Machine learning cryptography methods for IoT in healthcare.

BACKGROUND: The increased application of Internet of Things (IoT) in healthcare, has fueled concerns regarding the security and privacy of patient data. Lightweight Cryptography (LWC) algorithms can be seen as a potential solution to address this concern. Due to the high variation of LWC, the primary objective of this study was to identify a suitable yet effective algorithm for securing sensitive patient information on IoT devices. METHODS: This study evaluates the performance of eight LWC algorithms-AES, PRESENT, MSEA, LEA, XTEA, SIMON, PRINCE, and RECTANGLE-using machine learning models. Experiments were conducted on a Raspberry Pi 3 microcontroller using 16 KB to 2048 KB files. Machine learning models were trained and tested for each LWC algorithm and their performance was evaluated based using precision, recall, F1-score, and accuracy metrics. RESULTS: The study analyzed the encryption/decryption execution time, energy consumption, memory usage, and throughput of eight LWC algorithms. The RECTANGLE algorithm was identified as the most suitable and efficient LWC algorithm for IoT in healthcare due to its speed, efficiency, simplicity, and flexibility. CONCLUSIONS: This research addresses security and privacy concerns in IoT healthcare and identifies key performance factors of LWC algorithms utilizing the SLR research methodology. Furthermore, the study provides insights into the optimal choice of LWC algorithm for enhancing privacy and security in IoT healthcare environments.

End-to-end pseudonymization of fine-tuned clinical BERT models : Privacy preservation with maintained data utility.

Many state-of-the-art results in natural language processing (NLP) rely on large pre-trained language models (PLMs). These models consist of large amounts of parameters that are tuned using vast amounts of training data. These factors cause the models to memorize parts of their training data, making them vulnerable to various privacy attacks. This is cause for concern, especially when these models are applied in the clinical domain, where data are very sensitive. Training data pseudonymization is a privacy-preserving technique that aims to mitigate these problems. This technique automatically identifies and replaces sensitive entities with realistic but non-sensitive surrogates. Pseudonymization has yielded promising results in previous studies. However, no previous study has applied pseudonymization to both the pre-training data of PLMs and the fine-tuning data used to solve clinical NLP tasks. This study evaluates the effects on the predictive performance of end-to-end pseudonymization of Swedish clinical BERT models fine-tuned for five clinical NLP tasks. A large number of statistical tests are performed, revealing minimal harm to performance when using pseudonymized fine-tuning data. The results also find no deterioration from end-to-end pseudonymization of pre-training and fine-tuning data. These results demonstrate that pseudonymizing training data to reduce privacy risks can be done without harming data utility for training PLMs.

Collaborative learning from distributed data with differentially private synthetic data.

BACKGROUND: Consider a setting where multiple parties holding sensitive data aim to collaboratively learn population level statistics, but pooling the sensitive data sets is not possible due to privacy concerns and parties are unable to engage in centrally coordinated joint computation. We study the feasibility of combining privacy preserving synthetic data sets in place of the original data for collaborative learning on real-world health data from the UK Biobank. METHODS: We perform an empirical evaluation based on an existing prospective cohort study from the literature. Multiple parties were simulated by splitting the UK Biobank cohort along assessment centers, for which we generate synthetic data using differentially private generative modelling techniques. We then apply the original study's Poisson regression analysis on the combined synthetic data sets and evaluate the effects of 1) the size of local data set, 2) the number of participating parties, and 3) local shifts in distributions, on the obtained likelihood scores. RESULTS: We discover that parties engaging in the collaborative learning via shared synthetic data obtain more accurate estimates of the regression parameters compared to using only their local data. This finding extends to the difficult case of small heterogeneous data sets. Furthermore, the more parties participate, the larger and more consistent the improvements become up to a certain limit. Finally, we find that data sharing can especially help parties whose data contain underrepresented groups to perform better-adjusted analysis for said groups. CONCLUSIONS: Based on our results we conclude that sharing of synthetic data is a viable method for enabling learning from sensitive data without violating privacy constraints even if individual data sets are small or do not represent the overall population well. Lack of access to distributed sensitive data is often a bottleneck in biomedical research, which our study shows can be alleviated with privacy-preserving collaborative learning methods.

GEN-RWD Sandbox: bridging the gap between hospital data privacy and external research insights with distributed analytics.

