To see the other types of publications on this topic, follow the link: Computer security Medical records Data protection.
Journal articles on the topic 'Computer security Medical records Data protection'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Computer security Medical records Data protection.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Carrillo, Eduardo, and Maricarmen Sequera. "PERSONAL DATA IN THE SOCIAL SECURITY INSTITUTE." Law, State and Telecommunications Review 12, no. 2 (October 13, 2020): 14–37. http://dx.doi.org/10.26512/lstr.v12i2.34689.
Full textAbstract:
Purpose ”“ The research aims to observe and describe the legal framework and implementation practices of personal databases management in the Social Security Institute (IPS), the most important public social insurance system in Paraguay.
Methodology ”“ The research is exploratory, consisting on both substantive and procedural law analysis of health information storage regulations and its compliance. Also, interview to private companies, the public sector and one qualified worker insured by IPS are conducted to better understand collection, storage and maintenance of health records databases.
Findings ”“ Research indicates evidence that biometric data storage of insurers does not have adequate regulation for its protection. It also shows evidence that private companies don’t deliver by default medical records to workers, as well as potential access to these records by administrative personal. Evidence also signals that clinics performing medical examinations request more sensitive information than required by law. Research limitations It is identified that a broader private company sample could be of use to better understand workers health record collection. Also, third party auditing IPS IT systems could be of use to further understand information management practices and vulnerabilities.
Practical Implications ”“ A series of discretional practices are identified, signaling regulatory standardization urgency for all actors. A comprehensive Protection of Personal Data Act is needed.
Originality ”“ No comprehensive research targeting the IPS system and its health personal data management processes is identified. The research is considered an initial contribution to the state of the art on the subject and specially to biometric collection and storage.
2
Wang, Baocheng, and Zetao Li. "Healthchain: A Privacy Protection System for Medical Data Based on Blockchain." Future Internet 13, no. 10 (September 24, 2021): 247. http://dx.doi.org/10.3390/fi13100247.
Full textAbstract:
Recently, with the great development of e-health, more and more countries have made certain achievements in the field of electronic medical treatment. The digitization of medical equipment and the structuralization of electronic medical records are the general trends. While bringing convenience to people, the explosive growth of medical data will further promote the value of mining medical data. Obviously, finding out how to safely store such a large amount of data is a problem that urgently needs to be solved. Additionally, the particularity of medical data makes it necessarily subject to great privacy protection needs. This reinforces the importance of designing a safe solution to ensure data privacy. Many existing schemes are based on single-server architecture, which have some natural defects (such as single-point faults). Although blockchain can help solve such problems, there are still some deficiencies in privacy protection. To solve these problems, this paper designs a medical data privacy protection system, which integrates blockchain, group signature, and asymmetric encryption to realize reliable medical data sharing between medical institutions and protect the data privacy of patients. This paper proves theoretically that it meets our security and privacy requirements, and proves its practicability through system implementation.
3
Mbonihankuye, Scholas, Athanase Nkunzimana, and Ange Ndagijimana. "Healthcare Data Security Technology: HIPAA Compliance." Wireless Communications and Mobile Computing 2019 (October 17, 2019): 1–7. http://dx.doi.org/10.1155/2019/1927495.
Full textAbstract:
Information technology (IT) plays an increasingly important and prominent role in the health sector. Data security is more important than ever to the healthcare industry and in world in general. The number of data breaches compromising confidential healthcare data is on the rise. For data security, cloud computing is very useful for securing data. Due to data storage issue, there is a need to use the electronic communication, and a number of methods have been developed for data security technology. Health Insurance Portability and Accountability Act (HIPAA) is one of the methods that can help in healthcare research. On stored database of patient in hospital or clinic, we can develop a conservational and analytical method so as to keep the medical records of the patients in a well-preserved and adequate environment. The method includes the improvement of working possibilities by delivering all the details necessary for the patient. All the information must be identified clearly. The protection of the privacy of the patients and the security of their information are the most imperative obstacles to obtain their intakes when considering the adoption of useful health data in the electronic field of healthcare industries.
4
Zhao, Yongbin, Meng Cui, Lijuan Zheng, Rui Zhang, Lili Meng, Dong Gao, and Yu Zhang. "Research on electronic medical record access control based on blockchain." International Journal of Distributed Sensor Networks 15, no. 11 (November 2019): 155014771988933. http://dx.doi.org/10.1177/1550147719889330.
Full textAbstract:
For the medical industry, there are problems such as poor sharing of medical data, tampering, and leakage of private data. In view of these problems, a blockchain-based electronic medical record access control research scheme based on the role-based access control model is proposed in this article. First, the appropriate access control strategy is adopted to solve the leakage problem of the user’s medical privacy information during the access process. Then, the information entropy technology is used to quantify the medical data, so that the medical data can be effectively and maximally utilized. Using the distributed general ledger characteristics of blockchain and its inherent security attributes, data islands can be eliminated, data sharing among medical systems can be promoted, access records can be prevented from being tampered with, and medical research and precise medical treatment can be better supported. Through this research, not only can user’s medical privacy information protection be realized during the service process but also patients can manage their own medical data autonomously, which is beneficial to privacy protection under the medical data sharing.
5
Shi, Mingyue, Rong Jiang, Wei Zhou, Sen Liu, and Savio Sciancalepore. "A Privacy Risk Assessment Model for Medical Big Data Based on Adaptive Neuro-Fuzzy Theory." Security and Communication Networks 2020 (September 29, 2020): 1–18. http://dx.doi.org/10.1155/2020/5610839.
Full textAbstract:
Information leakage in the medical industry has become an urgent problem to be solved in the field of Internet security. However, due to the need for automated or semiautomated authorization management for privacy protection in the big data environment, the traditional privacy protection model cannot adapt to this complex open environment. Although some scholars have studied the risk assessment model of privacy disclosure in the medical big data environment, it is still in the initial stage of exploration. This paper analyzes the key indicators that affect medical big data security and privacy leakage, including user access behavior and trust, from the perspective of users through literature review and expert consultation. Also, based on the user’s historical access information and interaction records, the user’s access behavior and trust are quantified with the help of information entropy and probability, and a definition expression is given explicitly. Finally, the entire experimental process and specific operations are introduced in three aspects: the experimental environment, the experimental data, and the experimental process, and then, the predicted results of the model are compared with the actual output through the 10-fold cross verification with Matlab. The results prove that the model in this paper is feasible. In addition, the method in this paper is compared with the current more classical medical big data risk assessment model, and the results show that when the proportion of illegal users is less than 15%, the model in this paper is more superior in terms of accuracy and recall.
6
Chen, Yingwen, Linghang Meng, Huan Zhou, and Guangtao Xue. "A Blockchain-Based Medical Data Sharing Mechanism with Attribute-Based Access Control and Privacy Protection." Wireless Communications and Mobile Computing 2021 (June 29, 2021): 1–12. http://dx.doi.org/10.1155/2021/6685762.
Full textAbstract:
The rapid development of wearable sensors and the 5G network empowers traditional medical treatment with the ability to collect patients’ information remotely for monitoring and diagnosing purposes. Meanwhile, the health-related mobile apps and devices also generate a large amount of medical data, which is critical for promoting disease research and diagnosis. However, medical data is too sensitive to share, which is also a common issue for IoT (Internet of Things) data. The traditional centralized cloud-based medical data sharing schemes have to rely on a single trusted third party. Therefore, the schemes suffer from single-point failure and lack of privacy protection and access control for the data. Blockchain is an emerging technique to provide an approach for managing data in a decentralized manner. Especially, the blockchain-based smart contract technique enables the programmability for participants to access the data. All the interactions are authenticated and recorded by the other participants of the blockchain network, which is tamper resistant. In this paper, we leverage the K-anonymity and searchable encryption techniques and propose a blockchain-based privacy-preserving scheme for medical data sharing among medical institutions and data users. To be specific, the consortium blockchain, Hyperledger Fabric, is adopted to allow data users to search for encrypted medical data records. The smart contract, i.e., the chaincode, implements the attribute-based access control mechanisms to guarantee that the data can only be accessed by the user with proper attributes. The K-anonymity and searchable encryption ensure that the medical data is shared without privacy leaking, i.e., figuring out an individual patient from queries. We implement a prototype system using the chaincode of Hyperledger Fabric. From the functional perspective, security analysis shows that the proposed scheme satisfies security goals and precedes others. From the performance perspective, we conduct experiments by simulating different numbers of medical institutions. The experimental results demonstrate that the scalability and performance of our scheme are practical.
