-
Annals of Biomedical Engineering Jun 2024The application of artificial intelligence (AI) in the field of medicine has revolutionised various sectors of the health care system, including robotics surgery,... (Review)
Review
The application of artificial intelligence (AI) in the field of medicine has revolutionised various sectors of the health care system, including robotics surgery, biotechnology, pharmaceutical, evidence-based medicine and advanced research and transplantation techniques. By offering improved 3D imagery of the various organs involved in surgery and perfectly minimising the chances of error, AI aid made complicated surgical procedures more efficient and highly effective, requiring less hands-on. Further, the AI tool helps plastic surgery and aesthetic surgeons in anticipating prognostic surgical markers and post-operative consequences. In addition to enhancing accurate and rapid diagnosis, AI has played a pivotal role in the development and discovery of new drugs. Nevertheless, the application of AI in health care also raises significant challenges and concerns. Incorrect drug recommendations, failure to identify tumours and lesions on imaging modalities and potential bias in data entry and its automatic can risk the life of patients on a large scale. Additionally, breaching patient data privacy may raise concerns about cybersecurity issues, further compromised by growing dependency on AI which can result in massive unemployment. In short, AI has played a pivotal role in health care; however, addressing the in-transparencies is critical to ensure safe, ethical and more effective implementation in the dynamic field of medicine.
Topics: Artificial Intelligence; Humans; Delivery of Health Care
PubMed: 37548817
DOI: 10.1007/s10439-023-03343-6 -
Journal of Medical Internet Research Aug 2023The health care industry has faced various challenges over the past decade as we move toward a digital future where services and data are available on demand. The... (Review)
Review
The health care industry has faced various challenges over the past decade as we move toward a digital future where services and data are available on demand. The systems of interconnected devices, users, data, and working environments are referred to as the Internet of Health Care Things (IoHT). IoHT devices have emerged in the past decade as cost-effective solutions with large scalability capabilities to address the constraints on limited resources. These devices cater to the need for remote health care services outside of physical interactions. However, IoHT security is often overlooked because the devices are quickly deployed and configured as solutions to meet the demands of a heavily saturated industry. During the COVID-19 pandemic, studies have shown that cybercriminals are exploiting the health care industry, and data breaches are targeting user credentials through authentication vulnerabilities. Poor password use and management and the lack of multifactor authentication security posture within IoHT cause a loss of millions according to the IBM reports. Therefore, it is important that health care authentication security moves toward adaptive multifactor authentication (AMFA) to replace the traditional approaches to authentication. We identified a lack of taxonomy for data models that particularly focus on IoHT data architecture to improve the feasibility of AMFA. This viewpoint focuses on identifying key cybersecurity challenges in a theoretical framework for a data model that summarizes the main components of IoHT data. The data are to be used in modalities that are suited for health care users in modern IoHT environments and in response to the COVID-19 pandemic. To establish the data taxonomy, a review of recent IoHT papers was conducted to discuss the related work in IoHT data management and use in next-generation authentication systems. Reports, journal articles, conferences, and white papers were reviewed for IoHT authentication data technologies in relation to the problem statement of remote authentication and user management systems. Only publications written in English from the last decade were included (2012-2022) to identify key issues within the current health care practices and their management of IoHT devices. We discuss the components of the IoHT architecture from the perspective of data management and sensitivity to ensure privacy for all users. The data model addresses the security requirements of IoHT users, environments, and devices toward the automation of AMFA in health care. We found that in health care authentication, the significant threats occurring were related to data breaches owing to weak security options and poor user configuration of IoHT devices. The security requirements of IoHT data architecture and identified impactful methods of cybersecurity for health care devices, data, and their respective attacks are discussed. Data taxonomy provides better understanding, solutions, and improvements of user authentication in remote working environments for security features.
Topics: Humans; Confidentiality; Telemedicine; Pandemics; COVID-19; Internet; Computer Security
PubMed: 37490633
DOI: 10.2196/44114 -
JMIR Human Factors Jul 2023Patient portals can facilitate patient engagement in care management. Driven by national efforts over the past decade, patient portals are being implemented by hospitals...
