E-Health: Security, Privacy, and Ethics Requirements from a National Perspective in I. R. Iran.

This paper explores the security, privacy, and ethical implications of e-health data in Iran's healthcare network. A framework is proposed to ensure security and privacy in electronic health information processing across various institutions. The framework addresses aspects such as software/hardware, communication networks, patient safety, privacy, confidentiality, online health service regulations, commercial and judicial exploitation, and education/research. The study categorizes these requirements into seven main categories to safeguard health-oriented service recipients' security and privacy.

[Ethics and artificial intelligence]. / Ethik und künstliche Intelligenz.

The introduction of artificial intelligence (AI) into radiology promises to enhance efficiency and improve diagnostic accuracy, yet it also raises manifold ethical questions. These include data protection issues, the future role of radiologists, liability when using AI systems, and the avoidance of bias. To prevent data bias, the datasets need to be compiled carefully and to be representative of the target population. Accordingly, the upcoming European Union AI act sets particularly high requirements for the datasets used in training medical AI systems. Cognitive bias occurs when radiologists place too much trust in the results provided by AI systems (overreliance). So far, diagnostic AI systems are used almost exclusively as "second look" systems. If diagnostic AI systems are to be used in the future as "first look" systems or even as autonomous AI systems in order to enhance efficiency in radiology, the question of liability needs to be addressed, comparable to liability for autonomous driving. Such use of AI would also significantly change the role of radiologists.

Ethical and social reflections on the proposed European Health Data Space.

The COVID-19 pandemic demonstrated the benefits of international data sharing. Data sharing enabled the health care policy makers to make decisions based on real-time data, it enabled the tracking of the virus, and importantly it enabled the development of vaccines that were crucial to mitigating the impact of the virus. This data sharing is not the norm as data sharing needs to navigate complex ethical and legal rules, and in particular, the fragmented application of the General Data Protection Regulation (GDPR). The introduction of the draft regulation for a European Health Data Space (EHDS) in May 2022 seeks to address some of these legal issues. If passed, it will create an obligation to share electronic health data for certain secondary purposes. While there is a clear need to address the legal complexities involved with data sharing, it is critical that any proposed reforms are in line with ethical principles and the expectations of the data subjects. In this paper we offer a critique of the EHDS and offer some recommendations for this evolving regulatory space.

Ethical considerations for artificial intelligence in dermatology: a scoping review.

The field of dermatology is experiencing the rapid deployment of artificial intelligence (AI), from mobile applications (apps) for skin cancer detection to large language models like ChatGPT that can answer generalist or specialist questions about skin diagnoses. With these new applications, ethical concerns have emerged. In this scoping review, we aimed to identify the applications of AI to the field of dermatology and to understand their ethical implications. We used a multifaceted search approach, searching PubMed, MEDLINE, Cochrane Library and Google Scholar for primary literature, following the PRISMA Extension for Scoping Reviews guidance. Our advanced query included terms related to dermatology, AI and ethical considerations. Our search yielded 202 papers. After initial screening, 68 studies were included. Thirty-two were related to clinical image analysis and raised ethical concerns for misdiagnosis, data security, privacy violations and replacement of dermatologist jobs. Seventeen discussed limited skin of colour representation in datasets leading to potential misdiagnosis in the general population. Nine articles about teledermatology raised ethical concerns, including the exacerbation of health disparities, lack of standardized regulations, informed consent for AI use and privacy challenges. Seven addressed inaccuracies in the responses of large language models. Seven examined attitudes toward and trust in AI, with most patients requesting supplemental assessment by a physician to ensure reliability and accountability. Benefits of AI integration into clinical practice include increased patient access, improved clinical decision-making, efficiency and many others. However, safeguards must be put in place to ensure the ethical application of AI.

The use of artificial intelligence (AI) in dermatology is rapidly increasing, with applications in dermatopathology, medical dermatology, cutaneous surgery, microscopy/spectroscopy and the identification of prognostic biomarkers (characteristics that provide information on likely patient health outcomes). However, with the rise of AI in dermatology, ethical concerns have emerged. We reviewed the existing literature to identify applications of AI in the field of dermatology and understand the ethical implications. Our search initially identified 202 papers, and after we went through them (screening), 68 were included in our review. We found that ethical concerns are related to the use of AI in the areas of clinical image analysis, teledermatology, natural language processing models, privacy, skin of colour representation, and patient and provider attitudes toward AI. We identified nine ethical principles to facilitate the safe use of AI in dermatology. These ethical principles include fairness, inclusivity, transparency, accountability, security, privacy, reliability, informed consent and conflict of interest. Although there are many benefits of integrating AI into clinical practice, our findings highlight how safeguards must be put in place to reduce rising ethical concerns.

