Project description:ImportancePatient portals can help caregivers better manage care for patients, but how caregivers access the patient portal could threaten patient security and privacy.ObjectiveTo identify the proportions of hospitals that provide proxy accounts to caregivers of adult patients, endorse password sharing with caregivers, and enable patients to restrict the types of information seen by their caregivers.Design, setting, and participantsThis national cross-sectional study included a telephone survey and was conducted from May 21, 2018, to December 20, 2018. The randomly selected sample comprised 1 independent hospital and 1 health system-affiliated general medical hospital from every US state and the District of Columbia. Specialty hospitals and those that did not have a patient portal in place were excluded. An interviewer posing as the daughter of an older adult patient called each hospital to ask about the hospital's patient portal practices. The interviewer used a structured questionnaire to obtain information on proxy account availability, password sharing, and patient control of their own information.Main outcomes and measuresThe primary outcome was the proportion of hospitals that provided proxy accounts to caregivers of adult patients. Secondary outcomes were the proportion of hospitals with personnel who endorsed password sharing and the proportion that allowed adult patients to limit the types of information available to caregivers.ResultsAfter exclusions, a total of 102 (51 health system-affiliated and 51 independent) hospitals were included in the study. Of these hospitals, 69 (68%) provided proxy accounts to caregivers of adult patients and 26 (25%) did not. In 7 of 102 hospitals (7%), the surveyed personnel did not know if proxy accounts were available. In the 94 hospitals asked about password sharing between the patient and caregiver, personnel in 42 hospitals (45%) endorsed the practice. Among hospitals that provided proxy accounts, only 13 of the 69 hospitals (19%) offered controls that enabled patients to restrict the types of information their proxies could see.Conclusions and relevanceThis study found that almost half of surveyed hospital personnel recommended password sharing and that few hospitals enabled patients to limit the types of information seen by those with proxy access. These findings suggest that hospitals and electronic health record (HER) vendors need to improve the availability and setup process of proxy accounts in a way that allows caregivers to care for patients without violating their privacy.

Project description:The objective of this systematic review was to systematically review papers in the United States that examine current practices in privacy and security when telehealth technologies are used by healthcare providers. A literature search was conducted using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses Protocols (PRISMA-P). PubMed, CINAHL and INSPEC from 2003 - 2016 were searched and returned 25,404 papers (after duplications were removed). Inclusion and exclusion criteria were strictly followed to examine title, abstract, and full text for 21 published papers which reported on privacy and security practices used by healthcare providers using telehealth. Data on confidentiality, integrity, privacy, informed consent, access control, availability, retention, encryption, and authentication were all searched and retrieved from the papers examined. Papers were selected by two independent reviewers, first per inclusion/exclusion criteria and, where there was disagreement, a third reviewer was consulted. The percentage of agreement and Cohen's kappa was 99.04% and 0.7331 respectively. The papers reviewed ranged from 2004 to 2016 and included several types of telehealth specialties. Sixty-seven percent were policy type studies, and 14 percent were survey/interview studies. There were no randomized controlled trials. Based upon the results, we conclude that it is necessary to have more studies with specific information about the use of privacy and security practices when using telehealth technologies as well as studies that examine patient and provider preferences on how data is kept private and secure during and after telehealth sessions.

Project description:BackgroundApplication of Artificial Intelligence (AI) and the use of agent-based systems in the healthcare system have attracted various researchers to improve the efficiency and utility in the Electronic Health Records (EHR). Nowadays, one of the most important and creative developments is the integration of AI and Blockchain that is, Distributed Ledger Technology (DLT) to enable better and decentralized governance. Privacy and security is a critical piece in EHR implementation and/or adoption. Health records are updated every time a patient visits a doctor as they contain important information about the health and wellbeing of the patient and describes the history of care received during the past and to date. Therefore, such records are critical to research, hospitals, emergency rooms, healthcare laboratories, and even health insurance providers.MethodsIn this article, a platform employing the AI and the use of multi-agent based systems along with the DLT technology for privacy preservation is proposed. The emphasis of security and privacy is highlighted during the process of collecting, managing and distributing EHR data.ResultsThis article aims to ensure privacy, integrity and security metrics of the electronic health records are met when such copies are not only immutable but also distributed. The findings of this work will help guide the development of further techniques using the combination of AI and multi-agent based systems backed by DLT technology for secure and effective handling EHR data. This proposed architecture uses various AI-based intelligent based agents and blockchain for providing privacy and security in EHR. Future enhancement in this work can be the addition of the biometric based systems for improved security.

