An enhanced pairing-free certificateless directed signature scheme.

Directed signature is a special cryptographic technique in which only the verifier designated by the signer can verify the validity of the signature. Directed signature can effectively protect the privacy of the signer's identity, so it is very suitable for medical records, taxation, and other fields. To improve the security and performance of the directed signature scheme, Gayathri et al. proposed the first certificateless directed signature (CLDS) scheme without bilinear pairing and claimed that their CLDS scheme could withstand Type I and Type II attacks. In this article, we provide two attack methods to assess the security of their CLDS scheme. Unfortunately, our results indicate that their CLDS scheme is insecure against Type I and Type II attacks. That is, their CLDS scheme does not meet the unforgeability and cannot achieve the expected security goals. To resist these attacks, we present an improved CLDS scheme and give the security proof. Compared with similar schemes, our scheme has better performance and higher security.

Nova lei garante sigilo a pessoas vivendo com HIV, hepatites crônicas, tuberculose e hanseníase

Foi sancionada, nesta terça-feira (4) a Lei nº 14.289, que obriga o sigilo sobre a condição de pessoas infectadas pelo vírus HIV e hepatites crônicas. A medida também abrange pessoas com hanseníase ou tuberculose. O sigilo é obrigatório no âmbito dos serviços de saúde, estabelecimentos de ensino, locais de trabalho, administração pública, segurança pública, processos judiciais e mídias escrita e audiovisual. O texto foi publicado no Diário Oficial da União.

Gobernanza de datos: estándares y buenas prácticas para la gestión de datos en salud: parte 2

La gestión de datos de salud es un factor fundamental para garantizar que los datos se recolectan, validan, transfieren, almacenan y resguardan de forma estandarizada, utilizando las mejores prácticas. Es esencial implementar procesos correctos para que los usuarios de los datos estén seguros de que los mismos son confiables, accesibles y actualizados. La gestión de datos de salud incluye, además, actividades relacionadas con la planificación, implementación, desarrollo y control de la información generada por una organización de salud, una región o un país. La computación en la nube es la tendencia que está siendo adoptada por las instituciones de salud y los gobiernos en los países de la región latinoamericana y, con ello, nuevos desafíos y oportunidades para la gobernanza de los datos.

Gobernanza de datos: estándares y buenas prácticas para la gestión de datos en salud: parte 1

La gestión de datos de salud es un factor fundamental para garantizar que los datos se recolectan, validan, transfieren, almacenan y resguardan de forma estandarizada, utilizando las mejores prácticas. Es esencial implementar procesos correctos para que los usuarios de los datos estén seguros de que los mismos son confiables, accesibles y actualizados. La gestión de datos de salud incluye, además, actividades relacionadas con la planificación, implementación, desarrollo y control de la información generada por una organización de salud, una región o un país. La computación en la nube es la tendencia que está siendo adoptada por las instituciones de salud y los gobiernos en los países de la región latinoamericana y, con ello, nuevos desafíos y oportunidades para la gobernanza de los datos.

Associations Between Privacy-Related Constructs and Depression and Suicide Risk in Health Care Professionals, Trainees, and Students.