7
Wu, Jimmy Ming-Tai, Gautam Srivastava, Jerry Chun-Wei Lin, and Qian Teng. "A Multi-Threshold Ant Colony System-based Sanitization Model in Shared Medical Environments." ACM Transactions on Internet Technology 21, no. 2 (June 2021): 1–26. http://dx.doi.org/10.1145/3408296.
Full textAbstract:
During the past several years, revealing some useful knowledge or protecting individual’s private information in an identifiable health dataset (i.e., within an Electronic Health Record) has become a tradeoff issue. Especially in this era of a global pandemic, security and privacy are often overlooked in lieu of usability. Privacy preserving data mining (PPDM) is definitely going to be have an important role to resolve this problem. Nevertheless, the scenario of mining information in an identifiable health dataset holds high complexity compared to traditional PPDM problems. Leaking individual private information in an identifiable health dataset has becomes a serious legal issue. In this article, the proposed Ant Colony System to Data Mining algorithm takes the multi-threshold constraint to secure and sanitize patents’ records in different lengths, which is applicable in a real medical situation. The experimental results show the proposed algorithm not only has the ability to hide all sensitive information but also to keep useful knowledge for mining usage in the sanitized database.
8
Quantin, Catherine, François-André Allaert, Paul Avillach, Maniane Fassa, Benoît Riandey, Gilles Trouessin, and Olivier Cohen. "Building Application-Related Patient Identifiers: What Solution for a European Country?" International Journal of Telemedicine and Applications 2008 (2008): 1–5. http://dx.doi.org/10.1155/2008/678302.
Full textAbstract:
We propose a method utilizing a derived social security number with the same reliability as the social security number. We show the anonymity techniques classically based on unidirectional hash functions (such as the secure hash algorithm (SHA-2) function that can guarantee the security, quality, and reliability of information if these techniques are applied to the Social Security Number). Hashing produces a strictly anonymous code that is always the same for a given individual, and thus enables patient data to be linked. Different solutions are developed and proposed in this article. Hashing the social security number will make it possible to link the information in the personal medical file to other national health information sources with the aim of completing or validating the personal medical record or conducting epidemiological and clinical research. This data linkage would meet the anonymous data requirements of the European directive on data protection.
9
Anciaux, Nicolas, Morgane Berthelot, Laurent Braconnier, Luc Bouganim, Martine De la Blache, Georges Gardarin, Philippe Kesmarszky, et al. "A Tamper-Resistant and Portable Healthcare Folder." International Journal of Telemedicine and Applications 2008 (2008): 1–9. http://dx.doi.org/10.1155/2008/763534.
Full textAbstract:
Electronic health record (EHR) projects have been launched in most developed countries to increase the quality of healthcare while decreasing its cost. The benefits provided by centralizing the healthcare information in database systems are unquestionable in terms of information quality, availability, and protection against failure. Yet, patients are reluctant to give to a distant server the control over highly sensitive data (e.g., data revealing a severe or shameful disease). This paper capitalizes on a new hardware portable device, associating the security of a smart card to the storage capacity of a USB key, to give back to the patient the control over his medical data. This paper shows how this device can complement a traditional EHR server to (1) protect and share highly sensitive data among trusted parties and (2) provide a seamless access to the data even in disconnected mode. The proposed architecture is experimented in the context of a medicosocial network providing medical care and social services at home for elderly people.
10
Martín del Rey, A., J. L. Hernández Pastora, and G. Rodríguez Sánchez. "3D medical data security protection." Expert Systems with Applications 54 (July 2016): 379–86. http://dx.doi.org/10.1016/j.eswa.2016.02.001.
Full text
11
Jorwekar, Harshal. "Medical Records Management with Decentralized Framework." International Journal for Research in Applied Science and Engineering Technology 9, no. VII (July 10, 2021): 193–200. http://dx.doi.org/10.22214/ijraset.2021.35703.
Full textAbstract:
The mystery between the emotional improvement of medical information protection interest and long periods of administrative guideline has eased back advancement for electronic medical records (EMRs). In this paper, we propose a efficient, secure and decentralized Blockchain system for data privacy preserving and sharing. This manages confidentiality, authentication, data preserving and data sharing when handling sensitive information. We exploit consortium Blockchain and smart contracts to accomplish secure information storage and sharing, which forestalls information sharing without consent. The patient’s historical data, medical record, patient’s private information is very critical and needs to be stored and maintained securely. The proposed framework builds information security and eliminates the cost, time, and assets needed to deal with the medical care information records.
12
Yang, Che-Ming, Herng-Ching Lin, Polun Chang, and Wen-Shan Jian. "Taiwan's perspective on electronic medical records’ security and privacy protection: Lessons learned from HIPAA." Computer Methods and Programs in Biomedicine 82, no. 3 (June 2006): 277–82. http://dx.doi.org/10.1016/j.cmpb.2006.04.002.
Full text
13
Stanberry, Ben. "The legal and ethical aspects of telemedicine. 2: Data protection, security and European law." Journal of Telemedicine and Telecare 4, no. 1 (March 1, 1998): 18–24. http://dx.doi.org/10.1258/1357633981931236.
Full textAbstract:
The electronic record may be subject to abuses that can be carried out on a large scale and cause great damage. A wide range of data protection and information security measures will need to be taken to ensure the quality and integrity of such records. A European Union directive was formally adopted in 1995 which sets the obligations of those responsible for data processing as well as a number of important rights for individuals. The responsible teleconsultant or medical officer, as the data controller, must make sure these measures are enforced. In the case of the transmission of medical records to another location, the original data controller may remain liable for abuses. But as different elements of the records are spread throughout the different departments of a hospital or across different geographical locations, it may become difficult to ascertain who is responsible for protecting and controlling what. To this end, the designation of liability by contractual means, between the hospitals and remote users of a telemedicine network, would be the clearest and most straightforward way of achieving uniformity and predictability in terms of the distribution of responsibility for data protection and security.
14
Martínez Monterrubio, Sergio Mauricio, Juan Frausto Solis, and Raúl Monroy Borja. "EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining." BioMed Research International 2015 (2015): 1–12. http://dx.doi.org/10.1155/2015/542016.
Full textAbstract:
The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.
15
Lambe, Gerard, Niall Linnane, Ian Callanan, and Marcus W. Butler. "Cleaning up the paper trail – our clinical notes in open view." International Journal of Health Care Quality Assurance 31, no. 3 (April 16, 2018): 228–36. http://dx.doi.org/10.1108/ijhcqa-09-2016-0126.
Full textAbstract:
Purpose Ireland’s physicians have a legal and an ethical duty to protect confidential patient information. Most healthcare records in Ireland remain paper based, so the purpose of this paper is to: assess the protection afforded to paper records; log highest risk records; note the variations that occurred during the working week; and observe the varying protection that occurred when staff, students and public members were present. Design/methodology/approach A customised audit tool was created using Sphinx software. Data were collected for three months. All wards included in the study were visited once during four discrete time periods across the working week. The medical records trolley’s location was noted and total unattended medical records, total unattended nursing records, total unattended patient lists and when nursing personnel, medical students, public and a ward secretary were visibly present were recorded. Findings During 84 occasions when the authors visited wards, unattended medical records were identified on 33 per cent of occasions, 49 per cent were found during weekend visiting hours and just 4 per cent were found during morning rounds. The unattended medical records belonged to patients admitted to a medical specialty in 73 per cent of cases and a surgical specialty in 27 per cent. Medical records were found unattended in the nurses’ station with much greater frequency when the ward secretary was off duty. Unattended nursing records were identified on 67 per cent of occasions the authors visited the ward and were most commonly found unattended in groups of six or more. Practical implications This study is a timely reminder that confidential patient information is at risk from inappropriate disclosure in the hospital. There are few context-specific standards for data protection to guide healthcare professionals, particularly paper records. Nursing records are left unattended with twice the frequency of medical records and are found unattended in greater numbers than medical records. Protection is strongest when ward secretaries are on duty. Over-reliance on vigilant ward secretaries could represent a threat to confidential patient information. Originality/value While other studies identified data protection as an issue, this study assesses how data security varies inside and outside conventional working hours. It provides a rationale and an impetus for specific changes across the whole working week. By identifying the on-duty ward secretary’s favourable effect on medical record security, it highlights the need for alternative arrangements when the ward secretary is off duty. Data were collected prospectively in real time, giving a more accurate healthcare record security snapshot in each data collection point.