BACKGROUND: Artificial intelligence (AI) has become a pivotal tool in advancing contemporary personalised medicine, with the goal of tailoring treatments to individual patient conditions. This has heightened the demand for access to diverse data from clinical practice and daily life for research, posing challenges due to the sensitive nature of medical information, including genetics and health conditions. Regulations like the Health Insurance Portability and Accountability Act (HIPAA) in the U.S. and the General Data Protection Regulation (GDPR) in Europe aim to strike a balance between data security, privacy, and the imperative for access. RESULTS: We present the Gemelli Generator - Real World Data (GEN-RWD) Sandbox, a modular multi-agent platform designed for distributed analytics in healthcare. Its primary objective is to empower external researchers to leverage hospital data while upholding privacy and ownership, obviating the need for direct data sharing. Docker compatibility adds an extra layer of flexibility, and scalability is assured through modular design, facilitating combinations of Proxy and Processor modules with various graphical interfaces. Security and reliability are reinforced through components like Identity and Access Management (IAM) agent, and a Blockchain-based notarisation module. Certification processes verify the identities of information senders and receivers. CONCLUSIONS: The GEN-RWD Sandbox architecture achieves a good level of usability while ensuring a blend of flexibility, scalability, and security. Featuring a user-friendly graphical interface catering to diverse technical expertise, its external accessibility enables personnel outside the hospital to use the platform. Overall, the GEN-RWD Sandbox emerges as a comprehensive solution for healthcare distributed analytics, maintaining a delicate equilibrium between accessibility, scalability, and security.

Medical Information Protection in Internet Hospital Apps in China: Scale Development and Content Analysis.

BACKGROUND: Hospital apps are increasingly being adopted in many countries, especially since the start of the COVID-19 pandemic. Web-based hospitals can provide valuable medical services and enhanced accessibility. However, increasing concerns about personal information (PI) and strict legal compliance requirements necessitate privacy assessments for these platforms. Guided by the theory of contextual integrity, this study investigates the regulatory compliance of privacy policies for internet hospital apps in the mainland of China. OBJECTIVE: In this paper, we aim to evaluate the regulatory compliance of privacy policies of internet hospital apps in the mainland of China and offer recommendations for improvement. METHODS: We obtained 59 internet hospital apps on November 7, 2023, and reviewed 52 privacy policies available between November 8 and 23, 2023. We developed a 3-level indicator scale based on the information processing activities, as stipulated in relevant regulations. The scale comprised 7 level-1 indicators, 26 level-2 indicators, and 70 level-3 indicators. RESULTS: The mean compliance score of the 52 assessed apps was 73/100 (SD 22.4%), revealing a varied spectrum of compliance. Sensitive PI protection compliance (mean 73.9%, SD 24.2%) lagged behind general PI protection (mean 90.4%, SD 14.7%), with only 12 apps requiring separate consent for processing sensitive PI (mean 73.9%, SD 24.2%). Although most apps (n=41, 79%) committed to supervising subcontractors, only a quarter (n=13, 25%) required users' explicit consent for subcontracting activities. Concerning PI storage security (mean 71.2%, SD 29.3%) and incident management (mean 71.8%, SD 36.6%), half of the assessed apps (n=27, 52%) committed to bear corresponding legal responsibility, whereas fewer than half (n=24, 46%) specified the security level obtained. Most privacy policies stated the PI retention period (n=40, 77%) and instances of PI deletion or anonymization (n=41, 79%), but fewer (n=20, 38.5%) committed to prompt third-party PI deletion. Most apps delineated various individual rights, but only a fraction addressed the rights to obtain copies (n=22, 42%) or to refuse advertisement based on automated decision-making (n=13, 25%). Significant deficiencies remained in regular compliance audits (mean 11.5%, SD 37.8%), impact assessments (mean 13.5%, SD 15.2%), and PI officer disclosure (mean 48.1%, SD 49.3%). CONCLUSIONS: Our analysis revealed both strengths and significant shortcomings in the compliance of internet hospital apps' privacy policies with relevant regulations. As China continues to implement internet hospital apps, it should ensure the informed consent of users for PI processing activities, enhance compliance levels of relevant privacy policies, and fortify PI protection enforcement across the information processing stages.

The need for cybersecurity self-evaluation in healthcare.