PURPOSE: The University of California, San Diego screens health care professionals, trainees, and students for depression and suicide risk. Individuals complete a voluntary, anonymous online screening tool and choose whether to provide personal demographic information. This study assessed the relationship between privacy-related constructs and self-rated depression and suicide risk. METHOD: The authors analyzed responses to the screening tool collected from January 2018 to December 2019. Measures of depression, suicidal ideation and behaviors, and worry about stigma for seeking mental health services (i.e., privacy-related concern) were gathered. The number of demographic item nonresponses (i.e., age, gender, ethnicity/race, professional position) was operationalized as privacy-related behavior. Linear and logistic regression models were used to determine associations between privacy-related constructs (concern and behavior) and depression and suicide measures. RESULTS: A total of 1,224 respondents were included. On average, respondents reported mild depression (mean = 9.12, standard deviation = 5.94), but 43% (524/1,224) reported at least moderate depression. One in 5 respondents (248/1,224) reported worry about stigma for seeking mental health services, and more than 17% (212/1,224) skipped at least 1 demographic question. Privacy-related concern was statistically significantly and positively associated with recent depression and suicidal ideation and behaviors (odds ratios [ORs] = 3.13-7.02; 95% confidence interval [CI], 2.23-19.20; P's < .001) and with lifetime suicide attempts (OR = 1.76; 95% CI, 1.08-2.86; P = .02). Privacy-related behavior was statistically significantly and positively associated with suicide action (OR = 2.23; 95% CI, 1.24-4.02; P = .008). CONCLUSIONS: Privacy-related constructs may be meaningful correlates of mental health as respondents who endorsed these constructs had increased odds of worse depression and suicidal ideation and behaviors. Considering privacy-related constructs may be useful for identifying health care professionals, trainees, and students experiencing distress and in need of imminent mental health resources.

Evaluating the Balance Between Privacy and Access in Digital Information Sharing.

OBJECTIVES: Access to personal health records in an ICU by persons involved in the patient's care (referred to broadly as "family members" below) has the potential to increase engagement and reduce the negative psychologic sequelae of such hospitalizations. Currently, little is known about patient preferences for information sharing with a designated family member in the ICU. We sought to understand the information-sharing preferences of former ICU patients and their family members and to identify predictors of information-sharing preferences. DESIGN: We performed an internet survey that was developed by a broad, multidisciplinary team of stakeholders. Formal pilot testing of the survey was conducted prior to internet survey administration to study subjects. SETTING: Internet survey. SUBJECTS: Subjects included English-speaking adults who had an ICU experience or a family member with ICU experience between 2013 and 2016. We used panel sampling to ensure an ethnically representative sample of the U.S. population. INTERVENTIONS: None. MEASUREMENTS AND MAIN RESULTS: One thousand five hundred twenty surveys were submitted, and 1,470 were included in analysis. The majority of respondents (93.6%) stated that they would want to share present and past medical history, either all or that related to their ICU stay, with a designated family member of their choosing. The majority (79%) would also want their designated family member to be able to access that information from a home computer. Although most respondents preferred to share all types of information, they indicated varying levels of willingness to share specific types of more sensitive information. Information-sharing preferences did not differ by age, sex, ethnicity, or type of prior experience in the ICU (i.e., patient or family member). CONCLUSIONS: In the context of an ICU admission, sharing personal health information with a person of the patient's choosing appears desirable for most patients and family members. Policies and implementation of regulations should take this into consideration.

Gobernanza en salud digital en la era de COVID-19

La aceleración en la digitalización de las actividades sociales, producto de la pandemia de coronavirus, presentan un reto importante para los países latinoamericanos. En el caso particular de la salud, las estrategias de salud digital como la telesalud / telemedicina han tenido un incremento importante como alternativa para apoyar el acceso a la atención primaria en salud en algunos países de la región, no contando en algunos casos con el marco de gobernanza (Marcos legales, normativos y estratégicos) necesario para su implementación y su sostenibilidad en el tiempo.

Workshop RNDS: segurança da informação - 11/12/2020

Factores associados a falência ao tratamento antiretroviral em adolescentes seguidos no departamento de pediatria do hospital central de Maputo, janeiro de 2010 a janeiro 2020 / Factors associated with antiretroviral treatment failure in adolescents followed at the department of paediatrics, Maputo central hospital, january 2010 to january 2020

