Your browser doesn't support javascript.
Mostrar: 20 | 50 | 100
Resultados 1 - 20 de 174
Filtrar
3.
PLoS One ; 13(10): e0202657, 2018.
Artigo em Inglês | MEDLINE | ID: mdl-30300362

RESUMO

Recently, Li et al. proposed a novel smart card and dynamic ID-based remote user authentication scheme for multi-server environments. They claimed that their scheme can resist several types of attacks. However, through careful analysis, we find that Li et al.'s scheme is vulnerable to stolen smart card and off-line dictionary attacks, replay attacks, impersonation attacks and server spoofing attacks. By analyzing other similar schemes, we find that a certain type of dynamic ID-based multi-server authentication scheme in which only hash functions are used and whereby no registration center participates in the authentication and session key agreement phase faces difficulties in providing perfectly efficient and secure authentication. To compensate for these shortcomings, we propose a novel dynamic ID-based remote user authentication scheme for multi-server environments based on pairing and self-certified public keys. Security and performance analyses show that the proposed scheme is secure against various attacks and has many excellent features.


Assuntos
Identificação Biométrica , Segurança Computacional/tendências , Cartões Inteligentes de Saúde , Interface Usuário-Computador , Algoritmos , Certificação , Computadores , Confidencialidade , Humanos , Telemedicina
5.
Int J Health Geogr ; 17(1): 25, 2018 07 05.
Artigo em Inglês | MEDLINE | ID: mdl-29973196

RESUMO

A PubMed query run in June 2018 using the keyword 'blockchain' retrieved 40 indexed papers, a reflection of the growing interest in blockchain among the medical and healthcare research and practice communities. Blockchain's foundations of decentralisation, cryptographic security and immutability make it a strong contender in reshaping the healthcare landscape worldwide. Blockchain solutions are currently being explored for: (1) securing patient and provider identities; (2) managing pharmaceutical and medical device supply chains; (3) clinical research and data monetisation; (4) medical fraud detection; (5) public health surveillance; (6) enabling truly public and open geo-tagged data; (7) powering many Internet of Things-connected autonomous devices, wearables, drones and vehicles, via the distributed peer-to-peer apps they run, to deliver the full vision of smart healthy cities and regions; and (8) blockchain-enabled augmented reality in crisis mapping and recovery scenarios, including mechanisms for validating, crediting and rewarding crowdsourced geo-tagged data, among other emerging use cases. Geospatially-enabled blockchain solutions exist today that use a crypto-spatial coordinate system to add an immutable spatial context that regular blockchains lack. These geospatial blockchains do not just record an entry's specific time, but also require and validate its associated proof of location, allowing accurate spatiotemporal mapping of physical world events. Blockchain and distributed ledger technology face similar challenges as any other technology threatening to disintermediate legacy processes and commercial interests, namely the challenges of blockchain interoperability, security and privacy, as well as the need to find suitable and sustainable business models of implementation. Nevertheless, we expect blockchain technologies to get increasingly powerful and robust, as they become coupled with artificial intelligence (AI) in various real-word healthcare solutions involving AI-mediated data exchange on blockchains.


Assuntos
Segurança Computacional , Confidencialidade , Assistência à Saúde/métodos , Participação do Paciente/métodos , Análise Espacial , Segurança Computacional/tendências , Confidencialidade/tendências , Assistência à Saúde/tendências , Humanos , Participação do Paciente/tendências
6.
J Med Internet Res ; 20(7): e233, 2018 07 04.
Artigo em Inglês | MEDLINE | ID: mdl-29973332