Adult Patients' Experiences of Using a Patient Portal With a Focus on Perceived Benefits and Difficulties, and Perceptions on Privacy and Security: Qualitative Descriptive Study.
BACKGROUND
Patient portals can facilitate patient engagement in care management. Driven by national efforts over the past decade, patient portals are being implemented by hospitals and clinics nationwide. Continuous evaluation of patient portals and reflection of feedback from end users across care settings are needed to make patient portals more user-centered after the implementation.
OBJECTIVE
The aim of this study was to investigate the lived experience of using a patient portal in adult patients recruited from a variety of care settings, focusing on their perceived benefits and difficulties of using the patient portal, and trust and concerns about privacy and security.
METHODS
This qualitative descriptive study was part of a cross-sectional digital survey research to examine the comprehensive experience of using a patient portal in adult patients recruited from 20 care settings from hospitals and clinics of a large integrated health care system in the mid-Atlantic area of the United States. Those who had used a patient portal offered by the health care system in the past 12 months were eligible to participate in the survey. Data collected from 734 patients were subjected to descriptive statistics and content analysis.
RESULTS
The majority of the participants were female and non-Hispanic White with a mean age of 53.1 (SD 15.34) years. Content analysis of 1589 qualitative comments identified 22 themes across 4 topics: beneficial aspects (6 themes) and difficulties (7 themes) in using the patient portal; trust (5 themes) and concerns (4 themes) about privacy and security of the patient portal. Most of the participants perceived the patient portal functions as beneficial for communicating with health care teams and monitoring health status and care activities. At the same time, about a quarter of them shared difficulties they experienced while using those functions, including not getting eMessage responses timely and difficulty finding information in the portal. Protected log-in process and trust in health care providers were the most mentioned reasons for trusting privacy and security of the patient portal. The most mentioned reason for concerns about privacy and security was the risk of data breaches such as hacking attacks and identity theft.
CONCLUSIONS
This study provides an empirical understanding of the lived experience of using a patient portal in adult patient users across care settings with a focus on the beneficial aspects and difficulties in using the patient portal, and trust and concerns about privacy and security. Our study findings can serve as a valuable reference for health care institutions and software companies to implement more user-centered, secure, and private patient portals. Future studies may consider targeting other patient portal programs and patients with infrequent or nonuse of patient portals.
PubMed: 37490316
DOI: 10.2196/46044 -
International Journal of Medical... Sep 2023Widespread electronic health information exchange (HIE) across hospitals remains an important policy goal for reducing costs and improving the quality of care....
OBJECTIVE
Widespread electronic health information exchange (HIE) across hospitals remains an important policy goal for reducing costs and improving the quality of care. Meanwhile, cybersecurity incidents are a growing threat to hospitals. The relationship between the electronic sharing of health information and cybersecurity incidents is not well understood. The objective of this study was to empirically examine the impact of hospitals' HIE engagement on their data breach risk.
MATERIALS AND METHODS
A balanced panel dataset included 4,936 US community hospitals spanning the period 2010-2017, which was assembled by linking the American Hospital Association annual survey database and the Information Technology (IT) supplement, and the Department of Health and Human Services reports of health data breaches. The relationship between HIE engagement and hospital data breaches was modeled using a difference-in-differences specification controlling for time-varying hospital characteristics.
RESULTS
The percentage of hospitals electronically exchanging information has more than tripled (from 18% to 68%) from 2010 to 2017. Hospital data breaches increased concurrently, largely due to the rise in hacking and unauthorized access. HIE engagement was associated with a 0.672 percentage point increase in the probability of an IT breach three years after the engagement. Hospitals actively engaging in a health information organization and exchanging data with outside providers were associated with a higher risk of IT related breaches in the long run; however, hospitals actively engaging in HIE and exchanging data with inside providers were not associated with any significant risk of IT related breaches.
DISCUSSION
Over time, the increasing amount and complexity of patient information being exchanged can create challenges for cybersecurity if data protection is not up to date. Additionally, data security depends on the weakest link of HIE, and providers with fewer resources for data governance and infrastructure are more vulnerable to data breaches.
