End-to-end pseudonymization of fine-tuned clinical BERT models : Privacy preservation with maintained data utility.

Many state-of-the-art results in natural language processing (NLP) rely on large pre-trained language models (PLMs). These models consist of large amounts of parameters that are tuned using vast amounts of training data. These factors cause the models to memorize parts of their training data, making them vulnerable to various privacy attacks. This is cause for concern, especially when these models are applied in the clinical domain, where data are very sensitive. Training data pseudonymization is a privacy-preserving technique that aims to mitigate these problems. This technique automatically identifies and replaces sensitive entities with realistic but non-sensitive surrogates. Pseudonymization has yielded promising results in previous studies. However, no previous study has applied pseudonymization to both the pre-training data of PLMs and the fine-tuning data used to solve clinical NLP tasks. This study evaluates the effects on the predictive performance of end-to-end pseudonymization of Swedish clinical BERT models fine-tuned for five clinical NLP tasks. A large number of statistical tests are performed, revealing minimal harm to performance when using pseudonymized fine-tuning data. The results also find no deterioration from end-to-end pseudonymization of pre-training and fine-tuning data. These results demonstrate that pseudonymizing training data to reduce privacy risks can be done without harming data utility for training PLMs.

Medical Information Protection in Internet Hospital Apps in China: Scale Development and Content Analysis.

BACKGROUND: Hospital apps are increasingly being adopted in many countries, especially since the start of the COVID-19 pandemic. Web-based hospitals can provide valuable medical services and enhanced accessibility. However, increasing concerns about personal information (PI) and strict legal compliance requirements necessitate privacy assessments for these platforms. Guided by the theory of contextual integrity, this study investigates the regulatory compliance of privacy policies for internet hospital apps in the mainland of China. OBJECTIVE: In this paper, we aim to evaluate the regulatory compliance of privacy policies of internet hospital apps in the mainland of China and offer recommendations for improvement. METHODS: We obtained 59 internet hospital apps on November 7, 2023, and reviewed 52 privacy policies available between November 8 and 23, 2023. We developed a 3-level indicator scale based on the information processing activities, as stipulated in relevant regulations. The scale comprised 7 level-1 indicators, 26 level-2 indicators, and 70 level-3 indicators. RESULTS: The mean compliance score of the 52 assessed apps was 73/100 (SD 22.4%), revealing a varied spectrum of compliance. Sensitive PI protection compliance (mean 73.9%, SD 24.2%) lagged behind general PI protection (mean 90.4%, SD 14.7%), with only 12 apps requiring separate consent for processing sensitive PI (mean 73.9%, SD 24.2%). Although most apps (n=41, 79%) committed to supervising subcontractors, only a quarter (n=13, 25%) required users' explicit consent for subcontracting activities. Concerning PI storage security (mean 71.2%, SD 29.3%) and incident management (mean 71.8%, SD 36.6%), half of the assessed apps (n=27, 52%) committed to bear corresponding legal responsibility, whereas fewer than half (n=24, 46%) specified the security level obtained. Most privacy policies stated the PI retention period (n=40, 77%) and instances of PI deletion or anonymization (n=41, 79%), but fewer (n=20, 38.5%) committed to prompt third-party PI deletion. Most apps delineated various individual rights, but only a fraction addressed the rights to obtain copies (n=22, 42%) or to refuse advertisement based on automated decision-making (n=13, 25%). Significant deficiencies remained in regular compliance audits (mean 11.5%, SD 37.8%), impact assessments (mean 13.5%, SD 15.2%), and PI officer disclosure (mean 48.1%, SD 49.3%). CONCLUSIONS: Our analysis revealed both strengths and significant shortcomings in the compliance of internet hospital apps' privacy policies with relevant regulations. As China continues to implement internet hospital apps, it should ensure the informed consent of users for PI processing activities, enhance compliance levels of relevant privacy policies, and fortify PI protection enforcement across the information processing stages.