16
Goreva, Natalya, Sushma Mishra, Peter Draus, George Bromall, and Don Caputo. "A Study Of The Security Of Electronic Medical Records Utilizing Six Knowledge Categories And Subjects Demographics." International Journal of Management & Information Systems (IJMIS) 20, no. 3 (June 30, 2016): 51–58. http://dx.doi.org/10.19030/ijmis.v20i3.9738.
Full textAbstract:
Healthcare employees with their motivation to comply with security policies play an extremely important role in protecting patients’ privacy. In this research we attempt to survey the attitude of healthcare employees towards security of Electronic Medical Records. We further review what factors impact their perception of the medical data security and determine how well they understand policies, procedures, organization structures, and other aspects related to EMR protection.
17
Li, Na. "Body Sensor Network Processing Mechanism for Micro-Data Security Publishing." Advanced Materials Research 1049-1050 (October 2014): 1536–39. http://dx.doi.org/10.4028/www.scientific.net/amr.1049-1050.1536.
Full textAbstract:
Individuals’ privacy protection when publishing data for research has recently put great attention on data mining and information resources sharing fields. Privacy preservation is an important and challenging problem in micro-data publishing. This paper aimed to find an available directly way protect patient privacy. Processing numeric values which got from body sensor network (BSN). Firstly, we analyze the characteristics of medical data which collected from BSN, and then the records will be grouped according to the Quasi-identifier. The last step is to inspect the diversity of sensitive attributes.
18
Zaz, Youssef, Lhoussain El Fadil, and Mohamed El Kayyali. "Securing EPR Data Using Cryptography and Image Watermarking." International Journal of Mobile Computing and Multimedia Communications 4, no. 2 (April 2012): 76–87. http://dx.doi.org/10.4018/jmcmc.2012040106.
Full textAbstract:
This paper demonstrates new methodology to improve security and avoid data overlapping between patients records which are defined as Electronic Patient Records (EPR), a combination of digital watermarking techniques and cryptography are used to ensure the non-separation of EPR and medical images during communications within open networks. The EPR data is encrypted, by a symmetric key algorithm based on an Elliptic Curve Cryptosystem (ECC), and inserted in liberated zone of the Least Significant Bit plan (LSB) of the medical image by compressing the original one using the Huffman coding. The proposed method improves security issues and reduces the computation cost related to data encryption and decryption.
19
Habib, Muhammad Asif, C. M. Nadeem Faisal, Shahzad Sarwar, Muhammad Ahsan Latif, Farhan Aadil, Mudassar Ahmad, Rehan Ashraf, and Muazzam Maqsood. "Privacy-based medical data protection against internal security threats in heterogeneous Internet of Medical Things." International Journal of Distributed Sensor Networks 15, no. 9 (September 2019): 155014771987565. http://dx.doi.org/10.1177/1550147719875653.
Full textAbstract:
Data and information security is considered to be an important and challenging task for any field of life. But it becomes more critical especially when it deals with the medical field due to life and health hazards. The ratio of internal security threats to external threats always remains high. A huge number of efforts and technical expertise are required in the case of attacking the system from the external environment. But it requires fewer efforts if a system is attacked internally by the stakeholders of the system. This article presents an access control model that secures the medical data of patients against internal cybersecurity threats. It allows only the legitimate users, that is, authorized patients and doctors to communicate despite the fact of physical boundaries. The proposed model implements authorization in combination with permissions and roles instead of roles only for medical staff. It removes the discrepancies in the existing access control models. The proposed model ensures communication among doctors and patients in a secure, private, and efficient manner. The model is demonstrated by using mathematical modeling along with implementation examples. The proposed model outperformed in comparison with state-of-the-art access control models.
20
Chen, Hsuan-Yu, Zhen-Yu Wu, Tzer-Long Chen, Yao-Min Huang, and Chia-Hui Liu. "Security Privacy and Policy for Cryptographic Based Electronic Medical Information System." Sensors 21, no. 3 (January 21, 2021): 713. http://dx.doi.org/10.3390/s21030713.
Full textAbstract:
With the development of the internet, applications have become complicated, and the relevant technology has diversified. Compared with medical applications, the significance of information technology has been expanding to include clinical auxiliary functions of medical information. This includes electronic medical records, electronic prescriptions, medical information systems, etc. Although research on the data processing structure and format of various related systems is becoming mature, the integration is insufficient. An integrated medical information system with security policy and privacy protection, which combines e-patient records, e-prescriptions, modified smart cards, and fingerprint identification systems, and applies proxy signature and group signature, is proposed in this study. This system effectively applies and saves medical resources—satisfying the mobility of medical records, presenting the function, and security of medicine collection, and avoiding medical conflicts and profiteering to further acquire the maximum effectiveness with the least resources. In this way, this medical information system may be developed into a comprehensive function that eliminates the transmission of manual documents and maintains the safety of patient medical information. It can improve the quality of medical care and indispensable infrastructure for medical management.
21
Huang, Liang, and Hyung-Hyo Lee. "A Medical Data Privacy Protection Scheme Based on Blockchain and Cloud Computing." Wireless Communications and Mobile Computing 2020 (September 26, 2020): 1–11. http://dx.doi.org/10.1155/2020/8859961.
Full textAbstract:
With the features of decentralization and trustlessness and through distributed data storage, point-to-point transmission, and encryption algorithms, blockchain has shed new light on the security and protection of medical data, and it can resolve the contradiction between data sharing and privacy protection with proper security strategies. In this paper, we integrate the strengths of both blockchain and cloud computing and build the privacy protection scheme for medical data based on blockchain and cloud computing. This scheme introduces cloud computing and provides services to blockchain nodes with cloud server computing; meanwhile, it collects, analyzes, processes, and maintains medical data in the identity authentication interface and solves the insufficient computing abilities of some nodes in blockchain so as to verify the authenticity and reliability of data. The simulation experiment proves that the proposed scheme is effective. It can achieve the secure protection and integrity verification of medical data and address the problems of high computing complexity, data sharing, and privacy protection.
22
Xu, Zhiyan, Min Luo, Neeraj Kumar, Pandi Vijayakumar, and Li Li. "Privacy-Protection Scheme Based on Sanitizable Signature for Smart Mobile Medical Scenarios." Wireless Communications and Mobile Computing 2020 (November 22, 2020): 1–10. http://dx.doi.org/10.1155/2020/8877405.
Full textAbstract:
With the popularization of wireless communication and smart devices in the medical field, mobile medicine has attracted more and more attention because it can break through the limitations of time, space, and objects and provide more efficient and quality medical services. However, the characteristics of a mobile smart medical network make it more susceptible to security threats such as data integrity damage and privacy leakage than those of traditional wired networks. In recent years, many digital signature schemes have been proposed to alleviate some of these challenges. Unfortunately, traditional digital signatures cannot meet the diversity and privacy requirements of medical data applications. In response to this problem, this paper uses the unique security attributes of sanitizable signatures to carry out research on the security and privacy protection of medical data and proposes a data security and privacy protection scheme suitable for smart mobile medical scenarios. Security analysis and performance evaluation show that our new scheme effectively guarantees data security and user privacy while greatly reducing computation and communication costs, making it especially suitable for mobile smart medical application scenarios.