CONCLUSION
Moving toward widespread health information exchange has important cybersecurity implications that can significantly impact both patients and healthcare organizations.
Topics: United States; Humans; Health Information Exchange; Hospitals; Computer Security; Information Technology; Electronic Health Records
PubMed: 37453177
DOI: 10.1016/j.ijmedinf.2023.105149 -
Neurologic Clinics Aug 2023Advances in electronic health record technology, the ever-expanding use of social media, and cybersecurity sabotage threaten patient privacy and render physicians and... (Review)
Review
Advances in electronic health record technology, the ever-expanding use of social media, and cybersecurity sabotage threaten patient privacy and render physicians and health care organizations liable for violating federal and state laws. Violating a patient's privacy is both an ethical and legal breach with potentially serious legal and reputational consequences. Even an unintentional Health Insurance Portability and Accountability Act of 1996 (HIPAA) violation can result in financial penalties and reputational harm. Staying complaint with HIPAA requires vigilance on the part of both individuals with legitimate access to protected health information (PHI) and the organizations handling that PHI.
Topics: United States; Humans; Health Insurance Portability and Accountability Act; Privacy; Social Media; Confidentiality
PubMed: 37407103
DOI: 10.1016/j.ncl.2023.03.007 -
Indian Journal of Medical Ethics 2023Mobile phone-based interventions are being increasingly used in community health work in India. The extensive use of mobile phones in community health work is associated... (Review)
Review
BACKGROUND
Mobile phone-based interventions are being increasingly used in community health work in India. The extensive use of mobile phones in community health work is associated with several ethical issues. This review was conducted to identify the ethical issues related to mHealth applications in community health work in India.
METHODS
We performed a scoping review of literature in PubMed and Google Scholar using a search strategy that we developed. We included studies that mentioned ethical issues in mHealth applications that involved community health work and community health workers in India, published in peer reviewed English language journals between 2011 and 2021. All three authors screened the articles, shortlisted them, read them, and extracted the data. We then synthesised the data into a conceptual framework.
RESULTS
Our search yielded 1125 papers, from which we screened and shortlisted 121, after reading which we included 58 in the final scoping review. The main ethical issues identified from review of these papers included benefits of mHealth applications such as improved quality of care, increased awareness about health and illness, increased accountability of the health system, accurate data capture and timely data driven decision making. The risks of mHealth applications identified were impersonal communication of community health worker, increased workload, potential breach in privacy, confidentiality, and stigmatisation. The inherent inequities in access to mobile phones in the community due to gender and class led to exclusion of women and the poor from the benefits of mHealth interventions. Though mHealth interventions increased access to healthcare by taking healthcare to remote areas through tele-health, unless we contextualise mHealth to local rural settings through community engagement, it is likely to remain inequitable.
CONCLUSION
This scoping review revealed that there is a lack of well conducted empirical studies which explore the ethical issues related to mHealth applications in community health work.
Topics: Humans; Female; Public Health; Delivery of Health Care; Cell Phone; Telemedicine; India; Mobile Applications
PubMed: 37310008
DOI: 10.20529/IJME.2023.037 -
Plastic and Reconstructive Surgery Jul 2024Plastic surgery offices are subject to a wide variety of cybersecurity threats, including ransomware attacks that encrypt the plastic surgeon's information and make it...
Plastic surgery offices are subject to a wide variety of cybersecurity threats, including ransomware attacks that encrypt the plastic surgeon's information and make it unusable, as well as data theft and disclosure attacks that threaten to disclose confidential patient information. Cloud-based office systems increase the attack surface and do not mitigate the effects of breaches that can result in theft of credentials. Although employee education is often recommended to avoid the threats, a single error by a single employee has often led to security breaches, and it is unreasonable to expect that no employee will ever make an error. Recognition of the 2 most common vectors of these breaches-compromised email attachments and surfing to compromised websites-allows the use of technical networking tools to prevent both email attachments from being received and employee use of unsanctioned and potentially compromised websites. Furthermore, once compromised code has been allowed to run within the office network, that code must necessarily make outbound connections to exploit the breach. Preventing that outbound traffic can mitigate the effects of a breach. However, most small office network consultants design firewalls to only limit incoming network traffic and fail to implement technical measures to stop the unauthorized outbound traffic that is necessary for most network attacks. The authors provide detailed techniques that can be used to direct information technology consultants to properly limit outbound network traffic as well as incoming email attachments.