Collaborative learning from distributed data with differentially private synthetic data.

BACKGROUND: Consider a setting where multiple parties holding sensitive data aim to collaboratively learn population level statistics, but pooling the sensitive data sets is not possible due to privacy concerns and parties are unable to engage in centrally coordinated joint computation. We study the feasibility of combining privacy preserving synthetic data sets in place of the original data for collaborative learning on real-world health data from the UK Biobank. METHODS: We perform an empirical evaluation based on an existing prospective cohort study from the literature. Multiple parties were simulated by splitting the UK Biobank cohort along assessment centers, for which we generate synthetic data using differentially private generative modelling techniques. We then apply the original study's Poisson regression analysis on the combined synthetic data sets and evaluate the effects of 1) the size of local data set, 2) the number of participating parties, and 3) local shifts in distributions, on the obtained likelihood scores. RESULTS: We discover that parties engaging in the collaborative learning via shared synthetic data obtain more accurate estimates of the regression parameters compared to using only their local data. This finding extends to the difficult case of small heterogeneous data sets. Furthermore, the more parties participate, the larger and more consistent the improvements become up to a certain limit. Finally, we find that data sharing can especially help parties whose data contain underrepresented groups to perform better-adjusted analysis for said groups. CONCLUSIONS: Based on our results we conclude that sharing of synthetic data is a viable method for enabling learning from sensitive data without violating privacy constraints even if individual data sets are small or do not represent the overall population well. Lack of access to distributed sensitive data is often a bottleneck in biomedical research, which our study shows can be alleviated with privacy-preserving collaborative learning methods.

GEN-RWD Sandbox: bridging the gap between hospital data privacy and external research insights with distributed analytics.

BACKGROUND: Artificial intelligence (AI) has become a pivotal tool in advancing contemporary personalised medicine, with the goal of tailoring treatments to individual patient conditions. This has heightened the demand for access to diverse data from clinical practice and daily life for research, posing challenges due to the sensitive nature of medical information, including genetics and health conditions. Regulations like the Health Insurance Portability and Accountability Act (HIPAA) in the U.S. and the General Data Protection Regulation (GDPR) in Europe aim to strike a balance between data security, privacy, and the imperative for access. RESULTS: We present the Gemelli Generator - Real World Data (GEN-RWD) Sandbox, a modular multi-agent platform designed for distributed analytics in healthcare. Its primary objective is to empower external researchers to leverage hospital data while upholding privacy and ownership, obviating the need for direct data sharing. Docker compatibility adds an extra layer of flexibility, and scalability is assured through modular design, facilitating combinations of Proxy and Processor modules with various graphical interfaces. Security and reliability are reinforced through components like Identity and Access Management (IAM) agent, and a Blockchain-based notarisation module. Certification processes verify the identities of information senders and receivers. CONCLUSIONS: The GEN-RWD Sandbox architecture achieves a good level of usability while ensuring a blend of flexibility, scalability, and security. Featuring a user-friendly graphical interface catering to diverse technical expertise, its external accessibility enables personnel outside the hospital to use the platform. Overall, the GEN-RWD Sandbox emerges as a comprehensive solution for healthcare distributed analytics, maintaining a delicate equilibrium between accessibility, scalability, and security.

Machine learning cryptography methods for IoT in healthcare.