The Australian healthcare sector is a complex mix of government departments, associations, providers, professionals, and consumers. Cybersecurity attacks, which have recently increased, challenge the sector in many ways; however, the best approaches for the sector to manage the threat are unclear. This study will report on a semi-structured focus group conducted with five representatives from the Australian healthcare and computer security sectors. An analysis of this focus group transcript yielded four themes: 1) the challenge of securing the Australian healthcare landscape; 2) the financial challenges of cybersecurity in healthcare; 3) balancing privacy and transparency; 4) education and regulation. The results indicate the need for sector-specific tools to empower the healthcare sector to mitigate cybersecurity threats, most notably using a self-evaluation tool so stakeholders can proactively prepare for incidents. Despite the vast amount of research into cybersecurity, little has been conducted on proactive cybersecurity approaches where security weaknesses are identified weaknesses before they occur.

Exploring the tradeoff between data privacy and utility with a clinical data analysis use case.

BACKGROUND: Securing adequate data privacy is critical for the productive utilization of data. De-identification, involving masking or replacing specific values in a dataset, could damage the dataset's utility. However, finding a reasonable balance between data privacy and utility is not straightforward. Nonetheless, few studies investigated how data de-identification efforts affect data analysis results. This study aimed to demonstrate the effect of different de-identification methods on a dataset's utility with a clinical analytic use case and assess the feasibility of finding a workable tradeoff between data privacy and utility. METHODS: Predictive modeling of emergency department length of stay was used as a data analysis use case. A logistic regression model was developed with 1155 patient cases extracted from a clinical data warehouse of an academic medical center located in Seoul, South Korea. Nineteen de-identified datasets were generated based on various de-identification configurations using ARX, an open-source software for anonymizing sensitive personal data. The variable distributions and prediction results were compared between the de-identified datasets and the original dataset. We examined the association between data privacy and utility to determine whether it is feasible to identify a viable tradeoff between the two. RESULTS: All 19 de-identification scenarios significantly decreased re-identification risk. Nevertheless, the de-identification processes resulted in record suppression and complete masking of variables used as predictors, thereby compromising dataset utility. A significant correlation was observed only between the re-identification reduction rates and the ARX utility scores. CONCLUSIONS: As the importance of health data analysis increases, so does the need for effective privacy protection methods. While existing guidelines provide a basis for de-identifying datasets, achieving a balance between high privacy and utility is a complex task that requires understanding the data's intended use and involving input from data users. This approach could help find a suitable compromise between data privacy and utility.

ChatGPT in private practice: The opportunities and pitfalls of novel technology.

OBJECTIVE: This article explores the transformative impact of OpenAI and ChatGPT on Australian medical practitioners, particularly psychiatrists in the private practice setting. It delves into the extensive benefits and limitations associated with integrating ChatGPT into medical practice, summarising current policies and scrutinising medicolegal implications. CONCLUSION: A careful assessment is imperative to determine whether the benefits of AI integration outweigh the associated risks. Practitioners are urged to review AI-generated content to ensure its accuracy, recognising that liability likely resides with them rather than with AI platforms, despite the lack of case law specific to negligence and AI in the Australian context at present. It is important to employ measures that ensure patient confidentiality is not breached and practitioners are encouraged to seek counsel from their professional indemnity insurer. There is considerable potential for future development of specialised AI software tailored specifically for the medical profession, making the use of AI more suitable for the medical field in the Australian legal landscape. Moving forward, it is essential to embrace technology and actively address its challenges rather than dismissing AI integration into medical practice. It is becoming increasingly essential that both the psychiatric community, medical community at large and policy makers develop comprehensive guidelines to fill existing policy gaps and adapt to the evolving landscape of AI technologies in healthcare.

An enhanced pairing-free certificateless directed signature scheme.

Directed signature is a special cryptographic technique in which only the verifier designated by the signer can verify the validity of the signature. Directed signature can effectively protect the privacy of the signer's identity, so it is very suitable for medical records, taxation, and other fields. To improve the security and performance of the directed signature scheme, Gayathri et al. proposed the first certificateless directed signature (CLDS) scheme without bilinear pairing and claimed that their CLDS scheme could withstand Type I and Type II attacks. In this article, we provide two attack methods to assess the security of their CLDS scheme. Unfortunately, our results indicate that their CLDS scheme is insecure against Type I and Type II attacks. That is, their CLDS scheme does not meet the unforgeability and cannot achieve the expected security goals. To resist these attacks, we present an improved CLDS scheme and give the security proof. Compared with similar schemes, our scheme has better performance and higher security.

Evaluating the Balance Between Privacy and Access in Digital Information Sharing.