Dataísmo (de la salud), tecnología y privacidad / (Health) dataism, technology and privacy

El dataísmo puede privar al individuo de su privacidad. Las personas reflexionan sobre el coste de oportunidad que supone ceder sus datos y otorgan mayor importancia a la efectividad en la lucha contra enfermedades y pandemias frente a su uso ilícito, ilegal o poco ético. El big data es un bien común de la humanidad, y compartir datos puede salvar vidas, pero aprovechémoslo aplicando correctamente la ética de los datos, donde los gobiernos y organizaciones estén implicados y se respete el derecho fundamental de protección de datos. (AU)

Dataism can deprive the individuals of their privacy. People are reflecting on the opportunity cost of giving away their data and are placing greater importance on the effectiveness of fighting diseases and pandemics than on its illicit, illegal or unethical use. Big data is a common good of humanity, and sharing data can save lives, but let’s harness it with the right application of data ethics, where governments and organisations are involved and the fundamental right to data protection is respected. (AU)

A Literature Review on the GDPR, COVID-19 and the Ethical Considerations of Data Protection During a Time of Crisis.

OBJECTIVE: This survey article presents a literature review of relevant publications aiming to explore whether the EU's General Data Protection Regulation (GDPR) has held true during a time of crisis and the implications that arose during the COVID-19 outbreak. METHOD AND RESULTS: Based on the approach taken and the screening of the relevant articles, the results focus on three themes: a critique on GDPR; the ethics surrounding the use of digital health technologies, namely in the form of mobile applications; and the possibility of cross border transfers of said data outside of Europe. Within this context, the article reviews the arising themes, considers the use of data through mobile health applications, and discusses whether data protection may require a revision when balancing societal and personal interests. CONCLUSIONS: In summary, although it is clear that the GDPR has been applied through a mixed and complex experience with data handling during the pandemic, the COVID-19 pandemic has indeed shown that it was a test the GDPR was designed and prepared to undertake. The article suggests that further review and research is needed to first ensure that an understanding of the state of the art in data protection during the pandemic is maintained and second to subsequently explore and carefully create a specific framework for the ethical considerations involved. The paper echoes the literature reviewed and calls for the creation of a unified and harmonised network or database to enable the secure data sharing across borders.

Privacy-Oriented Technique for COVID-19 Contact Tracing (PROTECT) Using Homomorphic Encryption: Design and Development Study.

BACKGROUND: Various techniques are used to support contact tracing, which has been shown to be highly effective against the COVID-19 pandemic. To apply the technology, either quarantine authorities should provide the location history of patients with COVID-19, or all users should provide their own location history. This inevitably exposes either the patient's location history or the personal location history of other users. Thus, a privacy issue arises where the public good (via information release) comes in conflict with privacy exposure risks. OBJECTIVE: The objective of this study is to develop an effective contact tracing system that does not expose the location information of the patient with COVID-19 to other users of the system, or the location information of the users to the quarantine authorities. METHODS: We propose a new protocol called PRivacy Oriented Technique for Epidemic Contact Tracing (PROTECT) that securely shares location information of patients with users by using the Brakerski/Fan-Vercauteren homomorphic encryption scheme, along with a new, secure proximity computation method. RESULTS: We developed a mobile app for the end-user and a web service for the quarantine authorities by applying the proposed method, and we verified their effectiveness. The proposed app and web service compute the existence of intersections between the encrypted location history of patients with COVID-19 released by the quarantine authorities and that of the user saved on the user's local device. We also found that this contact tracing smartphone app can identify whether the user has been in contact with such patients within a reasonable time. CONCLUSIONS: This newly developed method for contact tracing shares location information by using homomorphic encryption, without exposing the location information of patients with COVID-19 and other users. Homomorphic encryption is challenging to apply to practical issues despite its high security value. In this study, however, we have designed a system using the Brakerski/Fan-Vercauteren scheme that is applicable to a reasonable size and developed it to an operable format. The developed app and web service can help contact tracing for not only the COVID-19 pandemic but also other epidemics.

Revolutionizing Medical Data Sharing Using Advanced Privacy-Enhancing Technologies: Technical, Legal, and Ethical Synthesis.