RESUMO

BACKGROUND: Modern research is heavily reliant on online and mobile technologies, which is particularly true among historically hard-to-reach populations such as gay, bisexual, and other men who have sex with men (GBMSM). Despite this, very little empirical research has been published on participant perspectives about issues such as privacy, trust, and data sharing. OBJECTIVE: The objective of our study was to analyze data from an online sample of 11,032 GBMSM in the United States to examine their trust in and perspectives on privacy and data sharing within online and mobile research. METHODS: Participants were recruited via a social networking site or sexual networking app to complete an anonymous online survey. We conducted a series of repeated measures analyses adjusted for between-person factors to examine within-person differences in the following: (1) trust for guarding personal information across different venues (eg, online research conducted by a university vs. an online search engine); (2) privacy concerns about 12 different types of data for three distinct data activities (ie, collection by app owners, anonymous selling to third parties, and anonymous sharing with researchers); and (3) willingness to share those 12 different types of data with researchers. Due to the large sample size, we primarily reported measures of effect size as evidence of clinical significance. RESULTS: Online research was rated as most trusted and was more trusted than online and mobile technology companies, such as app owners and search engines, by magnitudes of effect that were moderate-to-large (ηpartial2=0.06-0.11). Responding about 12 different types of data, participants expressed more concerns about data being anonymously sold to third-party partners (mean 7.6, median 10.0) and fewer concerns about data being collected by the app owners (mean 5.8, median 5.0) or shared anonymously with researchers (mean 4.6, median 3.0); differences were small-to-moderate in size (ηpartial2=0.01-0.03). Furthermore, participants were most willing to share their public profile information (eg, age) with researchers but least willing to share device usage information (eg, other apps installed); the comparisons were small-to-moderate in size (ηpartial2=0.03). CONCLUSIONS: Participants reported high levels of trust in online and mobile research, which is noteworthy given recent high-profile cases of corporate and government data security breaches and privacy violations. Researchers and ethical boards should keep up with technological shifts to maintain the ability to guard privacy and confidentiality and maintain trust. There was substantial variability in privacy concerns about and willingness to share different types of data, suggesting the need to gain consent for data sharing on a specific rather than broad basis. Finally, we saw evidence of a privacy paradox, whereby participants expressed privacy concerns about the very types of data-related activities they have likely already permitted through the terms of the apps and sites they use regularly.


Assuntos
Segurança Computacional/tendências , Confidencialidade/normas , Homossexualidade Masculina/estatística & dados numéricos , Disseminação de Informação/métodos , Privacidade/psicologia , Comportamento Sexual/estatística & dados numéricos , Confiança/psicologia , Adolescente , Adulto , Idoso , Idoso de 80 Anos ou mais , Humanos , Internet , Masculino , Pessoa de Meia-Idade , Rede Social , Estados Unidos , Adulto Jovem
7.
J Med Internet Res ; 20(7): e10725, 2018 07 13.
Artigo em Inglês | MEDLINE | ID: mdl-30006325

RESUMO

In February 2018, the Government of India announced a massive public health insurance scheme extending coverage to 500 million citizens, in effect making it the world's largest insurance program. To meet this target, the government will rely on technology to effectively scale services, monitor quality, and ensure accountability. While India has seen great strides in informational technology development and outsourcing, cellular phone penetration, cloud computing, and financial technology, the digital health ecosystem is in its nascent stages and has been waiting for a catalyst to seed the system. This National Health Protection Scheme is expected to provide just this impetus for widespread adoption. However, health data in India are mostly not digitized. In the few instances that they are, the data are not standardized, not interoperable, and not readily accessible to clinicians, researchers, or policymakers. While such barriers to easy health information exchange are hardly unique to India, the greenfield nature of India's digital health infrastructure presents an excellent opportunity to avoid the pitfalls of complex, restrictive, digital health systems that have evolved elsewhere. We propose here a federated, patient-centric, application programming interface (API)-enabled health information ecosystem that leverages India's near-universal mobile phone penetration, universal availability of unique ID systems, and evolving privacy and data protection laws. It builds on global best practices and promotes the adoption of human-centered design principles, data minimization, and open standard APIs. The recommendations are the result of 18 months of deliberations with multiple stakeholders in India and the United States, including from academia, industry, and government.