OBJECTIVES: Access to personal health records in an ICU by persons involved in the patient's care (referred to broadly as "family members" below) has the potential to increase engagement and reduce the negative psychologic sequelae of such hospitalizations. Currently, little is known about patient preferences for information sharing with a designated family member in the ICU. We sought to understand the information-sharing preferences of former ICU patients and their family members and to identify predictors of information-sharing preferences. DESIGN: We performed an internet survey that was developed by a broad, multidisciplinary team of stakeholders. Formal pilot testing of the survey was conducted prior to internet survey administration to study subjects. SETTING: Internet survey. SUBJECTS: Subjects included English-speaking adults who had an ICU experience or a family member with ICU experience between 2013 and 2016. We used panel sampling to ensure an ethnically representative sample of the U.S. population. INTERVENTIONS: None. MEASUREMENTS AND MAIN RESULTS: One thousand five hundred twenty surveys were submitted, and 1,470 were included in analysis. The majority of respondents (93.6%) stated that they would want to share present and past medical history, either all or that related to their ICU stay, with a designated family member of their choosing. The majority (79%) would also want their designated family member to be able to access that information from a home computer. Although most respondents preferred to share all types of information, they indicated varying levels of willingness to share specific types of more sensitive information. Information-sharing preferences did not differ by age, sex, ethnicity, or type of prior experience in the ICU (i.e., patient or family member). CONCLUSIONS: In the context of an ICU admission, sharing personal health information with a person of the patient's choosing appears desirable for most patients and family members. Policies and implementation of regulations should take this into consideration.

Associations Between Privacy-Related Constructs and Depression and Suicide Risk in Health Care Professionals, Trainees, and Students.

PURPOSE: The University of California, San Diego screens health care professionals, trainees, and students for depression and suicide risk. Individuals complete a voluntary, anonymous online screening tool and choose whether to provide personal demographic information. This study assessed the relationship between privacy-related constructs and self-rated depression and suicide risk. METHOD: The authors analyzed responses to the screening tool collected from January 2018 to December 2019. Measures of depression, suicidal ideation and behaviors, and worry about stigma for seeking mental health services (i.e., privacy-related concern) were gathered. The number of demographic item nonresponses (i.e., age, gender, ethnicity/race, professional position) was operationalized as privacy-related behavior. Linear and logistic regression models were used to determine associations between privacy-related constructs (concern and behavior) and depression and suicide measures. RESULTS: A total of 1,224 respondents were included. On average, respondents reported mild depression (mean = 9.12, standard deviation = 5.94), but 43% (524/1,224) reported at least moderate depression. One in 5 respondents (248/1,224) reported worry about stigma for seeking mental health services, and more than 17% (212/1,224) skipped at least 1 demographic question. Privacy-related concern was statistically significantly and positively associated with recent depression and suicidal ideation and behaviors (odds ratios [ORs] = 3.13-7.02; 95% confidence interval [CI], 2.23-19.20; P's < .001) and with lifetime suicide attempts (OR = 1.76; 95% CI, 1.08-2.86; P = .02). Privacy-related behavior was statistically significantly and positively associated with suicide action (OR = 2.23; 95% CI, 1.24-4.02; P = .008). CONCLUSIONS: Privacy-related constructs may be meaningful correlates of mental health as respondents who endorsed these constructs had increased odds of worse depression and suicidal ideation and behaviors. Considering privacy-related constructs may be useful for identifying health care professionals, trainees, and students experiencing distress and in need of imminent mental health resources.

Enhanced quantum signature scheme using quantum amplitude amplification operators.

Quantum signature is the use of the principles of quantum computing to establish a trusted communication between two parties. In this paper, a quantum signature scheme using amplitude amplification techniques will be proposed. To secure the signature, the proposed scheme uses a partial diffusion operator and a diffusion operator to hide/unhide certain quantum states during communication. The proposed scheme consists of three phases, preparation phase, signature phase and verification phase. To confuse the eavesdropper, the quantum states representing the signature might be hidden, not hidden or encoded in Bell states. It will be shown that the proposed scheme is more secure against eavesdropping when compared with relevant quantum signature schemes.

Design and Application of Electronic Rehabilitation Medical Record (ERMR) Sharing Scheme Based on Blockchain Technology.