Multisite medical data sharing is critical in modern clinical practice and medical research. The challenge is to conduct data sharing that preserves individual privacy and data utility. The shortcomings of traditional privacy-enhancing technologies mean that institutions rely upon bespoke data sharing contracts. The lengthy process and administration induced by these contracts increases the inefficiency of data sharing and may disincentivize important clinical treatment and medical research. This paper provides a synthesis between 2 novel advanced privacy-enhancing technologies-homomorphic encryption and secure multiparty computation (defined together as multiparty homomorphic encryption). These privacy-enhancing technologies provide a mathematical guarantee of privacy, with multiparty homomorphic encryption providing a performance advantage over separately using homomorphic encryption or secure multiparty computation. We argue multiparty homomorphic encryption fulfills legal requirements for medical data sharing under the European Union's General Data Protection Regulation which has set a global benchmark for data protection. Specifically, the data processed and shared using multiparty homomorphic encryption can be considered anonymized data. We explain how multiparty homomorphic encryption can reduce the reliance upon customized contractual measures between institutions. The proposed approach can accelerate the pace of medical research while offering additional incentives for health care and research institutes to employ common data interoperability standards.

[Current Status and the Future of Protection and Utilization of Personal Information at Medical Facilities Based on the Understanding of Related Regulations].

In September 2015, "the Act on the Protection of Personal Information" was amended. Accordingly, "the Ethical Guidelines for Medical Research Involving Human Subjects" were also amended. "The Act on Anonymized Medical Data That Are Meant to Contribute to Research and Development in the Medical Field," which came into effect in May 2018, aims to collect and utilize medical information of each patient from medical institutions for the purpose of research and development in the medical field. Thus, the rules of personal information that need to be followed are changing considerably in the balance between importance of protection and utilization for medical development. Therefore, health care professionals and researchers are required to fully understand the current situation and the future.

Medical and Legal Aspects of the Practice of Teledermatology in Spain. / Aspectos medicolegales de la práctica de la teledermatología en España.

Teledermatology is now fully incorporated into our clinical practice. However, after reviewing current legislation on the ethical aspects of teledermatology (data confidentiality, quality of care, patient autonomy, and privacy) as well as insurance and professional responsibility, we observed that a specific regulatory framework is still lacking and related legal aspects are still at a preliminary stage of development. Safeguarding confidentiality and patient autonomy and ensuring secure storage and transfer of data are essential aspects of telemedicine. One of the main topics of debate has been the responsibilities of the physicians involved in the process, with the concept of designating a single responsible clinician emerging as a determining factor in the allocation of responsibility in this setting. A specific legal and regulatory framework must be put in place to ensure the safe practice of teledermatology for medical professionals and their patients.

[Ethics and confidentiality of a patient in a medical biology laboratory]. / L'éthique et la confidentialité du patient au laboratoire de biologie médicale.

Confidentiality is based on principles of deontology and ethics, which are included in French regulations and supported by the professional orders. It contributes to the respect and dignity of the patient. If this consideration of the human person is old, it has been updated to build the framework imposed by the accreditation of medical biology laboratories. Confidentiality is thus reflected in a charter of ethics, a model of which we propose here. It reflects the commitments of healthcare professionals in the processing of biological samples from patients. Confidentiality is thus applied, in a practical way, at each phase of the laboratory's activity. In the pre-analytical phase, it organizes the reception of the patient and the taking of samples, taking into account the particular case of minors. In the analytical phase, confidentiality imposes limited access to the technical premises and the organization of the flow of personnel from outside the laboratory. Finally, in the post-analytical phase, the reporting of results is regulated, depending on the type of analyses performed and the person to whom the results are to be reported (patient or prescriber). The particular case of spermiology illustrates all these points. Finally, during these phases of sample processing, document management is also a matter of confidentiality and data protection. Confidentiality is essential to the functioning of a health care structure, but it is restrictive in its day-to-day implementation. Nevertheless, it must be combined with an awareness of all staff to address the ethical issue of human dignity.

Pacientes con hepatitis C perdidos en el sistema: aspectos éticos-legales y resultados de su búsqueda / No disponible

INTRODUCCIÓN: se conoce la existencia de pacientes con hepatitis C perdidos en el sistema, pero se desconocen su prevalencia y características. Además, su identificación colisiona con la barrera de la protección de datos. MÉTODOS: se presentó un protocolo de identificación y contacto al Comité de Ética Asistencial. Se obtendrían las serologías anti-VHC+ de Microbiología entre 2010-18. Se analizaría su situación en la base de datos hospitalaria y regional. Se clasificarían: a) hepatitis C crónica, si última determinación de ARN-VHC+; b) hepatitis C curada, si última determinación de ARN-VHC- tras 12 semanas de tratamiento; c) hepatitis C posible, si anti-VHC+ sin determinación de ARN-VHC. Se considerarían perdidos aquellos con hepatitis C crónica o posible sin seguimiento en Digestivo o Medicina Interna. Se contactaría con ellos mediante correo postal y, posteriormente, por teléfono para ofrecerles tratamiento. RESULTADOS: el Comité de Ética consideró que el protocolo cumplía los principios bioéticos de autonomía, beneficencia, no maleficencia y justicia, y que el contacto era éticamente deseable. Sobre 4.816 serologías anti-VHC+ identificamos 677 pacientes perdidos (14,06 %; IC 95 %: 13,2-15,2): edad 54 años, 61 % hombres, 12 % extranjeros y 95 % monoinfectados. Se consumieron 1,3 minutos en el estudio de cada serología. Un 25 % de las perdidas habían sido solicitadas por Digestivo o Medicina Interna. De los 677 perdidos, 228 (33,7 %) tenían también ARN-VHC+ y 449 (66,3 %) solo tenían solicitada la serología. CONCLUSIÓN: un número importante de pacientes con hepatitis C se encuentran perdidos en el sistema. Su búsqueda y contacto es posible desde el punto de vista ético-legal