BACKGROUND: The increased application of Internet of Things (IoT) in healthcare, has fueled concerns regarding the security and privacy of patient data. Lightweight Cryptography (LWC) algorithms can be seen as a potential solution to address this concern. Due to the high variation of LWC, the primary objective of this study was to identify a suitable yet effective algorithm for securing sensitive patient information on IoT devices. METHODS: This study evaluates the performance of eight LWC algorithms-AES, PRESENT, MSEA, LEA, XTEA, SIMON, PRINCE, and RECTANGLE-using machine learning models. Experiments were conducted on a Raspberry Pi 3 microcontroller using 16 KB to 2048 KB files. Machine learning models were trained and tested for each LWC algorithm and their performance was evaluated based using precision, recall, F1-score, and accuracy metrics. RESULTS: The study analyzed the encryption/decryption execution time, energy consumption, memory usage, and throughput of eight LWC algorithms. The RECTANGLE algorithm was identified as the most suitable and efficient LWC algorithm for IoT in healthcare due to its speed, efficiency, simplicity, and flexibility. CONCLUSIONS: This research addresses security and privacy concerns in IoT healthcare and identifies key performance factors of LWC algorithms utilizing the SLR research methodology. Furthermore, the study provides insights into the optimal choice of LWC algorithm for enhancing privacy and security in IoT healthcare environments.

The need for cybersecurity self-evaluation in healthcare.

The Australian healthcare sector is a complex mix of government departments, associations, providers, professionals, and consumers. Cybersecurity attacks, which have recently increased, challenge the sector in many ways; however, the best approaches for the sector to manage the threat are unclear. This study will report on a semi-structured focus group conducted with five representatives from the Australian healthcare and computer security sectors. An analysis of this focus group transcript yielded four themes: 1) the challenge of securing the Australian healthcare landscape; 2) the financial challenges of cybersecurity in healthcare; 3) balancing privacy and transparency; 4) education and regulation. The results indicate the need for sector-specific tools to empower the healthcare sector to mitigate cybersecurity threats, most notably using a self-evaluation tool so stakeholders can proactively prepare for incidents. Despite the vast amount of research into cybersecurity, little has been conducted on proactive cybersecurity approaches where security weaknesses are identified weaknesses before they occur.

Exploring the tradeoff between data privacy and utility with a clinical data analysis use case.

BACKGROUND: Securing adequate data privacy is critical for the productive utilization of data. De-identification, involving masking or replacing specific values in a dataset, could damage the dataset's utility. However, finding a reasonable balance between data privacy and utility is not straightforward. Nonetheless, few studies investigated how data de-identification efforts affect data analysis results. This study aimed to demonstrate the effect of different de-identification methods on a dataset's utility with a clinical analytic use case and assess the feasibility of finding a workable tradeoff between data privacy and utility. METHODS: Predictive modeling of emergency department length of stay was used as a data analysis use case. A logistic regression model was developed with 1155 patient cases extracted from a clinical data warehouse of an academic medical center located in Seoul, South Korea. Nineteen de-identified datasets were generated based on various de-identification configurations using ARX, an open-source software for anonymizing sensitive personal data. The variable distributions and prediction results were compared between the de-identified datasets and the original dataset. We examined the association between data privacy and utility to determine whether it is feasible to identify a viable tradeoff between the two. RESULTS: All 19 de-identification scenarios significantly decreased re-identification risk. Nevertheless, the de-identification processes resulted in record suppression and complete masking of variables used as predictors, thereby compromising dataset utility. A significant correlation was observed only between the re-identification reduction rates and the ARX utility scores. CONCLUSIONS: As the importance of health data analysis increases, so does the need for effective privacy protection methods. While existing guidelines provide a basis for de-identifying datasets, achieving a balance between high privacy and utility is a complex task that requires understanding the data's intended use and involving input from data users. This approach could help find a suitable compromise between data privacy and utility.

ChatGPT in private practice: The opportunities and pitfalls of novel technology.

OBJECTIVE: This article explores the transformative impact of OpenAI and ChatGPT on Australian medical practitioners, particularly psychiatrists in the private practice setting. It delves into the extensive benefits and limitations associated with integrating ChatGPT into medical practice, summarising current policies and scrutinising medicolegal implications. CONCLUSION: A careful assessment is imperative to determine whether the benefits of AI integration outweigh the associated risks. Practitioners are urged to review AI-generated content to ensure its accuracy, recognising that liability likely resides with them rather than with AI platforms, despite the lack of case law specific to negligence and AI in the Australian context at present. It is important to employ measures that ensure patient confidentiality is not breached and practitioners are encouraged to seek counsel from their professional indemnity insurer. There is considerable potential for future development of specialised AI software tailored specifically for the medical profession, making the use of AI more suitable for the medical field in the Australian legal landscape. Moving forward, it is essential to embrace technology and actively address its challenges rather than dismissing AI integration into medical practice. It is becoming increasingly essential that both the psychiatric community, medical community at large and policy makers develop comprehensive guidelines to fill existing policy gaps and adapt to the evolving landscape of AI technologies in healthcare.