23
Lv, Yan Li, Yuan Long Li, Shuang Xiang, and Chun He Xia. "The Research and Realization of a Kind of Log Management-Oriented Descriptive Language to Describe the Security of Computer Network." Applied Mechanics and Materials 556-562 (May 2014): 5765–70. http://dx.doi.org/10.4028/www.scientific.net/amm.556-562.5765.
Full textAbstract:
Network Security Logs are the records of the important activities and changes of the network, which not only records the state changes of network or mainframe at any time, but also provides the data bases for the network administrators to conduct network management. How to obtain the effective information of security events from the logs with different formats, thus realizing the detection, analysis and evaluation of the security events, has always been the key point to improve the important content of information security protection and focused on by the network administrators. The paper presents a kind of descriptive language of computer network security focusing on the log management, which realizes the uniform description of the common logs in the network with its effectiveness being verified in the actual network environment. It provides the infrastructural support to improve the early warning capacity towards the information security events.
24
Girardi, Francesco, Gaetano De Gennaro, Lucio Colizzi, and Nicola Convertini. "Improving the Healthcare Effectiveness: The Possible Role of EHR, IoMT and Blockchain." Electronics 9, no. 6 (May 26, 2020): 884. http://dx.doi.org/10.3390/electronics9060884.
Full textAbstract:
New types of patient health records aim to help physicians shift from a medical practice, often based on their personal experience, towards one of evidence based medicine, thus improving the communication among patients and care providers and increasing the availability of personal medical information. These new records, allowing patients and care providers to share medical data and clinical information, and access them whenever they need, can be considered enabling Ambient Assisted Living technologies. Furthermore, new personal disease monitoring tools support specialists in their tasks, as an example allowing acquisition, transmission and analysis of medical images. The growing interest around these new technologies poses serious questions regarding data integrity and transaction security. The huge amount of sensitive data stored in these new records surely attracts the interest of malicious hackers, therefore it is necessary to guarantee the integrity and the maximum security of servers and transactions. Blockchain technology can be an important turning point in the development of personal health records. This paper discusses some issues regarding the management and protection of health data exchanged through new medical or diagnostic devices.
25
Kiss, Gabor. "The information security awareness of the Slovakian kindergarten teacher students at starting and finishing the study in higher education." SHS Web of Conferences 66 (2019): 01042. http://dx.doi.org/10.1051/shsconf/20196601042.
Full textAbstract:
In this paper we have analysed the changing of the kindergarten teacher-education students' awareness of information security at J. Selye University in Slovakia. Because there are sensitive data about children stored in the kindergarten (e.g. home address, parents' details, medical records, etc.), it deeply matters how careful is the data stored. Thorough data protection is important in order to avoid the digitally stored information to be viewable by other persons, who can use them for malicious purposes (e.g. social engineering, kidnapping, murder). This requires appropriate care and protection of storage and handling. In our research we wanted to know what level of information security awareness characterizes the kindergarten teacher-education students, whether they are aware of the basic data protection aspects. We want to see the higher education without any information security course have gained the information security awareness of the kindergarten teacher-education students or not.
26
Naddaf-Dezfbli, A. R., Sandra L. H. Davenport, and A. Joyce. "A Medical Microcomputer Database Management System." Methods of Information in Medicine 24, no. 02 (April 1985): 73–78. http://dx.doi.org/10.1055/s-0038-1635357.
Full textAbstract:
SummaryThe Patient Data Handler (PDH) is an interactive, microcomputer-based database management system. It is written in DEC BASIC-11 and runs on a DEC compatible LSI-11/03. The PDH is a relational database specifically designed to handle a very large number of attributes per patient. The retrieval program is capable of performing any combination of Boolean operations on the patient records. Data security is provided by several levels of password protection. The current application has 3,500 attributes associated with a research project on deaf-blind syndromes. Specific retrieval examples are shown from this database.
27
Lisiak-Felicka, Dominika, Pawel Nowak, and Maciej Szmit. "Selected Aspects of Information Security Management in Entities Performing Medical Activity." International Journal of Operations Management 1, no. 2 (2021): 30–37. http://dx.doi.org/10.18775/ijom.2757-0509.2020.12.4004.
Full textAbstract:
The article is devoted to the issues related to an information security management in medical entities. The healthcare entities have been amongst the prime targets for hackers for several years. According to the IBM report “The 2016 X-Force Cyber Security Intelligence Index” in 2015 most of the attacks were carried out against these entities. The years 2016 and 2017 also witnessed spectacular cyberattacks, for example: medical records breach of 3.3 million people because of an unauthorized access to a server in the US, some WannaCry ransomware attacks on the UK hospitals, some MongoDB Database Leaks in the US or NotPetya ransomware attacks in the US hospitals. Entities performing medical activity are processing personal data concerning health that is classified as a “sensitive data” and needs a special protection. The article presents the results of the survey – interviews with IT managers (or designated persons) in entities performing medical activity in Lodz Voivodeship in Poland. The aim of the research was analysis and evaluation of information security management in these entities. The interviews had been performed between December, 2017 and January, 2018. As the results of the research, the ways of information security management were identified (in particular such aspects as: characteristics of the information security teams, information security management system auditing, risk management, information security incidents, budgets for information security, training and the General Data Protection Regulation implementation). The paper also describes the types of information that should be protected in healthcare entities and characteristic of surveyed entities that subordinate to the local government of Lodz Voivodeship in Poland.
28
Qin, Qiuli, Biyuan Jin, and Yanqing Liu. "A Secure Storage and Sharing Scheme of Stroke Electronic Medical Records Based on Consortium Blockchain." BioMed Research International 2021 (February 1, 2021): 1–14. http://dx.doi.org/10.1155/2021/6676171.
Full textAbstract:
The maintenance and sharing of electronic medical records are one of the essential tasks in the medical treatment combination. Traditional cloud-based electronic medical record storage system is difficult to realize data security sharing. The tamper resistance and traceability of blockchain technology provide the possibility for the sharing of highly sensitive medical data. This paper proposes a safe sharing scheme of stroke electronic medical records based on the consortium blockchain. The scheme adopts the storage method of ciphertext of medical records stored in the cloud and index of medical records stored on the blockchain. The privacy protection mechanism proposed in this paper innovatively combines proxy reencryption and searchable encryption which supports patient pseudoidentity search. The mechanism could achieve controllable sharing of medical records and precise search. According to the organizational characteristics of the stroke medical treatment combination, this paper proposes an improved Practical Byzantine Fault Tolerance mechanism to reach a consensus between consensus nodes. Then, the proposed scheme is analyzed and evaluated from three aspects of medical record integrity, user privacy, and data security. The results show that the scheme can not only ensure the privacy of patient identity information and private key data but also resist the tampering and deletion attacks of internal and external malicious nodes on the medical record data. Therefore, the proposed scheme is conducive to the improvement of the timeliness of stroke treatment and the safe sharing of electronic medical records in stroke medical treatment combination.
29
Abunadi, Ibrahim, and Ramasamy Lakshmana Kumar. "BSF-EHR: Blockchain Security Framework for Electronic Health Records of Patients." Sensors 21, no. 8 (April 19, 2021): 2865. http://dx.doi.org/10.3390/s21082865.
Full textAbstract:
In the current epoch of smart homes and cities, personal data such as patients’ names, diseases and addresses are often violated. This is frequently associated with the safety of the electronic health records (EHRs) of patients. EHRs have numerous benefits worldwide, but at present, EHR information is subject to considerable security and privacy issues. This paper proposes a way to provide a secure solution to these issues. Previous sophisticated techniques dealing with the protection of EHRs usually make data inaccessible to patients. These techniques struggle to balance data confidentiality, patient demand and constant interaction with provider data. Blockchain technology solves the above problems since it distributes information in a transactional and decentralized manner. The usage of blockchain technology could help the health sector to balance the accessibility and privacy of EHRs. This paper proposes a blockchain security framework (BSF) to effectively and securely store and keep EHRs. It presents a safe and proficient means of acquiring medical information for doctors, patients and insurance agents while protecting the patient’s data. This work aims to examine how our proposed framework meets the security needs of doctors, patients and third parties and how the structure addresses safety and confidentiality concerns in the healthcare sector. Simulation outcomes show that this framework efficiently protects EHR data.
