuracy, purpose limitation and data minimization. It also stresses accountability, leading to the appointment of Data Protection Officers and significant penalties for non-compliance. The ESTS database, designed to enhance thoracic surgical research and care, collects data on European procedures. It follows GDPR principles by pseudonymizing data, ensuring secure data transmission and providing clear instructions for data submission. The database contributes to research, policymaking and practice improvement in thoracic surgery by offering a comprehensive dataset for analysis. Here, we aim to shed light on the complexities of GDPR implementation and emphasize the need for comprehensive data management strategies to ensure compliance and enhance privacy protection with the contribution to the ESTS database. GDPR compliance comes with challenges, including potential human dignity and privacy rights violations. Data breaches can result in unauthorized disclosures, and non-compliance can lead to substantial fines and reputational damage. The implementation of GDPR encourages organizations to prioritize ethical data practices, security measures and transparent data handling. In conclusion, GDPR has revolutionized personal data protection by emphasizing accountability, transparency and individual rights. It has impacted organizations globally, promoting responsible data management practices. Adhering to GDPR ensures privacy protection, trust-building and overall enhancement of data management in today's data-driven environment.
Topics: Humans; Data Management; Databases, Factual; Surgeons
PubMed: 37589648
DOI: 10.1093/ejcts/ezad289 -
Heliyon Aug 2023While working alongside professional nurses, student nurses develop professional identity and learn the professional nursing role, a process known as professional...
While working alongside professional nurses, student nurses develop professional identity and learn the professional nursing role, a process known as professional socialisation. Professional nurses should model professional behaviour to be emulated by student nurses. We used a qualitative exploratory design to explore if professional nurses behave in a manner that supports professional socialisation of student nurses in a clinical learning environment. According to our observations, two main categories emerged regarding professional nurses' behaviour. The first category was unprofessional conduct with sub-categories that included disrespect, infringed patient privacy, breached confidentiality, inappropriate dress code and lack of punctuality. The second category was ward disorganisation which was related to delegating duties and structured orientation programmes for student nurses. In this study, professional nurses did not behave in a manner consistent with professional socialisation in the clinical learning environment. Student nurses may struggle to develop professional identity, leading to reduced confidence and poor patient quality care. Student nurses need to be professionally socialised in a clinical learning environment and professional nurses need to be empowered on how to carry out this process.
PubMed: 37576296
DOI: 10.1016/j.heliyon.2023.e18611 -
International Journal of Environmental... Aug 2023Federated learning (FL) provides a distributed machine learning system that enables participants to train using local data to create a shared model by eliminating the... (Review)
Review
Federated learning (FL) provides a distributed machine learning system that enables participants to train using local data to create a shared model by eliminating the requirement of data sharing. In healthcare systems, FL allows Medical Internet of Things (MIoT) devices and electronic health records (EHRs) to be trained locally without sending patients data to the central server. This allows healthcare decisions and diagnoses based on datasets from all participants, as well as streamlining other healthcare processes. In terms of user data privacy, this technology allows collaborative training without the need of sharing the local data with the central server. However, there are privacy challenges in FL arising from the fact that the model updates are shared between the client and the server which can be used for re-generating the client's data, breaching privacy requirements of applications in domains like healthcare. In this paper, we have conducted a review of the literature to analyse the existing privacy and security enhancement methods proposed for FL in healthcare systems. It has been identified that the research in the domain focuses on seven techniques: Differential Privacy, Homomorphic Encryption, Blockchain, Hierarchical Approaches, Peer to Peer Sharing, Intelligence on the Edge Device, and Mixed, Hybrid and Miscellaneous Approaches. The strengths, limitations, and trade-offs of each technique were discussed, and the possible future for these seven privacy enhancement techniques for healthcare FL systems was identified.
Topics: Humans; Privacy; Blockchain; Computer Communication Networks; Electronic Health Records; Delivery of Health Care
PubMed: 37569079
DOI: 10.3390/ijerph20156539 -
Journal of Medical Internet Research Aug 2023ChatGPT has promising applications in health care, but potential ethical issues need to be addressed proactively to prevent harm. ChatGPT presents potential ethical...
ChatGPT has promising applications in health care, but potential ethical issues need to be addressed proactively to prevent harm. ChatGPT presents potential ethical challenges from legal, humanistic, algorithmic, and informational perspectives. Legal ethics concerns arise from the unclear allocation of responsibility when patient harm occurs and from potential breaches of patient privacy due to data collection. Clear rules and legal boundaries are needed to properly allocate liability and protect users. Humanistic ethics concerns arise from the potential disruption of the physician-patient relationship, humanistic care, and issues of integrity. Overreliance on artificial intelligence (AI) can undermine compassion and erode trust. Transparency and disclosure of AI-generated content are critical to maintaining integrity. Algorithmic ethics raise concerns about algorithmic bias, responsibility, transparency and explainability, as well as validation and evaluation. Information ethics include data bias, validity, and effectiveness. Biased training data can lead to biased output, and overreliance on ChatGPT can reduce patient adherence and encourage self-diagnosis. Ensuring the accuracy, reliability, and validity of ChatGPT-generated content requires rigorous validation and ongoing updates based on clinical practice. To navigate the evolving ethical landscape of AI, AI in health care must adhere to the strictest ethical standards. Through comprehensive ethical guidelines, health care professionals can ensure the responsible use of ChatGPT, promote accurate and reliable information exchange, protect patient privacy, and empower patients to make informed decisions about their health care.
Topics: Humans; Artificial Intelligence; Reproducibility of Results; Data Collection; Disclosure; Patient Compliance
PubMed: 37566454
DOI: 10.2196/48009 -
Annals of Biomedical Engineering Jun 2024The application of artificial intelligence (AI) in the field of medicine has revolutionised various sectors of the health care system, including robotics surgery,... (Review)
Review
The application of artificial intelligence (AI) in the field of medicine has revolutionised various sectors of the health care system, including robotics surgery, biotechnology, pharmaceutical, evidence-based medicine and advanced research and transplantation techniques. By offering improved 3D imagery of the various organs involved in surgery and perfectly minimising the chances of error, AI aid made complicated surgical procedures more efficient and highly effective, requiring less hands-on. Further, the AI tool helps plastic surgery and aesthetic surgeons in anticipating prognostic surgical markers and post-operative consequences. In addition to enhancing accurate and rapid diagnosis, AI has played a pivotal role in the development and discovery of new drugs. Nevertheless, the application of AI in health care also raises significant challenges and concerns. Incorrect drug recommendations, failure to identify tumours and lesions on imaging modalities and potential bias in data entry and its automatic can risk the life of patients on a large scale. Additionally, breaching patient data privacy may raise concerns about cybersecurity issues, further compromised by growing dependency on AI which can result in massive unemployment. In short, AI has played a pivotal role in health care; however, addressing the in-transparencies is critical to ensure safe, ethical and more effective implementation in the dynamic field of medicine.
Topics: Artificial Intelligence; Humans; Delivery of Health Care
PubMed: 37548817
DOI: 10.1007/s10439-023-03343-6