As the value of blockchain has been widely recognized, more and more industries are proposing their blockchain solutions, including the rehabilitation medical industry. Blockchain can play a powerful role in the field of rehabilitation medicine, bringing a new research idea to the management of rehabilitation medical data. The electronic rehabilitation medical record (ERMR) contains rich data dimensions, which can provide comprehensive and accurate information for assessing the health of patients, thereby enhancing the effect of rehabilitation treatment. This paper analyzed the data characteristics of ERMR and the application requirements of blockchain in rehabilitation medicine. Based on the basic principles of blockchain, the technical advantages of blockchain used in ERMR sharing have been studied. In addition, this paper designed a blockchain-based ERMR sharing scheme in detail, using the specific technologies of blockchain such as hybrid P2P network, block-chain data structure, asymmetric encryption algorithm, digital signature, and Raft consensus algorithm to achieve distributed storage, data security, privacy protection, data consistency, data traceability, and data ownership in the process of ERMR sharing. The research results of this paper have important practical significance for realizing the safe and efficient sharing of ERMR, and can provide important technical references for the management of rehabilitation medical data with broad application prospects.

A Normative Framework for the Reconciliation of EU Data Protection Law and Medical Research Ethics.

EU data protection law and medical research ethics overlap in scope and content in numerous instances in which personal data are processed in medical research. It is not always the case, however, that the conditions outlined by the two rule-sets precisely coincide. In the past few years, this lack of confluence has led to confusion as to how the two rule-sets should best relate to one another. This confusion has led to different approaches to the relationship being taken, on occasion leading to counter-intuitive conclusions. Unfortunately, there has hitherto been little effort to provide clarity to this confusion. In this regard, this article attempts to provide a general normative framework aimed at facilitating optimally cogent and just reconciliations of EU data protection law and medical research ethics.

Pindex: Private multi-linked index for encrypted document retrieval.

Cryptographic cloud storage is used to make optimal use of the cloud storage infrastructure to outsource sensitive and mission-critical data. The continuous growth of encrypted data outsourced to cloud storage requires continuous updating. Attacks like file-injection are reported to compromise confidentiality of the user as a consequence of information leakage during update. It is required that dynamic schemes provide forward privacy guarantees. Updates should not leak information to the untrusted server regarding the previously issued queries. Therefore, the challenge is to design an efficient searchable encryption scheme with dynamic updates and forward privacy guarantees. In this paper, a novel private multi-linked dynamic index for encrypted document retrieval namely Pindex is proposed. The multi-linked dynamic index is constructed using probabilistic homomorphic encryption mechanism and secret orthogonal vectors. Full security proofs for correctness and forward privacy in the random oracle model is provided. Experiments on real world Enron dataset demonstrates that our construction is practical and efficient. The security and performance analysis of Pindex shows that the dynamic multi-linked index guarantees forward privacy without significant loss of efficiency.

Protecting Privacy and Transforming COVID-19 Case Surveillance Datasets for Public Use.

OBJECTIVES: Federal open-data initiatives that promote increased sharing of federally collected data are important for transparency, data quality, trust, and relationships with the public and state, tribal, local, and territorial partners. These initiatives advance understanding of health conditions and diseases by providing data to researchers, scientists, and policymakers for analysis, collaboration, and use outside the Centers for Disease Control and Prevention (CDC), particularly for emerging conditions such as COVID-19, for which data needs are constantly evolving. Since the beginning of the pandemic, CDC has collected person-level, de-identified data from jurisdictions and currently has more than 8 million records. We describe how CDC designed and produces 2 de-identified public datasets from these collected data. METHODS: We included data elements based on usefulness, public request, and privacy implications; we suppressed some field values to reduce the risk of re-identification and exposure of confidential information. We created datasets and verified them for privacy and confidentiality by using data management platform analytic tools and R scripts. RESULTS: Unrestricted data are available to the public through Data.CDC.gov, and restricted data, with additional fields, are available with a data-use agreement through a private repository on GitHub.com. PRACTICE IMPLICATIONS: Enriched understanding of the available public data, the methods used to create these data, and the algorithms used to protect the privacy of de-identified people allow for improved data use. Automating data-generation procedures improves the volume and timeliness of sharing data.

Guidance for using text, email, and video communication in practices devoted to reproductive medicine.

The prevalence and ease of electronic communication, specifically email through patient portals associated with electronic medical records or via traditional enterprise email clients (e.g., Outlook) and video, have resulted in increased use for rapid communication between practitioners and their patients. Concerns regarding patient privacy and compliance with the regulations of the Health Insurance Portability and Accountability Act (HIPAA) remain a barrier to routine incorporation of electronic communication into practice. Furthermore, capital investment, implementation, and maintenance costs may provide additional barriers. These long-standing concerns have been heightened and tested by the COVID-19 pandemic. Best-practice guidelines for the secure and safe use of electronic communication with reproductive care patients are provided.