30
Khan, Muhammad, Ankita Chaturvedi, Dheerendra Mishra, and Saru Kumari. "On the security enhancement of integrated electronic patient records information systems." Computer Science and Information Systems 12, no. 2 (2015): 857–72. http://dx.doi.org/10.2298/csis141029030k.
Full textAbstract:
Electronic patient records (EPR) information systems maintain the patients? medical information on the web servers, and remain available to the medical institutions, practitioners, and the academia. The transmission of data is being done over the public network, which increases the privacy and security risk. However, authentication mechanism tries to ensure secure and authorized communication over insecure public network. In recent years, several authentication protocols have been proposed, but most of them fail to satisfy desirable security attributes. In this paper, we discuss the failure of two authentication protocols for EPR information systems. To overcome the flows, we present improved scheme for the integrated EPR information systems. The correctness of proposed protocol is proved using BAN logic. Moreover, the protocol performs is comparable and security is efficient than the existing schemes.
31
Fragopoulos, Anastasios, John Gialelis, and Dimitrios Serpanos. "Security Framework for Pervasive Healthcare Architectures Utilizing MPEG-21 IPMP Components." International Journal of Telemedicine and Applications 2009 (2009): 1–9. http://dx.doi.org/10.1155/2009/461560.
Full textAbstract:
Nowadays in modern and ubiquitous computing environments, it is imperative more than ever the necessity for deployment of pervasive healthcare architectures into which the patient is the central point surrounded by different types of embedded and small computing devices, which measure sensitive physical indications, interacting with hospitals databases, allowing thus urgent medical response in occurrences of critical situations. Such environments must be developed satisfying the basic security requirements for real-time secure data communication, and protection of sensitive medical data and measurements, data integrity and confidentiality, and protection of the monitored patient's privacy. In this work, we argue that the MPEG-21 Intellectual Property Management and Protection (IPMP) components can be used in order to achieve protection of transmitted medical information and enhance patient's privacy, since there is selective and controlled access to medical data that sent toward the hospital's servers.
32
He, Xiaoshuang, Hechuan Guo, and Xueyu Cheng. "Blockchain-Based Privacy Protection Scheme for IoT-Assisted Educational Big Data Management." Wireless Communications and Mobile Computing 2021 (August 13, 2021): 1–11. http://dx.doi.org/10.1155/2021/3558972.
Full textAbstract:
Adoption of the Internet of Things (IoT) in education brings many benefits. However, the poor implementation of access control of educational data produced by the IoT devices has brought students’ and teachers’ privacy into danger. Attackers can access educational data that they are not permitted to access and even erase the records during access. To tackle this problem, we employ blockchain technology to guarantee the integrity of access control rules and trace the records of access events. In this paper, we propose a blockchain-based access control scheme for the data produced by IoT devices. The scheme consists of three components: (1) a well-implemented data collection module that is deployed in smart classrooms, which collects and uploads data about the real-time situation inside the smart classroom to the data center; (2) a MongoDB-based data center and its control module that makes access control decisions based on the verification of the permissions of visitors, where the permissions are managed by blockchain; and (3) a customized blockchain system that stores and keeps security policy updates of the role-based access control module and records access events in a trusted way. Our analysis indicates that the proposed access control scheme guarantees the correctness of the access control process and makes the access of collected educational data auditable and responsible. Our system collectively analyzes the context of the smart classroom and is capable of detecting multiple scenarios such as absence, lateness, and gunshot. We show how the scheme preserves students’ and teachers’ privacy by carrying out extensive experimental studies. The results indicate that the proposed data management system can give correct responses as quickly as a traditional data server does while preserving privacy.
33
Sher, Ming-Ling, Paul C. Talley, Ching-Wen Yang, and Kuang-Ming Kuo. "Compliance With Electronic Medical Records Privacy Policy: An Empirical Investigation of Hospital Information Technology Staff." INQUIRY: The Journal of Health Care Organization, Provision, and Financing 54 (January 1, 2017): 004695801771175. http://dx.doi.org/10.1177/0046958017711759.
Full textAbstract:
The employment of Electronic Medical Records is expected to better enhance health care quality and to relieve increased financial pressure. Electronic Medical Records are, however, potentially vulnerable to security breaches that may result in a rise of patients’ privacy concerns. The purpose of our study was to explore the factors that motivate hospital information technology staff’s compliance with Electronic Medical Records privacy policy from the theoretical lenses of protection motivation theory and the theory of reasoned action. The study collected data using survey methodology. A total of 310 responses from information technology staff of 7 medical centers in Taiwan was analyzed using the Structural Equation Modeling technique. The results revealed that perceived vulnerability and perceived severity of threats from Electronic Medical Records breaches may be used to predict the information technology staff’s fear arousal level. And factors including fear arousal, response efficacy, self-efficacy, and subjective norm, in their turn, significantly predicted IT staff’s behavioral intention to comply with privacy policy. Response cost was not found to have any relationship with behavioral intention. Based on the findings, we suggest that hospitals could plan and design effective strategies such as initiating privacy-protection awareness and skills training programs to improve information technology staff member’s adherence to privacy policy. Furthermore, enhancing the privacy-protection climate in hospitals is also a viable means to the end. Further practical and research implications are also discussed.
34
Kalloniatis, Christos, Costas Lambrinoudakis, Mathias Musahl, Athanasios Kanatas, and Stefanos Gritzalis. "Incorporating privacy by design in body sensor networks for medical applications: A privacy and data protection framework." Computer Science and Information Systems, no. 00 (2020): 57. http://dx.doi.org/10.2298/csis200922057k.
Full textAbstract:
Privacy and Data protection are highly complex issues within eHealth/M-Health systems. These systems should meet specific requirements deriving from the organizations and users, as well as from the variety of legal obligations deriving from GDPR that dictate protection rights of data subjects and responsibilities of data controllers. To address that, this paper proposes a Privacy and Data Protection Framework that provides the appropriate steps so as the proper technical, organizational and procedural measures to be undertaken. The framework, beyond previous literature, supports the combination of privacy by design principles with the newly introduced GDPR requirements in order to create a strong elicitation process for deriving the set of the technical security and privacy requirements that should be addressed. It also proposes a process for validating that the elicited requirements are indeed fulfilling the objectives addressed during the Data Protection Impact Assessment (DPIA), carried out according to the GDPR.
35
Ud Din, Shams, Zahoor Jan, Muhammad Sajjad, Maqbool Hussain, Rahman Ali, Asmat Ali, and Sungyoung Lee. "Secure Exchange of Medical Data Using a Novel Real-Time Biometric-Based Protection and Recognition Method." Electronics 9, no. 12 (November 28, 2020): 2013. http://dx.doi.org/10.3390/electronics9122013.
Full textAbstract:
Security and privacy are essential requirements, and their fulfillment is considered one of the most challenging tasks for healthcare organizations to manage patient data using electronic health records. Electronic health records (clinical notes, images, and documents) become more vulnerable to breaching patients’ privacy when shared with an external organization in the current arena of the internet of medical things (IoMT). Various watermarking techniques were introduced in the medical field to secure patients’ data. Most of the existing techniques focus on an image or document’s imperceptibility without considering the watermark(logo). In this research, a novel technique of watermarking is introduced, which supersedes the shortcomings of existing approaches. It guarantees the imperceptibility of the image/document and takes care of watermark(biometric), which is further passed through a process of recognition for claiming ownership. It extracts suitable frequencies from the transform domain using specialized filters to increase the robustness level. The extracted frequencies are modified by adding the biomedical information while considering the strength factor according to the human visual system. The watermarked frequencies are further decomposed through a singular value decomposition technique to increase payload capacity up to (256 × 256). Experimental results over a variety of medical and official images demonstrate the average peak signal-to-noise ratio (PSNR 54.43), and the normal correlation (N.C.) value is 1. PSNR and N.C. of the watermark were calculated after attacks. The proposed technique is working in real-time for embedding, extraction, and recognition of biometrics over the internet, and its uses can be realized in various platforms of IoMT technologies.