Project description:In recent times, security and privacy at the physical (PHY) layer has been a major issue of several communication technologies which comprise the internet of things (IoT) and mostly, the emerging fifth-generation (5G) cellular network. The most real-world PHY security challenge stems from the fact that the passive eavesdropper's information is unavailable to the genuine source and destination (transmitter/receiver) nodes in the network. Without this information, it is difficult to optimize the broadcasting parameters. Therefore, in this research, we propose an efficient sequential convex estimation optimization (SCEO) algorithm to mitigate this challenge and improve the security of physical layer (PHY) in a three-node wireless communication network. The results of our experiments indicate that by using the SCEO algorithm, an optimal performance and enhanced convergence is achieved in the transmission. However, considering possible security challenges envisaged when a multiple eavesdropper is active in a network, we expanded our research to develop a swift privacy rate optimization algorithm for a multiple-input, multiple-output, multiple-eavesdropper (MIMOME) scenario as it is applicable to security in IoT and 5G technologies. The result of the investigation show that the algorithm executes significantly with minimal complexity when compared with nonoptimal parameters. We further employed the use of rate constraint together with self-interference of the full-duplex transmission at the receiving node, which makes the performance of our technique outstanding when compared with previous studies.

Project description:Enforcement of the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) has gotten stricter and penalties have become more severe in response to a significant increase in computer-related information breaches in recent years. With health information said to be worth twice as much as other forms of information on the underground market, making preservation of privacy and security an integral part of health technology development, rather than an afterthought, not only mitigates risks but also helps to ensure HIPAA and HITECH compliance. This paper provides a guide, based on the Office for Civil Rights (OCR) audit protocol, for creating and maintaining an audit checklist for multi-user health kiosks. Implementation of selected audit elements for a multi-user health kiosk designed for use by community-residing older adults illustrates how the guide can be applied.

Project description:Dairy farm systems have intensified to meet growing demands for animal products, but public opposition to this intensification has also grown due, in part, to concerns about animal welfare. One approach to addressing challenges in agricultural systems has been through the addition of new technologies, including genetic modification. Previous studies have reported some public resistance towards the use of these technologies in agriculture, but this research has assessed public attitudes toward individual practices and technologies and few studies have examined a range of practices on dairy farms. In the present study, we presented participants with four scenarios describing dairy practices (cow-calf separation, the fate of excess dairy calves, pasture access and disbudding). Citizens from Canada and the United States (n = 650) indicated their support (on a 7-point scale) toward five approaches (maintaining standard farm practice, using a naturalistic approach, using a technological approach, or switching to plant-based or yeast-based milk production) aimed at addressing the welfare issues associated with the four dairy practices. Respondents also provided a text-based rationale for their responses and answered a series of demographic questions including age, gender, and diet. Participant diet affected attitudes toward milk alternatives, with vegetarians and vegans showing more support for the plant-based and yeast-based milk production. Regardless of diet, most participants opposed genetic modification technologies and supported more naturalistic practices. Qualitative responses provided insight into participants' values and concerns, and illustrated a variety of perceived benefits and concerns related to the options presented. Common themes included animal welfare, ethics of animal use, and opposition toward technology. We conclude that Canadian and US citizens consider multiple aspects of farm systems when contemplating animal welfare concerns, and tend to favor naturalistic approaches over technological solutions, especially when the latter are based on genetic modification.

Project description:Genotype imputation is the inference of unknown genotypes using known population structure observed in large genomic datasets; it can further our understanding of phenotype-genotype relationships and is useful for QTL mapping and GWASs. However, the compute-intensive nature of genotype imputation can overwhelm local servers for computation and storage. Hence, many researchers are moving toward using cloud services, raising privacy concerns. We address these concerns by developing an efficient, privacy-preserving algorithm called p-Impute. Our method uses homomorphic encryption, allowing calculations on ciphertext, thereby avoiding the decryption of private genotypes in the cloud. It is similar to k-nearest neighbor approaches, inferring missing genotypes in a genomic block based on the SNP genotypes of genetically related individuals in the same block. Our results demonstrate accuracy in agreement with the state-of-the-art plaintext solutions. Moreover, p-Impute is scalable to real-world applications as its memory and time requirements increase linearly with the increasing number of samples. p-Impute is freely available for download here: https://doi.org/10.5281/zenodo.5542001.