A sobrevivência melhorada das crianças vivendo com HIV, resultante de uma excelente cobertura do tratamento antirretroviral pediátrico (TARV) levou a um aumento no número de adolescentes em TARV e por sua vez em falência terapêutica, o que ditou a realização deste estudo com objectivo de conhecer os factores associados á falência ao TARV nos adolescentes em seguimento no Departamento de Pediatria do Hospital Central de Maputo. Foi feito um estudo retrospectivo incluindo adolescentes dos 10 aos 18 anos, com infecção por HIV, em TARV, em seguimento no período compreendido entre 1 de Janeiro de 2010 a 31 de Janeiro de 2020, no HCM. Foi feita uma estatística descritiva e uma análise de regressão multifactorial para se encontrar os factores com significância estatística associados á falência terapêutica ao TARV. Os resultados mostram que, de um total de 206 adolescentes em seguimento nesta consulta, foram excluidos 27, por informação incompleta, e incluidos 179 adolescentes. Dos adolescentes incluidos no estudo, 42 apresentaram critérios de falência terapêutica virológica, correspondendo a 23,5% dos adolescentes estudados. Os factores associados á falência terapêutica foram: o regime TARV anterior com análogos não nucleosídeos com OR 6.16 (IC95% 1.17- 32.4; p - 0.00); índice de massa corporal com OR 6.08 (IC95% 1.23-30.0; p-0,02), e fadiga com OR 5.76 (IC95% 1.01-32.8; p-0,04). De notar que, a boa adesão ao TARV teve uma associação negativa à falência, com OR-0.03 (IC95% 0.00-0.19; p -0.00). Em conclusão, cerca de um quarto dos adolescentes em TARV seguidos no HCM de 2010 ­ 2020, apresentam falência terapêutica e os factores associados são: um regime terapêutico anterior baseado em análogos não nucleosídeos, desnutrição crónica moderada e fadiga .O facto de uma boa adesão mostrar uma associação negativa, sugere que a má adesão possa ser um factor influente no aparecimento da falência terapêutica, aliás demonstrado por diversos autores.

The increased survival of HIV-infected children, associated with excellent antiretroviral treatment (ART) outcomes, resulted in an increase in adolescents living with HIV and a subsequent increase in adolescents. with treatment failure.This increase in the number of adolescents in treatment failure led to the realization of this study with the aim of knowing the factors associated to ART failure in adolescents being followed up at the Pediatrics Department of the Maputo Central Hospital.The study is retrospective- and data extracted from various sources were analyzed as follows: the database of adolescent consultations, clinical records of patients, individual forms of antiretroviral drugs in the pharmacy, and form of the psychological evaluation of adolescents from 10 to 18 years old, on ART, in follow-up in the period between January 1, 2010, and January 31, 2020. The results show a total of 206 adolescents in follow-up, of which 27 were excluded due to incomplete information. In the end, 179 adolescents were included, of which 42 had a virologic failure, corresponding to 23.5% of the adolescents studied. Factors associated with treatment failure were: previous ART regimen with non-nucleoside analogs OR 6.16 (95%CI 1.17-32.4; p -0.00); body mass index between OR 6.08 (IC95% 1.23-30.0; p-0,02) and fatigue OR 5.76 (IC95% 1.01-32.8; p-0,04). Of note, good adherence had a negative association with treatment failure OR-0.03 (95%CI 0.00-0.19; p -0.00). In conclusion, a prior therapeutic regimen based on nucleoside analogs, malnutrition, and fatigue were the factors associated with treatment failure in adolescents followed at HCM from 2010-to 2020. The fact that good adherence showed a negative association suggests that poor adherence may be an influential factor in the upsurge of therapeutic failure, which was demonstrated by several authors.

Enhanced quantum signature scheme using quantum amplitude amplification operators.

Quantum signature is the use of the principles of quantum computing to establish a trusted communication between two parties. In this paper, a quantum signature scheme using amplitude amplification techniques will be proposed. To secure the signature, the proposed scheme uses a partial diffusion operator and a diffusion operator to hide/unhide certain quantum states during communication. The proposed scheme consists of three phases, preparation phase, signature phase and verification phase. To confuse the eavesdropper, the quantum states representing the signature might be hidden, not hidden or encoded in Bell states. It will be shown that the proposed scheme is more secure against eavesdropping when compared with relevant quantum signature schemes.