36
Determann, Lothar. "Healthy Data Protection." Michigan Technology Law Review, no. 26.2 (2020): 229. http://dx.doi.org/10.36645/mtlr.26.2.healthy.
Full textAbstract:
Modern medicine is evolving at a tremendous speed. On a daily basis, we learn about new treatments, drugs, medical devices, and diagnoses. Both established technology companies and start-ups focus on health-related products and services in competition with traditional healthcare businesses. Telemedicine and electronic health records have the potential to improve the effectiveness of treatments significantly. Progress in the medical field depends above all on data, specifically health information. Physicians, researchers, and developers need health information to help patients by improving diagnoses, customizing treatments and finding new cures. Yet law and policymakers are currently more focused on the fact that health information can also be used to harm individuals. Even after the outbreak of the COVID-19 pandemic (which occurred after the manuscript for this article was largely finalized), the California Attorney General Becera made a point of announcing that he will not delay enforcement of the California Consumer Privacy Act (“CCPA”), which his office estimated imposes a $55 billion cost (approximately 1.8% of California Gross State Product) for initial compliance, not including costs of ongoing compliance, responses to data subject requests, and litigation. Risks resulting from health information processing are very real. Contact tracing and quarantines in response to SARS, MERS, and COVID-19 outbreaks curb civil liberties with similar effects to law enforcement investigations, arrests, and imprisonment. Even outside the unusual circumstances of a global pandemic, employers or insurance companies may disfavor individuals with pre-existing health conditions in connections with job offers and promotions as well as coverage and eligibility decisions. Some diseases carry a negative stigma in social circumstances. To reduce the risks of such harms and protect individual dignity, governments around the world regulate the collection, use, and sharing of health information with ever-stricter laws. European countries have generally prohibited the processing of personal data, subject to limited exceptions, for which companies have to identify and then document or apply. The General Data Protection Regulation (“GDPR”) that took effect in 2018 confirms and amplifies a rigid regulatory regime that was first introduced in the German State Hessen in 1970 and demands that organizations minimize the amount of data they collect, use, share, and retain. Healthcare and healthtech organizations have struggled to comply with this regime and have found EU data protection laws fundamentally hostile to data-driven progress in medicine. The United States, on the other hand, has traditionally relied on sector- and harm-specific laws to protect privacy, including data privacy and security rules under the federal Health Insurance Portability and Accountability Act (“HIPAA”) and numerous state laws including the Confidentiality of Medical Information Act (“CMIA”) in California, which specifically address the collection and use of health information. So long as organizations observe the specific restrictions and prohibitions in sector-specific privacy laws, they may collect, use, and share health information. As a default rule in the United States, businesses are generally permitted to process personal information, including health information. Yet, recently, extremely broad and complex privacy laws have been proposed or enacted in some states, including the California Consumer Privacy Act of 2018 (“CCPA”), which have a potential to render compliance with data privacy laws impractical for most businesses, including those in the healthcare and healthtech sectors. Meanwhile, the People’s Republic of China is encouraging and incentivizing data-driven research and development by Chinese companies, including in the healthcare sector. Data-related legislation is focused on cybersecurity and securing access to data for Chinese government agencies and much less on individual privacy interests. In Europe and the United States, the political pendulum has swung too far in the direction of ever more rigid data regulation and privacy laws, at the expense of potential benefits through medical progress. This is literally unhealthy. Governments, businesses, and other organizations need to collect, use and share more personal health information, not less. The potential benefits of health data processing far outweigh privacy risks, which can be better tackled by harm-specific laws. If discrimination by employers and insurance companies is a concern, then lawmakers and law enforcement agencies need to focus on anti-discrimination rules for employers and insurance companies - not prohibit or restrict the processing of personal data, which does not per se harm anyone. The notion of only allowing data processing under specific conditions leads to a significant hindrance of medical progress by slowing down treatments, referrals, research, and development. It also prevents the use of medical data as a tool for averting dangers for the public good. Data “anonymization” and requirements for specific consent based on overly detailed privacy notices do not protect patient privacy effectively and unnecessarily complicate the processing of health data for medical purposes. Property rights to personal data offer no solutions. Even if individuals - not companies creating databases - were granted property rights to their own data originally, this would not ultimately benefit individuals. Given that transfer and exclusion rights are at the core of property regimes, data property rights would threaten information freedom and privacy alike: after an individual sells her data, the buyer and new owner could exercise his data property rights to enjoin her and her friends and family from continued use of her personal data. Physicians, researchers, and developers would not benefit either; they would have to deal with property rights in addition to privacy and medical confidentiality requirements. Instead of overregulating data processing or creating new property rights in data, lawmakers should require and incentivize organizations to earn and maintain the trust of patients and other data subjects and penalize organizations that use data in specifically prohibited ways to harm individuals. Electronic health records, improved notice and consent mechanisms, and clear legal frameworks will promote medical progress, reduce risks of human error, lower costs, and make data processing and sharing more reliable. We need fewer laws like the GDPR or the CCPA that discourage organizations from collecting, using, retaining, and sharing personal information. Physicians, researchers, developers, drug companies, medical device manufacturers and governments urgently need better and increased access to personal health information. The future of medicine offers enormous opportunities. It depends on trust and healthy data protection. Some degree of data regulation is necessary, but the dose makes the poison. Laws that require or intend to promote the minimization of data collection, use, and sharing may end up killing more patients than hospital germs. In this article, I promote a view that is decidedly different from that supported by the vast majority of privacy scholars, politicians, the media, and the broader zeitgeist in Europe and the United States. I am arguing for a healthier balance between data access and data protection needs in the interest of patients’ health and privacy. I strive to identify ways to protect health data privacy without excessively hindering healthcare and medical progress. After an introduction (I), I examine current approaches to data protection regulation, privacy law, and the protection of patient confidentiality (II), risks associated with the processing of health data (III), needs to protect patient confidence (IV), risks for healthcare and medical progress (V), and possible solutions (VI). I conclude with an outlook and call for healthier approaches to data protection (VII).
37
Alghazo, Jaafar M. "Intelligent Security and Privacy of Electronic Health Records Using Biometric Images." Current Medical Imaging Formerly Current Medical Imaging Reviews 15, no. 4 (April 11, 2019): 386–94. http://dx.doi.org/10.2174/1573405615666181228121535.
Full textAbstract:
<P>Background: In the presence of Cloud Environment and the migration of Electronic Health Systems and records to the Cloud, patient privacy has become an emergent problem for healthcare institutions. Government bylaws, electronic health documentation, and innovative internet health services generate numerous security issues for healthcare conformity and information security groups. To deal with these issues, healthcare institutes must protect essential IT infrastructure from unauthorized use by insiders and hackers. The Cloud Computing archetype allows for EHealth methods that improve the features and functionality of systems on the cloud. On the other hand, sending patients’ medical information and records to the Cloud entails a number of risks in the protection and privacy of the health records during the communication process. </P><P> Aim: In this paper, a solution is proposed for the security of Electronic Health Records (EHRs) in cloud environment during the process of sending the data to the cloud. In addition, the proposed method uses biometric images that allow for unified patient identification across cloud-based EHRs and across medical institutions. </P><P> Method: To protect the privacy of patients’ information and streamline the migration process, a watermarking-based method is proposed for health care providers to ensure that patients’ data are only accessible to authorized personnel. Patients’ information, such as name, id, symptoms, diseases, and previous history, is secured in biometric images of patients as an encrypted watermark. Results: Quality and impeccability analysis and robustness were performed to test the proposed method. The PSNR values show that the proposed method produced excellent results. Conclusion: The robustness and impressibility of the proposed method were tested by subjecting the watermarked images to different simulated attacks. The watermarks were largely impermeable to varied and repeated attacks.</P>
38
Marwan, Mbarek, Abdelkarim Ait Temghart, Fatima Sifou, and Feda AlShahwan. "A Cloud Solution for Securing Medical Image Storage." Journal of information and organizational sciences 44, no. 1 (June 25, 2020): 113–39. http://dx.doi.org/10.31341/jios.44.1.5.