Project description:The Internet of Things (IoT) is a widely hyped concept, with its focus on the connection of smart devices to the Internet rather than on people. IoT for consumers is often called the smart home market, and a large part of that market consists of home security devices. Consumers are often motivated to purchase smart home security devices to prevent burglaries, which they fear may lead to damage to their property or threats to their families. However, they also understand that IoT home security devices may be a threat to the privacy of their personal information. To determine the relative roles of fear and privacy concerns in the decision to purchase IoT home security devices, we conducted a survey of American consumers. We used the Theory of Reasoned Action as the theoretical basis for the study. We found that fear positively affected consumer attitudes toward purchasing smart home security devices, while concerns about privacy negatively affected attitudes. We found that attitudes toward purchase, the opinions of important others, and experience with burglaries all affected intent to purchase. We also found that the relationship between privacy concerns and intent to purchase is completely mediated by attitudes, while fear has both direct and indirect effects on intent.

Project description:Survey participants' mouse movements provide a rich, unobtrusive source of paradata, offering insight into the response process beyond the observed answers. However, the use of mouse tracking may require participants' explicit consent for their movements to be recorded and analyzed. Thus, the question arises of how its presence affects the willingness of participants to take part in a survey at all-if prospective respondents are reluctant to complete a survey if additional measures are recorded, collecting paradata may do more harm than good. Previous research has found that other paradata collection modes reduce the willingness to participate, and that this decrease may be influenced by the specific motivation provided to participants for collecting the data. However, the effects of mouse movement collection on survey consent and participation have not been addressed so far. In a vignette experiment, we show that reported willingness to participate in a survey decreased when mouse tracking was part of the overall consent. However, a larger proportion of the sample indicated willingness to both take part and provide mouse-tracking data when these decisions were combined, compared to an independent opt-in to paradata collection, separated from the decision to complete the study. This suggests that survey practitioners may face a trade-off between maximizing their overall participation rate and maximizing the number of participants who also provide mouse-tracking data. Explaining motivations for paradata collection did not have a positive effect and, in some cases, even reduced participants' reported willingness to take part in the survey.

Project description:BackgroundAlong with the proliferation of health information technologies (HITs), there is a growing need to understand the potential privacy risks associated with using such tools. Although privacy policies are designed to inform consumers, such policies have consistently been found to be confusing and lack transparency.ObjectiveThis study aims to present consumer preferences for accessing privacy information; develop and apply a privacy policy risk assessment tool to assess whether existing HITs meet the recommended privacy policy standards; and propose guidelines to assist health professionals and service providers with understanding the privacy risks associated with HITs, so that they can confidently promote their safe use as a part of care.MethodsIn phase 1, participatory design workshops were conducted with young people who were attending a participating headspace center, their supportive others, and health professionals and service providers from the centers. The findings were knowledge translated to determine participant preferences for the presentation and availability of privacy information and the functionality required to support its delivery. Phase 2 included the development of the 23-item privacy policy risk assessment tool, which incorporated material from international privacy literature and standards. This tool was then used to assess the privacy policies of 34 apps and e-tools. In phase 3, privacy guidelines, which were derived from learnings from a collaborative consultation process with key stakeholders, were developed to assist health professionals and service providers with understanding the privacy risks associated with incorporating HITs as a part of clinical care.ResultsWhen considering the use of HITs, the participatory design workshop participants indicated that they wanted privacy information to be easily accessible, transparent, and user-friendly to enable them to clearly understand what personal and health information will be collected and how these data will be shared and stored. The privacy policy review revealed consistently poor readability and transparency, which limited the utility of these documents as a source of information. Therefore, to enable informed consent, the privacy guidelines provided ensure that health professionals and consumers are fully aware of the potential for privacy risks in using HITs to support health and well-being.ConclusionsA lack of transparency in privacy policies has the potential to undermine consumers' ability to trust that the necessary measures are in place to secure and protect the privacy of their personal and health information, thus precluding their willingness to engage with HITs. The application of the privacy guidelines will improve the confidence of health professionals and service providers in the privacy of consumer data, thus enabling them to recommend HITs to provide or support care.