An enhanced pairing-free certificateless directed signature scheme.

Directed signature is a special cryptographic technique in which only the verifier designated by the signer can verify the validity of the signature. Directed signature can effectively protect the privacy of the signer's identity, so it is very suitable for medical records, taxation, and other fields. To improve the security and performance of the directed signature scheme, Gayathri et al. proposed the first certificateless directed signature (CLDS) scheme without bilinear pairing and claimed that their CLDS scheme could withstand Type I and Type II attacks. In this article, we provide two attack methods to assess the security of their CLDS scheme. Unfortunately, our results indicate that their CLDS scheme is insecure against Type I and Type II attacks. That is, their CLDS scheme does not meet the unforgeability and cannot achieve the expected security goals. To resist these attacks, we present an improved CLDS scheme and give the security proof. Compared with similar schemes, our scheme has better performance and higher security.

Nova lei garante sigilo a pessoas vivendo com HIV, hepatites crônicas, tuberculose e hanseníase

Foi sancionada, nesta terça-feira (4) a Lei nº 14.289, que obriga o sigilo sobre a condição de pessoas infectadas pelo vírus HIV e hepatites crônicas. A medida também abrange pessoas com hanseníase ou tuberculose. O sigilo é obrigatório no âmbito dos serviços de saúde, estabelecimentos de ensino, locais de trabalho, administração pública, segurança pública, processos judiciais e mídias escrita e audiovisual. O texto foi publicado no Diário Oficial da União.

Gobernanza de datos: estándares y buenas prácticas para la gestión de datos en salud: parte 2

La gestión de datos de salud es un factor fundamental para garantizar que los datos se recolectan, validan, transfieren, almacenan y resguardan de forma estandarizada, utilizando las mejores prácticas. Es esencial implementar procesos correctos para que los usuarios de los datos estén seguros de que los mismos son confiables, accesibles y actualizados. La gestión de datos de salud incluye, además, actividades relacionadas con la planificación, implementación, desarrollo y control de la información generada por una organización de salud, una región o un país. La computación en la nube es la tendencia que está siendo adoptada por las instituciones de salud y los gobiernos en los países de la región latinoamericana y, con ello, nuevos desafíos y oportunidades para la gobernanza de los datos.

Gobernanza de datos: estándares y buenas prácticas para la gestión de datos en salud: parte 1

La gestión de datos de salud es un factor fundamental para garantizar que los datos se recolectan, validan, transfieren, almacenan y resguardan de forma estandarizada, utilizando las mejores prácticas. Es esencial implementar procesos correctos para que los usuarios de los datos estén seguros de que los mismos son confiables, accesibles y actualizados. La gestión de datos de salud incluye, además, actividades relacionadas con la planificación, implementación, desarrollo y control de la información generada por una organización de salud, una región o un país. La computación en la nube es la tendencia que está siendo adoptada por las instituciones de salud y los gobiernos en los países de la región latinoamericana y, con ello, nuevos desafíos y oportunidades para la gobernanza de los datos.

Evaluating the Balance Between Privacy and Access in Digital Information Sharing.