Design and Application of Electronic Rehabilitation Medical Record (ERMR) Sharing Scheme Based on Blockchain Technology.

As the value of blockchain has been widely recognized, more and more industries are proposing their blockchain solutions, including the rehabilitation medical industry. Blockchain can play a powerful role in the field of rehabilitation medicine, bringing a new research idea to the management of rehabilitation medical data. The electronic rehabilitation medical record (ERMR) contains rich data dimensions, which can provide comprehensive and accurate information for assessing the health of patients, thereby enhancing the effect of rehabilitation treatment. This paper analyzed the data characteristics of ERMR and the application requirements of blockchain in rehabilitation medicine. Based on the basic principles of blockchain, the technical advantages of blockchain used in ERMR sharing have been studied. In addition, this paper designed a blockchain-based ERMR sharing scheme in detail, using the specific technologies of blockchain such as hybrid P2P network, block-chain data structure, asymmetric encryption algorithm, digital signature, and Raft consensus algorithm to achieve distributed storage, data security, privacy protection, data consistency, data traceability, and data ownership in the process of ERMR sharing. The research results of this paper have important practical significance for realizing the safe and efficient sharing of ERMR, and can provide important technical references for the management of rehabilitation medical data with broad application prospects.

A Normative Framework for the Reconciliation of EU Data Protection Law and Medical Research Ethics.

EU data protection law and medical research ethics overlap in scope and content in numerous instances in which personal data are processed in medical research. It is not always the case, however, that the conditions outlined by the two rule-sets precisely coincide. In the past few years, this lack of confluence has led to confusion as to how the two rule-sets should best relate to one another. This confusion has led to different approaches to the relationship being taken, on occasion leading to counter-intuitive conclusions. Unfortunately, there has hitherto been little effort to provide clarity to this confusion. In this regard, this article attempts to provide a general normative framework aimed at facilitating optimally cogent and just reconciliations of EU data protection law and medical research ethics.

Pindex: Private multi-linked index for encrypted document retrieval.

Cryptographic cloud storage is used to make optimal use of the cloud storage infrastructure to outsource sensitive and mission-critical data. The continuous growth of encrypted data outsourced to cloud storage requires continuous updating. Attacks like file-injection are reported to compromise confidentiality of the user as a consequence of information leakage during update. It is required that dynamic schemes provide forward privacy guarantees. Updates should not leak information to the untrusted server regarding the previously issued queries. Therefore, the challenge is to design an efficient searchable encryption scheme with dynamic updates and forward privacy guarantees. In this paper, a novel private multi-linked dynamic index for encrypted document retrieval namely Pindex is proposed. The multi-linked dynamic index is constructed using probabilistic homomorphic encryption mechanism and secret orthogonal vectors. Full security proofs for correctness and forward privacy in the random oracle model is provided. Experiments on real world Enron dataset demonstrates that our construction is practical and efficient. The security and performance analysis of Pindex shows that the dynamic multi-linked index guarantees forward privacy without significant loss of efficiency.

Protecting Privacy and Transforming COVID-19 Case Surveillance Datasets for Public Use.

OBJECTIVES: Federal open-data initiatives that promote increased sharing of federally collected data are important for transparency, data quality, trust, and relationships with the public and state, tribal, local, and territorial partners. These initiatives advance understanding of health conditions and diseases by providing data to researchers, scientists, and policymakers for analysis, collaboration, and use outside the Centers for Disease Control and Prevention (CDC), particularly for emerging conditions such as COVID-19, for which data needs are constantly evolving. Since the beginning of the pandemic, CDC has collected person-level, de-identified data from jurisdictions and currently has more than 8 million records. We describe how CDC designed and produces 2 de-identified public datasets from these collected data. METHODS: We included data elements based on usefulness, public request, and privacy implications; we suppressed some field values to reduce the risk of re-identification and exposure of confidential information. We created datasets and verified them for privacy and confidentiality by using data management platform analytic tools and R scripts. RESULTS: Unrestricted data are available to the public through Data.CDC.gov, and restricted data, with additional fields, are available with a data-use agreement through a private repository on GitHub.com. PRACTICE IMPLICATIONS: Enriched understanding of the available public data, the methods used to create these data, and the algorithms used to protect the privacy of de-identified people allow for improved data use. Automating data-generation procedures improves the volume and timeliness of sharing data.