Topics: Computer Security; Humans; Confidentiality; Surgery, Plastic; Electronic Mail
PubMed: 37220229
DOI: 10.1097/PRS.0000000000010740 -
Surgical Endoscopy Aug 2023Laparoscopic videos are increasingly being used for surgical artificial intelligence (AI) and big data analysis. The purpose of this study was to ensure data privacy in...
BACKGROUND
Laparoscopic videos are increasingly being used for surgical artificial intelligence (AI) and big data analysis. The purpose of this study was to ensure data privacy in video recordings of laparoscopic surgery by censoring extraabdominal parts. An inside-outside-discrimination algorithm (IODA) was developed to ensure privacy protection while maximizing the remaining video data.
METHODS
IODAs neural network architecture was based on a pretrained AlexNet augmented with a long-short-term-memory. The data set for algorithm training and testing contained a total of 100 laparoscopic surgery videos of 23 different operations with a total video length of 207 h (124 min ± 100 min per video) resulting in 18,507,217 frames (185,965 ± 149,718 frames per video). Each video frame was tagged either as abdominal cavity, trocar, operation site, outside for cleaning, or translucent trocar. For algorithm testing, a stratified fivefold cross-validation was used.
RESULTS
The distribution of annotated classes were abdominal cavity 81.39%, trocar 1.39%, outside operation site 16.07%, outside for cleaning 1.08%, and translucent trocar 0.07%. Algorithm training on binary or all five classes showed similar excellent results for classifying outside frames with a mean F1-score of 0.96 ± 0.01 and 0.97 ± 0.01, sensitivity of 0.97 ± 0.02 and 0.0.97 ± 0.01, and a false positive rate of 0.99 ± 0.01 and 0.99 ± 0.01, respectively.
CONCLUSION
IODA is able to discriminate between inside and outside with a high certainty. In particular, only a few outside frames are misclassified as inside and therefore at risk for privacy breach. The anonymized videos can be used for multi-centric development of surgical AI, quality management or educational purposes. In contrast to expensive commercial solutions, IODA is made open source and can be improved by the scientific community.
Topics: Humans; Artificial Intelligence; Privacy; Laparoscopy; Algorithms; Neural Networks, Computer; Video Recording
PubMed: 37145173
DOI: 10.1007/s00464-023-10078-x -
Current Opinion in Pediatrics Aug 2023To better understand confidentiality issues that arise from adolescent access to patient portals. (Review)
Review
PURPOSE OF REVIEW
To better understand confidentiality issues that arise from adolescent access to patient portals.
RECENT FINDINGS
Studies have evaluated the views of teens, parents, providers, and institutional leadership on adolescent patient portals and the risks they pose to adolescent privacy. Additional investigations have shown that teen portal accounts are often inappropriately accessed by parents. Guidelines are needed to better inform the creation of secure teen patient portals. Adolescent providers and other medical staff should be aware of the information available on portals, how to ensure portals are being accessed appropriately, and the potential for confidentiality breaches that come with portal use. Medical organizations that offer portal access need to provide resources to adolescents and their families to improve understanding around the importance of confidential care and how to maintain confidentiality while still engaging meaningfully with the healthcare system through patient portals.
SUMMARY
Adolescents realize the benefits portals may offer regarding improved understanding of their health conditions, communication with their providers, and autonomy in their healthcare decisions. However, confidentiality of patient portals is a major concern and a potential barrier to adolescent portal utilization. Adolescent providers should be aware of the limitations of portal systems and advocate for improved confidentiality functionality to ensure teens can access the benefits of patient portals without any harm.
Topics: Adolescent Health Services; Humans; Adolescent; Patient Portals; Confidentiality; Electronic Health Records; Parents; Legal Guardians; Information Dissemination
PubMed: 37036289
DOI: 10.1097/MOP.0000000000001252