No disponible

Linking Survey and Twitter Data: Informed Consent, Disclosure, Security, and Archiving.

Linked survey and Twitter data present an unprecedented opportunity for social scientific analysis, but the ethical implications for such work are complex-requiring a deeper understanding of the nature and composition of Twitter data to fully appreciate the risks of disclosure and harm to participants. In this article, we draw on our experience of three recent linked data studies, briefly discussing the background research on data linkage and the complications around ensuring informed consent. Particular attention is paid to the vast array of data available from Twitter and in what manner it might be disclosive. In light of this, the issues of maintaining security, minimizing risk, archiving, and reuse are applied to linked Twitter and survey data. In conclusion, we reflect on how our ability to collect and work with Twitter data has outpaced our technical understandings of how the data are constituted and observe that understanding one's data is an essential prerequisite for ensuring best ethical practice.

Challenges with study procedure fidelity when conducting household survey: reports from the field.

OBJECTIVES: The aim of the study was to identify reasons for protocol deviations during conduct of large epidemiological surveys despite training of field workers, validating clinicians, and providing field supervisory support. Enquiries focused on breaches of recruitment procedures, privacy, confidentiality, and informed consent. The case study was a household survey conducted in Ile-Ife, Nigeria. RESULTS: The study reveals that despite training of field workers, providing supervisory support, and conducting validation exercises, protocol deviation still occurred. Measures to improve internal research validity during the conduct of surveys can minimise but not eliminate protocol deviations. Individual and environmental factors increase the risk for protocol deviation. Individual factors include personal bias against adherence to elements of the protocols, and pressure to meet personal recruitment targets to maximise remuneration. These pressures increase the risk of breaching study participants' recruitment process. Environmental pressures resulted from low research literacy that made it possible for field workers not to consent participants and for participants not to prioritise privacy. The use of electronic data collection enhanced data security. A key recommendation from the study was that improved field supervision will reduce the risk for protocol violation.

How the new European data protection regulation affects clinical research and recommendations?

Clinical research on human subjects or their data is confronted with conflicting requirements with, on one hand, the principle of open science (transparency and data sharing), the possibilities offered by big data and the reuse of healthcare or research data, and on the other, changes to the regulatory and legislative framework, including the general data protection regulation (GDPR). A roundtable was organized in Giens, France in October 2018 to identify problem areas, the need for clarification and streamlining, and to make recommendations to promote clinical research while ensuring a high level of patient protection. After details were given about these developments, the roundtable participants were able to propose recommendations, primarily (1) to clarify: what is considered anonymized data, and what is "public interest" within the meaning of the GDPR; (2) for the French data protection authority (CNIL) to continue preparing reference methodologies to simplify the approval system; (3) to promote the secondary use of data by making it easier to inform patients and obtain broad patient consent, by specifying the circumstances under which their withdrawal and opposition rights apply, so as to limit the risk of bias; (4) to facilitate access to data warehouses by providing technological and methodological aids. The roundtable also recommends increasing discussions between authorities in Europe on research topics, encouraging French authorities to contribute to the preparation of codes of conduct and setting up a voluntary harmonization procedure to coordinate the opinions of data protection authorities, while ensuring that key documents are available in English.

ATM Card Cloning and Ethical Considerations.

With the advent of modern technology, the way society handles and performs monetary transactions has changed tremendously. The world is moving swiftly towards the digital arena. The use of Automated Teller Machine (ATM) cards (credit and debit) has led to a "cash-less society" and has fostered digital payments and purchases. In addition to this, the trust and reliance of the society upon these small pieces of plastic, having numbers engraved upon them, has increased immensely over the last two decades. In the past few years, the number of ATM fraud cases has increased exponentially. With the money of the people shifting towards the digital platform, ATM skimming has become a problem that has eventually led to a global outcry. The present review discusses the serious repercussions of ATM card cloning and the associated privacy, ethical and legal concerns. The preventive measures which need to be taken and adopted by the government authorities to mitigate the problem have also been discussed.