Guidance for using text, email, and video communication in practices devoted to reproductive medicine.

The prevalence and ease of electronic communication, specifically email through patient portals associated with electronic medical records or via traditional enterprise email clients (e.g., Outlook) and video, have resulted in increased use for rapid communication between practitioners and their patients. Concerns regarding patient privacy and compliance with the regulations of the Health Insurance Portability and Accountability Act (HIPAA) remain a barrier to routine incorporation of electronic communication into practice. Furthermore, capital investment, implementation, and maintenance costs may provide additional barriers. These long-standing concerns have been heightened and tested by the COVID-19 pandemic. Best-practice guidelines for the secure and safe use of electronic communication with reproductive care patients are provided.

Sharing ICU Patient Data Responsibly Under the Society of Critical Care Medicine/European Society of Intensive Care Medicine Joint Data Science Collaboration: The Amsterdam University Medical Centers Database (AmsterdamUMCdb) Example.

OBJECTIVES: Critical care medicine is a natural environment for machine learning approaches to improve outcomes for critically ill patients as admissions to ICUs generate vast amounts of data. However, technical, legal, ethical, and privacy concerns have so far limited the critical care medicine community from making these data readily available. The Society of Critical Care Medicine and the European Society of Intensive Care Medicine have identified ICU patient data sharing as one of the priorities under their Joint Data Science Collaboration. To encourage ICUs worldwide to share their patient data responsibly, we now describe the development and release of Amsterdam University Medical Centers Database (AmsterdamUMCdb), the first freely available critical care database in full compliance with privacy laws from both the United States and Europe, as an example of the feasibility of sharing complex critical care data. SETTING: University hospital ICU. SUBJECTS: Data from ICU patients admitted between 2003 and 2016. INTERVENTIONS: We used a risk-based deidentification strategy to maintain data utility while preserving privacy. In addition, we implemented contractual and governance processes, and a communication strategy. Patient organizations, supporting hospitals, and experts on ethics and privacy audited these processes and the database. MEASUREMENTS AND MAIN RESULTS: AmsterdamUMCdb contains approximately 1 billion clinical data points from 23,106 admissions of 20,109 patients. The privacy audit concluded that reidentification is not reasonably likely, and AmsterdamUMCdb can therefore be considered as anonymous information, both in the context of the U.S. Health Insurance Portability and Accountability Act and the European General Data Protection Regulation. The ethics audit concluded that responsible data sharing imposes minimal burden, whereas the potential benefit is tremendous. CONCLUSIONS: Technical, legal, ethical, and privacy challenges related to responsible data sharing can be addressed using a multidisciplinary approach. A risk-based deidentification strategy, that complies with both U.S. and European privacy regulations, should be the preferred approach to releasing ICU patient data. This supports the shared Society of Critical Care Medicine and European Society of Intensive Care Medicine vision to improve critical care outcomes through scientific inquiry of vast and combined ICU datasets.

The value of federated learning during and post-COVID-19.

Federated learning (FL) as a distributed machine learning (ML) technique has lately attracted increasing attention of healthcare stakeholders as FL is perceived as a promising decentralized approach to address data privacy and security concerns. The FL approach stores and maintains the privacy-sensitive data locally while allows multiple sites to train ML models collaboratively. We aim to describe the most recent real-world cases using the FL in both COVID-19 and non-COVID-19 scenarios and also highlight current limitations and practical challenges of FL.