Assuntos
Segurança Computacional/tendências , Registros Eletrônicos de Saúde/normas , Saúde Pública/métodos , Cobertura Universal do Seguro de Saúde/normas , Humanos , Índia
8.
Maturitas ; 113: 48-52, 2018 Jul.
Artigo em Inglês | MEDLINE | ID: mdl-29903648

RESUMO

Electronic healthcare technology is prevalent around the world and creates huge potential to improve clinical outcomes and transform care delivery. However, there are increasing concerns relating to the security of healthcare data and devices. Increased connectivity to existing computer networks has exposed medical devices to new cybersecurity vulnerabilities. Healthcare is an attractive target for cybercrime for two fundamental reasons: it is a rich source of valuable data and its defences are weak. Cybersecurity breaches include stealing health information and ransomware attacks on hospitals, and could include attacks on implanted medical devices. Breaches can reduce patient trust, cripple health systems and threaten human life. Ultimately, cybersecurity is critical to patient safety, yet has historically been lax. New legislation and regulations are in place to facilitate change. This requires cybersecurity to become an integral part of patient safety. Changes are required to human behaviour, technology and processes as part of a holistic solution.


Assuntos
Segurança Computacional/tendências , Assistência à Saúde/tendências , Registros Eletrônicos de Saúde , Hospitais , Humanos
9.
J Dent ; 74 Suppl 1: S15-S20, 2018 07.
Artigo em Inglês | MEDLINE | ID: mdl-29929583

RESUMO

There is great power and promise for mobile health (mHealth) technology in the realms of clinical practice and research. By offering the opportunity to reshape the interaction between clinician and patient or researcher and subject, the introduction of this technology allows clinicians and researchers access to larger quantities of more timely and reliable data. The potential developments are significant, and they are ethically relevant. With all technological developments, however, come new sets of ethical risks. In this paper, I assess the ethics of mHealth. I argue that while we have an ethical obligation to advance this work in order to further the quality and scope of care, the use of mHealth technology also presents challenges that must be addressed before and during the use of this technology. After describing the ethical landscape, I offer a pragmatic approach to meeting some of these challenges and minimizing ethical risk by switching from a privacy-centered frame to a consent-centered frame.


Assuntos
Registros Eletrônicos de Saúde/ética , Registros Eletrônicos de Saúde/tendências , Informática Médica/ética , Informática Médica/tendências , Telemedicina/ética , Telemedicina/tendências , Segurança Computacional/ética , Segurança Computacional/tendências , Termos de Consentimento/ética , Termos de Consentimento/tendências , Humanos , Informática Médica/métodos , Propriedade/ética , Pacientes , Privacidade , Pesquisadores/ética , Telemedicina/métodos
10.
Praxis (Bern 1994) ; 107(13): 712-716, 2018 Jun.
Artigo em Alemão | MEDLINE | ID: mdl-29921177

RESUMO

Challenges of Digital Medicine Abstract. Digitization is increasingly covering more and more sectors, including medicine. To ensure medical operation 365 × 24 hours, progressively more human and financial resources are necessary. The transformation of patient histories from paper into electronic patient records focused initially on documentation. Today, hospital information systems are increasingly used as a platform for the communication of all professionals involved in the patient process - in Switzerland, however, so far without providing patients direct access to their data. Digititizing processes intend to increase efficiency, but also to enhance clinical and administrative decision support and quality assurance. The introduction of the electronic patient record in Switzerland in 2020 is expected to provide cross-company, more complete documentation of patient care. Multimorbid patients, often treated in different institutions and by different specialists, should benefit from this in particular. Advances in artificial intelligence offer new opportunities in medicine. Challenges include ensuring reliable data protection, and better interoperability of the systems involved. Semantically structured, machine-readable data exchange is a necessity for both networked services and internationally competitive research.