OBJECTIVES: Access to personal health records in an ICU by persons involved in the patient's care (referred to broadly as "family members" below) has the potential to increase engagement and reduce the negative psychologic sequelae of such hospitalizations. Currently, little is known about patient preferences for information sharing with a designated family member in the ICU. We sought to understand the information-sharing preferences of former ICU patients and their family members and to identify predictors of information-sharing preferences. DESIGN: We performed an internet survey that was developed by a broad, multidisciplinary team of stakeholders. Formal pilot testing of the survey was conducted prior to internet survey administration to study subjects. SETTING: Internet survey. SUBJECTS: Subjects included English-speaking adults who had an ICU experience or a family member with ICU experience between 2013 and 2016. We used panel sampling to ensure an ethnically representative sample of the U.S. population. INTERVENTIONS: None. MEASUREMENTS AND MAIN RESULTS: One thousand five hundred twenty surveys were submitted, and 1,470 were included in analysis. The majority of respondents (93.6%) stated that they would want to share present and past medical history, either all or that related to their ICU stay, with a designated family member of their choosing. The majority (79%) would also want their designated family member to be able to access that information from a home computer. Although most respondents preferred to share all types of information, they indicated varying levels of willingness to share specific types of more sensitive information. Information-sharing preferences did not differ by age, sex, ethnicity, or type of prior experience in the ICU (i.e., patient or family member). CONCLUSIONS: In the context of an ICU admission, sharing personal health information with a person of the patient's choosing appears desirable for most patients and family members. Policies and implementation of regulations should take this into consideration.

Associations Between Privacy-Related Constructs and Depression and Suicide Risk in Health Care Professionals, Trainees, and Students.

PURPOSE: The University of California, San Diego screens health care professionals, trainees, and students for depression and suicide risk. Individuals complete a voluntary, anonymous online screening tool and choose whether to provide personal demographic information. This study assessed the relationship between privacy-related constructs and self-rated depression and suicide risk. METHOD: The authors analyzed responses to the screening tool collected from January 2018 to December 2019. Measures of depression, suicidal ideation and behaviors, and worry about stigma for seeking mental health services (i.e., privacy-related concern) were gathered. The number of demographic item nonresponses (i.e., age, gender, ethnicity/race, professional position) was operationalized as privacy-related behavior. Linear and logistic regression models were used to determine associations between privacy-related constructs (concern and behavior) and depression and suicide measures. RESULTS: A total of 1,224 respondents were included. On average, respondents reported mild depression (mean = 9.12, standard deviation = 5.94), but 43% (524/1,224) reported at least moderate depression. One in 5 respondents (248/1,224) reported worry about stigma for seeking mental health services, and more than 17% (212/1,224) skipped at least 1 demographic question. Privacy-related concern was statistically significantly and positively associated with recent depression and suicidal ideation and behaviors (odds ratios [ORs] = 3.13-7.02; 95% confidence interval [CI], 2.23-19.20; P's < .001) and with lifetime suicide attempts (OR = 1.76; 95% CI, 1.08-2.86; P = .02). Privacy-related behavior was statistically significantly and positively associated with suicide action (OR = 2.23; 95% CI, 1.24-4.02; P = .008). CONCLUSIONS: Privacy-related constructs may be meaningful correlates of mental health as respondents who endorsed these constructs had increased odds of worse depression and suicidal ideation and behaviors. Considering privacy-related constructs may be useful for identifying health care professionals, trainees, and students experiencing distress and in need of imminent mental health resources.

Gobernanza en salud digital en la era de COVID-19

La aceleración en la digitalización de las actividades sociales, producto de la pandemia de coronavirus, presentan un reto importante para los países latinoamericanos. En el caso particular de la salud, las estrategias de salud digital como la telesalud / telemedicina han tenido un incremento importante como alternativa para apoyar el acceso a la atención primaria en salud en algunos países de la región, no contando en algunos casos con el marco de gobernanza (Marcos legales, normativos y estratégicos) necesario para su implementación y su sostenibilidad en el tiempo.