Full textAbstract:
Cloud computing is an easy-to-use, affordable solution to manage and analyze medical data. Therefore, this paradigm has gained wide acceptance in the healthcare sector as a cost-efficient way for a successful Electronic Medical Records (EMR) implementation. Cloud technology is, however, subject to increasing criticism because of the numerous security vulnerabilities. In this regard, we propose a framework to protect confidential data through the development of new security measures, including compression, secret share scheme and XOR operation. The primary objective of the proposal is to achieve the right balance between security and usability. To this aim, we divide an image into several blocks and then encrypt each piece separately with different cryptographic keys. To enhance privacy and performance, we suggest DepSky architecture to keep data on various storage nodes. Simulation experiments have been conducted to prove the effectiveness of the proposed methodology.
39
Nagm, Ahmad, and Mohammed Safy Elwan. "Protection of the patient data against intentional attacks using a hybrid robust watermarking code." PeerJ Computer Science 7 (March 22, 2021): e400. http://dx.doi.org/10.7717/peerj-cs.400.
Full textAbstract:
The security of patient information is important during the transfer of medical data. A hybrid spatial domain watermarking algorithm that includes encryption, integrity protection, and steganography is proposed to strengthen the information originality based on the authentication. The proposed algorithm checks whether the patient’s information has been deliberately changed or not. The created code is distributed at every pixel of the medical image and not only in the regions of non-interest pixels, while the image details are still preserved. To enhance the security of the watermarking code, SHA-1 is used to get the initial key for the Symmetric Encryption Algorithm. The target of this approach is to preserve the content of the image and the watermark simultaneously, this is achieved by synthesizing an encrypted watermark from one of the components of the original image and not by embedding a watermark in the image. To evaluate the proposed code the Least Significant Bit (LSB), Bit2SB, and Bit3SB were used. The evaluation of the proposed code showed that the LSB is of better quality but overall the Bit2SB is better in its ability against the active attacks up to a size of 2*2 pixels, and it preserves the high image quality.
40
Dayo Alowolodu, Olufunso, Gabriel K Adelaja, Boniface K Alese, and Olufunke Catherine Olayemi. "Medical Image Security Using Quantum Cryptography." Issues in Informing Science and Information Technology 15 (2018): 057–67. http://dx.doi.org/10.28945/4008.
Full textAbstract:
Aim/Purpose: Medical images are very sensitive data that can be transferred to medical laboratories, professionals, and specialist for referral cases or consultation. Strict security measures must be utilized to keep these data secured in computer networks when transferred to another party. On a daily basis, unauthorized users derive ways to gain access to sensitive patient medical information. Background: One of the best ways to which medical image could be kept secured is through the use of quantum cryptography Methodology : Applying the principles of quantum mechanics to cryptography has led to a remarkable new dimension in secured network communication infrastructure. This enables two legitimate users to produce a shared secret random bit string, which can be used as a key in cryptographic applications, such as message encryption and authentication. Contribution: This paper can make it possible for the healthcare and medical professions to construct cryptographic communication systems to keep patients’ transferred data safe and secured. Findings: This work has been able to provide a way for two authorized users who are in different locations to securely establish a secret network key and to detect if eavesdropping (a fraudulent or disruption in the network) has occurred Recommendations for Practitioners: This security mechanism is recommended for healthcare providers and practitioners to ensure the privacy of patients’ medical information. Recommendation for Researchers: This paper opens a new chapter in secured medical records Impact on Society Quantum key distribution promises network security based on the fundamental laws of quantum mechanics by solving the problems of secret-key cryptography . Future Research: The use of post-quantum cryptography can be further researched.
41
Yuan, Munan, Xiaofeng Li, Xiru Li, Haibo Tan, and Jinlin Xu. "Trust Hardware Based Secured Privacy Preserving Computation System for Three-Dimensional Data." Electronics 10, no. 13 (June 25, 2021): 1546. http://dx.doi.org/10.3390/electronics10131546.
Full textAbstract:
Three-dimensional (3D) data are easily collected in an unconscious way and are sensitive to lead biological characteristics exposure. Privacy and ownership have become important disputed issues for the 3D data application field. In this paper, we design a privacy-preserving computation system (SPPCS) for sensitive data protection, based on distributed storage, trusted execution environment (TEE) and blockchain technology. The SPPCS separates a storage and analysis calculation from consensus to build a hierarchical computation architecture. Based on a similarity computation of graph structures, the SPPCS finds data requirement matching lists to avoid invalid transactions. With TEE technology, the SPPCS implements a dual hybrid isolation model to restrict access to raw data and obscure the connections among transaction parties. To validate confidential performance, we implement a prototype of SPPCS with Ethereum and Intel Software Guard Extensions (SGX). The evaluation results derived from test datasets show that (1) the enhanced security and increased time consumption (490 ms in this paper) of multiple SGX nodes need to be balanced; (2) for a single SGX node to enhance data security and preserve privacy, an increased time consumption of about 260 ms is acceptable; (3) the transaction relationship cannot be inferred from records on-chain. The proposed SPPCS implements data privacy and security protection with high performance.
42
Liu, Xueyan, Yukun Luo, and Xiaotao Yang. "Traceable Attribute-Based Secure Data Sharing with Hidden Policies in Mobile Health Networks." Mobile Information Systems 2020 (August 3, 2020): 1–12. http://dx.doi.org/10.1155/2020/3984048.
Full textAbstract:
The growing need to store, share, and manage medical and health records has resulted in electronic medical health sharing system (mHealth), which provides intelligent medical treatment for people. Attribute-based encryption (ABE) is regarded as a new cryptology to enhance fine-grained access control over encrypted sharing data in mHealth. However, some existing attribute-based mHealth systems not only violate the one-to-many application characteristics of attribute-based encryption mechanism but also destroy the anonymity of user. In this study, an efficient scheme is proposed to tackle the above defaults and offer two-way anonymity of data owner and data user by introducing a pseudoidentity. The computation of hidden access policy is reduced by removing the bilinear pairing, whereas the interaction between cloud storage and data user is avoided to save bandwidth during trapdoor generation. We also consider the temporal factor of the uploaded information by introducing access validity. Security and performance analyses show that the proposed scheme is efficient without reducing security.
43
Velliangiri S. and Naga Rama Devi G. "Hybrid Crypto Techniques for Secured Multimedia Big Data Content Protection System (SMBDCPS)." International Journal of e-Collaboration 17, no. 2 (April 2021): 1–21. http://dx.doi.org/10.4018/ijec.2021040101.
Full textAbstract:
Most of the existing work does not ensure the optimal and secured storage maintenance of big data. This is resolved in the proposed research method name called secured multimedia big data content protection system (SMBDCPS). The proposed scheme has using AES and SHA-256 hybrid mechanism for securing the keys of encryption and decryption. This method has integrated the key value of AES and SHA-256 together to generate the new key value for increasing the security level. The main advantage of the proposed scheme has required only small storage which is computation efficient. The overall performance of the proposed scheme has carried out on MATLAB simulation environment over the medical health care datasets. The performance proves the proposed scheme has yield better results than the existing scheme.
44
Zhang, Zelin, Jian Xu, Bin Ma, Chunpeng Wang, Jian Li, and Yuli Wang. "Medical Image Key Area Protection Scheme Based on QR Code and Reversible Data Hiding." Security and Communication Networks 2021 (July 15, 2021): 1–11. http://dx.doi.org/10.1155/2021/5511806.
Full textAbstract:
Medical image data, like most patient information, has high requirements for privacy and confidentiality. To improve the security of medical image transmission within the open network, we proposed a medical image key area protection algorithm based on reversible data hiding. First, the coefficient of variation is used to identify the key area, that is, the lesion area of the image. Then, the other regions are divided into blocks to analyze the texture complexity. Next, we propose a new reversible data hiding algorithm, which embeds the content of the key area into the high-texture regions. On this basis, a quick response (QR) code is generated using the ciphertext of the basic image information to replace the original lesion area. Experimental results show that this method can not only safely transmit sensitive patient information by hiding the content of the lesion, it can also store copyright information through QR code and achieve accurate image retrieval.