Assuntos
Segurança Computacional , Registros Hospitalares , Sistemas Computadorizados de Registros Médicos/organização & administração , Sistemas Computadorizados de Registros Médicos/tendências , Segurança Computacional/tendências , Confidencialidade/tendências , Eficiência Organizacional/tendências , Previsões , Humanos , Suíça
11.
J Med Internet Res ; 20(5): e10059, 2018 05 28.
Artigo em Inglês | MEDLINE | ID: mdl-29807882

RESUMO

BACKGROUND: Cybersecurity incidents are a growing threat to the health care industry in general and hospitals in particular. The health care industry has lagged behind other industries in protecting its main stakeholder (ie, patients), and now hospitals must invest considerable capital and effort in protecting their systems. However, this is easier said than done because hospitals are extraordinarily technology-saturated, complex organizations with high end point complexity, internal politics, and regulatory pressures. OBJECTIVE: The purpose of this study was to develop a systematic and organizational perspective for studying (1) the dynamics of cybersecurity capability development at hospitals and (2) how these internal organizational dynamics interact to form a system of hospital cybersecurity in the United States. METHODS: We conducted interviews with hospital chief information officers, chief information security officers, and health care cybersecurity experts; analyzed the interview data; and developed a system dynamics model that unravels the mechanisms by which hospitals build cybersecurity capabilities. We then use simulation analysis to examine how changes to variables within the model affect the likelihood of cyberattacks across both individual hospitals and a system of hospitals. RESULTS: We discuss several key mechanisms that hospitals use to reduce the likelihood of cybercriminal activity. The variable that most influences the risk of cyberattack in a hospital is end point complexity, followed by internal stakeholder alignment. Although resource availability is important in fueling efforts to close cybersecurity capability gaps, low levels of resources could be compensated for by setting a high target level of cybersecurity. CONCLUSIONS: To enhance cybersecurity capabilities at hospitals, the main focus of chief information officers and chief information security officers should be on reducing end point complexity and improving internal stakeholder alignment. These strategies can solve cybersecurity problems more effectively than blindly pursuing more resources. On a macro level, the cyber vulnerability of a country's hospital infrastructure is affected by the vulnerabilities of all individual hospitals. In this large system, reducing variation in resource availability makes the whole system less vulnerable-a few hospitals with low resources for cybersecurity threaten the entire infrastructure of health care. In other words, hospitals need to move forward together to make the industry less attractive to cybercriminals. Moreover, although compliance is essential, it does not equal security. Hospitals should set their target level of cybersecurity beyond the requirements of current regulations and policies. As of today, policies mostly address data privacy, not data security. Thus, policy makers need to introduce policies that not only raise the target level of cybersecurity capabilities but also reduce the variability in resource availability across the entire health care system.


Assuntos
Segurança Computacional/tendências , Simulação por Computador/tendências , Hospitais/ética , Humanos
12.
J Healthc Eng ; 2018: 6510249, 2018.
Artigo em Inglês | MEDLINE | ID: mdl-29670743

RESUMO

Objective: This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. Method: We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. Results: 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Conclusion: Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.


Assuntos
Acesso à Informação , Segurança Computacional/tendências , Sistemas de Informação em Saúde/tendências , Informática Médica/métodos , Algoritmos , Confidencialidade , Registros Eletrônicos de Saúde , Humanos , Comunicação Interdisciplinar , Controle de Qualidade , Software
13.
PLoS One ; 13(3): e0194093, 2018.
Artigo em Inglês | MEDLINE | ID: mdl-29534085

RESUMO

According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks.


Assuntos
Identificação Biométrica/métodos , Algoritmos , Biometria/métodos , Comunicação , Segurança Computacional/tendências , Computadores , Custos e Análise de Custo , Sistemas Especialistas , Humanos , Software , Telemedicina/métodos , Tecnologia sem Fio/tendências
14.
Trends Biotechnol ; 36(8): 744-747, 2018 08.
Artigo em Inglês | MEDLINE | ID: mdl-29550160

RESUMO

Biohacking is a do-it-yourself citizen science merging body modification with technology. The motivations of biohackers include cybernetic exploration, personal data acquisition, and advocating for privacy rights and open-source medicine. The emergence of a biohacking community has influenced discussions of cultural values, medical ethics, safety, and consent in transhumanist technology.


Assuntos
Segurança Computacional/tendências , Cibernética/ética , Cibernética/tendências , Registros de Saúde Pessoal/ética , Humanos
SELEÇÃO DE REFERÊNCIAS
DETALHE DA PESQUISA