Workshop RNDS: segurança da informação - 11/12/2020

Factores associados a falência ao tratamento antiretroviral em adolescentes seguidos no departamento de pediatria do hospital central de Maputo, janeiro de 2010 a janeiro 2020 / Factors associated with antiretroviral treatment failure in adolescents followed at the department of paediatrics, Maputo central hospital, january 2010 to january 2020

A sobrevivência melhorada das crianças vivendo com HIV, resultante de uma excelente cobertura do tratamento antirretroviral pediátrico (TARV) levou a um aumento no número de adolescentes em TARV e por sua vez em falência terapêutica, o que ditou a realização deste estudo com objectivo de conhecer os factores associados á falência ao TARV nos adolescentes em seguimento no Departamento de Pediatria do Hospital Central de Maputo. Foi feito um estudo retrospectivo incluindo adolescentes dos 10 aos 18 anos, com infecção por HIV, em TARV, em seguimento no período compreendido entre 1 de Janeiro de 2010 a 31 de Janeiro de 2020, no HCM. Foi feita uma estatística descritiva e uma análise de regressão multifactorial para se encontrar os factores com significância estatística associados á falência terapêutica ao TARV. Os resultados mostram que, de um total de 206 adolescentes em seguimento nesta consulta, foram excluidos 27, por informação incompleta, e incluidos 179 adolescentes. Dos adolescentes incluidos no estudo, 42 apresentaram critérios de falência terapêutica virológica, correspondendo a 23,5% dos adolescentes estudados. Os factores associados á falência terapêutica foram: o regime TARV anterior com análogos não nucleosídeos com OR 6.16 (IC95% 1.17- 32.4; p - 0.00); índice de massa corporal com OR 6.08 (IC95% 1.23-30.0; p-0,02), e fadiga com OR 5.76 (IC95% 1.01-32.8; p-0,04). De notar que, a boa adesão ao TARV teve uma associação negativa à falência, com OR-0.03 (IC95% 0.00-0.19; p -0.00). Em conclusão, cerca de um quarto dos adolescentes em TARV seguidos no HCM de 2010 ­ 2020, apresentam falência terapêutica e os factores associados são: um regime terapêutico anterior baseado em análogos não nucleosídeos, desnutrição crónica moderada e fadiga .O facto de uma boa adesão mostrar uma associação negativa, sugere que a má adesão possa ser um factor influente no aparecimento da falência terapêutica, aliás demonstrado por diversos autores.

The increased survival of HIV-infected children, associated with excellent antiretroviral treatment (ART) outcomes, resulted in an increase in adolescents living with HIV and a subsequent increase in adolescents. with treatment failure.This increase in the number of adolescents in treatment failure led to the realization of this study with the aim of knowing the factors associated to ART failure in adolescents being followed up at the Pediatrics Department of the Maputo Central Hospital.The study is retrospective- and data extracted from various sources were analyzed as follows: the database of adolescent consultations, clinical records of patients, individual forms of antiretroviral drugs in the pharmacy, and form of the psychological evaluation of adolescents from 10 to 18 years old, on ART, in follow-up in the period between January 1, 2010, and January 31, 2020. The results show a total of 206 adolescents in follow-up, of which 27 were excluded due to incomplete information. In the end, 179 adolescents were included, of which 42 had a virologic failure, corresponding to 23.5% of the adolescents studied. Factors associated with treatment failure were: previous ART regimen with non-nucleoside analogs OR 6.16 (95%CI 1.17-32.4; p -0.00); body mass index between OR 6.08 (IC95% 1.23-30.0; p-0,02) and fatigue OR 5.76 (IC95% 1.01-32.8; p-0,04). Of note, good adherence had a negative association with treatment failure OR-0.03 (95%CI 0.00-0.19; p -0.00). In conclusion, a prior therapeutic regimen based on nucleoside analogs, malnutrition, and fatigue were the factors associated with treatment failure in adolescents followed at HCM from 2010-to 2020. The fact that good adherence showed a negative association suggests that poor adherence may be an influential factor in the upsurge of therapeutic failure, which was demonstrated by several authors.