45
Cheng, Wenzhi, Wei Ou, Xiangdong Yin, Wanqin Yan, Dingwan Liu, and Chunyan Liu. "A Privacy-Protection Model for Patients." Security and Communication Networks 2020 (December 10, 2020): 1–12. http://dx.doi.org/10.1155/2020/6647562.
Full textAbstract:
The collection and analysis of patient cases can effectively help researchers to extract case feature and to achieve the objectives of precision medicine, but it may cause privacy issues for patients. Although encryption is a good way to protect privacy, it is not conducive to the sharing and analysis of medical cases. In order to address this problem, this paper proposes a federated learning verification model, which combines blockchain technology, homomorphic encryption, and federated learning technology to effectively solve privacy issues. Moreover, we present a FL-EM-GMM Algorithm (Federated Learning Expectation Maximization Gaussian Mixture Model Algorithm), which can make model training without data exchange for protecting patient’s privacy. Finally, we conducted experiments on the federated task of datasets from two organizations in our model system, where the data has the same sample ID with different subset features, and this system is capable of handling privacy and security issues. The results show that the model was trained by our system with better usability, security, and higher efficiency, which is compared with the model trained by traditional machine learning methods.
46
Wang, Qihua, Huaqun Wang, Yufeng Wang, and Rui Guo. "A Distributed Access Control with Outsourced Computation in Fog Computing." Security and Communication Networks 2019 (July 8, 2019): 1–10. http://dx.doi.org/10.1155/2019/6782753.
Full textAbstract:
With the rapid development of information technology and the Internet of Things Technology (IOT), data security and healthy privacy are getting a lot of attention. In order to store, access, and share electronic health records, storage of this data is transferred to a third-party-cloud server. The security and privacy of electronic health records stored at date center or cloud server are not guaranteed. Before being sent to date center or cloud server, this data should be encrypted. Designing an efficient and secure fine-grained access control strategy for personal health records is facing enormous challenges. Security and privacy for electronic health records are very important because the electronic health data which plays an important role in medical server and treatment is directly associated with a particular patient. Attribute-based encryption (ABE) can effectively achieve fine-grained access control. However, the computation of bilinear pairings requires a large amount of computation overhead in ABE scheme. In order to decrease the computational overhead and ensure the confidentiality of electronic health records, a distributed fine-grained access control scheme with outsourced computation for IOT is proposed in this paper. Little calculation is executed by the receiver and sender in our proposed scheme. Outsourcing computing reduces the computing burden. The analyses of safety and performance show that our proposed scheme is safe and effective compared with previous schemes.
47
Lisiak-Felicka, Dominika, Paweł A. Nowak, Maciej Szmit, and Radosław Zajdel. "THE FINANCING OF INFORMATION SECURITY MANAGEMENT IN ENTITIES PERFORMING MEDICAL ACTIVITIES." Zeszyty Naukowe Uniwersytetu Przyrodniczo-Humanistycznego w Siedlcach. Seria: Administracja i Zarządzanie, no. 53(126) (January 27, 2021): 5–16. http://dx.doi.org/10.34739/zn.2020.53.01.
Full textAbstract:
All healthcare organizations process “sensitive data” that needs special protection. To ensure an appropriate level of security for this data, it is necessary to allocate adequate financial resources for security measures. The exploratory aim of the research here is the recognition of the current state of information security management systems in selected entities performing medical activities. An analysis and evaluation of these systems and the financing of information security were conducted. The methods and techniques used in the research are Computer Assisted Telephone Interviews, literature studies, and a questionnaire survey with applications for access to public information. The subjects of the research were medical entities subordinate to the local governments of three Polish voivodeships (Łódź, Świętokrzyskie and Pomeranian). The research was conducted between 2017 and 2018. Research findings show that the surveyed entities did not properly manage information security and did not allocate adequate financial resources to ensure information security. The lack of efficient information security management in medical entities may entail negative consequences in the future.
48
Ayyappan, Sonal, C. Lakshmi, and Varun Menon. "A Secure Reversible Data Hiding and Encryption System for Embedding EPR in Medical Images." Current Signal Transduction Therapy 15, no. 2 (December 1, 2020): 124–35. http://dx.doi.org/10.2174/1574362414666190304162411.
Full textAbstract:
Background: Recent advances in medical associated technologies have drastically increased the amount of electronic medical records collected, stored and transferred through the network. Considering the significance and level of sensitivity of the collected medical data, the security of the transmitted data has become a very vital and challenging task for researchers. The protection of these medical images with embedded data is usually guaranteed using encryption or data hiding techniques. Conventional techniques that employ encryption or data hiding are often insecure and also time-consuming during transmission through the network. Materials and Methods: A method combining encryption and data hiding together can result in compression of data that reduces the transmission time and increases the security level. Reversible data hiding in images can reestablish the cover image after extracting the hidden embedded data exclusive of alterations. Here a new reversible crypto-watermarking system is proposed using cryptographic algorithms that encrypts and hides an Electronic Patient Record (EPR) into an image corresponding to that patient using Rhombus Prediction Scheme. It embeds a big amount of encrypted data into an image with hardly noticeable modification using spatial pixel manipulations based on prediction errors. The marked image is hashed using SHA-256 algorithm. Results and Conclusion: Hashing and cryptography increases the robustness and guarantees authenticity with integrity. The proposed method results in improved safety with a lower transmission time than the existing methods.
49
Zhou, Xingguang, Jianwei Liu, Zongyang Zhang, and Qianhong Wu. "Secure Outsourced Medical Data against Unexpected Leakage with Flexible Access Control in a Cloud Storage System." Security and Communication Networks 2020 (February 10, 2020): 1–20. http://dx.doi.org/10.1155/2020/8347213.
Full textAbstract:
The application of cloud storage system has been deployed widely in recent years. A lot of electronic medical records (EMRs) are collected and uploaded to the cloud for scalable sharing among the authority users. It is necessary to guarantee the confidentiality of EMRs and the privacy of EMR owners. To achieve this target, we summarize a series of attack behaviors in the cloud storage system and present the security model against many types of unexpected privacy leakage. Privacy of unassailed EMRs is guaranteed in this model, and the influence of privacy leakage is controlled in a certain scope. We also propose a role-based access control scheme to achieve flexible access control on these private EMRs. One can access medical records only if his/her role satisfies the defined access policy, which implies a fine-grained access control. Theoretical and experimental analyses show the efficiency of our scheme in terms of computation and communication.
50
Fatokun, Tomilayo, Avishek Nag, and Sachin Sharma. "Towards a Blockchain Assisted Patient Owned System for Electronic Health Records." Electronics 10, no. 5 (March 2, 2021): 580. http://dx.doi.org/10.3390/electronics10050580.
Full textAbstract:
Security and privacy of patients’ data is a major concern in the healthcare industry. In this paper, we propose a system that activates robust security and privacy of patients’ medical records as well as enables interoperability and data exchange between the different healthcare providers. The work proposes the shift from patient’s electronic health records being managed and controlled by the healthcare industry to a patient-centric application where patients are in control of their data. The aim of this research is to build an Electronic Healthcare Record (EHR) system that is layered on the Ethereum blockchain platform and smart contract in order to eliminate the need for third-party systems. With this system, the healthcare provider can search for patient’s data and request the patients’ consent to access it. Patients manage their data which enables an expedited data exchange across EHR systems. Each patient’s data are stored on the peer-to-peer node ledger. The proposed patient-centric EHR platform is cross-platform compliant, as it can be accessed via personal computers and mobile devices and facilitates interoperability across healthcare providers as patients’ medical records are gathered from different healthcare providers and stored in a unified format. The proposed framework is tested on a private Ethereum network using Ganache. The results show the effectiveness of the system with respect to security, privacy, performance and interoperability.