Emergency Medical Access Control System Based on Public Blockchain.

IT has made significant progress in various fields over the past few years, with many industries transitioning from paper-based to electronic media. However, sharing electronic medical records remains a long-term challenge, particularly when patients are in emergency situations, making it difficult to access and control their medical information. Previous studies have proposed permissioned blockchains with limited participants or mechanisms that allow emergency medical information sharing to pre-designated participants. However, permissioned blockchains require prior participation by medical institutions, and limiting sharing entities restricts the number of potential partners. This means that sharing medical information with local emergency doctors becomes impossible if a patient is unconscious and far away from home, such as when traveling abroad. To tackle this challenge, we propose an emergency access control system for a global electronic medical information system that can be shared using a public blockchain, allowing anyone to participate. Our proposed system assumes that the patient wears a pendant with tamper-proof and biometric authentication capabilities. In the event of unconsciousness, emergency doctors can perform biometrics on behalf of the patient, allowing the family doctor to share health records with the emergency doctor through a secure channel that uses the Diffie-Hellman (DH) key exchange protocol. The pendant's biometric authentication function prevents unauthorized use if it is stolen, and we have tested the blockchain's fee for using the public blockchain, demonstrating that the proposed system is practical.

PatCen: A blockchain-based patient-centric mechanism for the granular access control of infectious disease-related test records.

The recent global outbreaks of infectious diseases such as COVID-19, yellow fever, and Ebola have highlighted the critical need for robust health data management systems that can rapidly adapt to and mitigate public health emergencies. In contrast to traditional systems, this study introduces an innovative blockchain-based Electronic Health Record (EHR) access control mechanism that effectively safeguards patient data integrity and privacy. The proposed approach uniquely integrates granular data access control mechanism within a blockchain framework, ensuring that patient data is only accessible to explicitly authorized users and thereby enhancing patient consent and privacy. This system addresses key challenges in healthcare data management, including preventing unauthorized access and overcoming the inefficiencies inherent in traditional access mechanisms. Since the latency is a sensitive factor in healthcare data management, the simulations of the proposed model reveal substantial improvements over existing benchmarks in terms of reduced computing overhead, increased throughput, minimized latency, and strengthened overall security. By demonstrating these advantages, the study contributes significantly to the evolution of health data management, offering a scalable, secure solution that prioritizes patient autonomy and privacy in an increasingly digital healthcare landscape.

An efficient blockchain-based authentication scheme with transferability.

In the development of web applications, the rapid advancement of Internet technologies has brought unprecedented opportunities and increased the demand for user authentication schemes. Before the emergence of blockchain technology, establishing trust between two unfamiliar entities relied on a trusted third party for identity verification. However, the failure or malicious behavior of such a trusted third party could undermine such authentication schemes (e.g., single points of failure, credential leaks). A secure authorization system is another requirement of user authentication schemes, as users must authorize other entities to act on their behalf in some situations. If the transfer of authentication permissions is not adequately restricted, security risks such as unauthorized transfer of permissions to entities may occur. Some research has proposed blockchain-based decentralized user authentication solutions to address these risks and enhance availability and auditability. However, as we know, most proposed schemes that allow users to transfer authentication permissions to other entities require significant gas consumption when deployed and triggered in smart contracts. To address this issue, we proposed an authentication scheme with transferability solely based on hash functions. By combining one-time passwords with Hashcash, the scheme can limit the number of times permissions can be transferred while ensuring security. Furthermore, due to its reliance solely on hash functions, our proposed authentication scheme has an absolute advantage regarding computational complexity and gas consumption in smart contracts. Additionally, we have deployed smart contracts on the Goerli test network and demonstrated the practicality and efficiency of this authentication scheme.

Data privacy-aware machine learning approach in pancreatic cancer diagnosis.

PROBLEM: Pancreatic ductal adenocarcinoma (PDAC) is considered a highly lethal cancer due to its advanced stage diagnosis. The five-year survival rate after diagnosis is less than 10%. However, if diagnosed early, the five-year survival rate can reach up to 70%. Early diagnosis of PDAC can aid treatment and improve survival rates by taking necessary precautions. The challenge is to develop a reliable, data privacy-aware machine learning approach that can accurately diagnose pancreatic cancer with biomarkers. AIM: The study aims to diagnose a patient's pancreatic cancer while ensuring the confidentiality of patient records. In addition, the study aims to guide researchers and clinicians in developing innovative methods for diagnosing pancreatic cancer. METHODS: Machine learning, a branch of artificial intelligence, can identify patterns by analyzing large datasets. The study pre-processed a dataset containing urine biomarkers with operations such as filling in missing values, cleaning outliers, and feature selection. The data was encrypted using the Fernet encryption algorithm to ensure confidentiality. Ten separate machine learning models were applied to predict individuals with PDAC. Performance metrics such as F1 score, recall, precision, and accuracy were used in the modeling process. RESULTS: Among the 590 clinical records analyzed, 199 (33.7%) belonged to patients with pancreatic cancer, 208 (35.3%) to patients with non-cancerous pancreatic disorders (such as benign hepatobiliary disease), and 183 (31%) to healthy individuals. The LGBM algorithm showed the highest efficiency by achieving an accuracy of 98.8%. The accuracy of the other algorithms ranged from 98 to 86%. In order to understand which features are more critical and which data the model is based on, the analysis found that the features "plasma_CA19_9", REG1A, TFF1, and LYVE1 have high importance levels. The LIME analysis also analyzed which features of the model are important in the decision-making process. CONCLUSIONS: This research outlines a data privacy-aware machine learning tool for predicting PDAC. The results show that a promising approach can be presented for clinical application. Future research should expand the dataset and focus on validation by applying it to various populations.

Disclosure of HIV Status in Healthcare Settings: Practices and Considerations among Women Living with HIV/AIDS in Vietnam.

OBJECTIVE: This study investigated women living with HIV/AIDS (WLHA)'s practices and decision-making regarding disclosure of HIV status in healthcare settings in Vietnam. Introduction: Disclosure of HIV status in healthcare settings is under-studied. METHODS: We conducted in-depth interviews with 30 WLHA in Hanoi, Vietnam. Thematic analysis was conducted to investigate the patterns, considerations, and consequences of HIV disclosure. Results: Most participants chose a selective disclosure strategy based on the type of procedure and healthcare setting. They considered several factors: concerns about stigma/discrimination, risks of confidentiality breach, relevance to healthcare provision, and altruism towards protecting providers and other patients. Selective disclosure or non-disclosure often prevented participants from accessing comprehensive care. Conclusion: The study underscores the need to prepare WLHA to make informed decisions regarding disclosure and provide them with service navigations and support. It also highlights the necessity of reducing stigma and enhancing confidentiality protection to ensure safe disclosure in healthcare settings.

Telling Healthcare Providers About HIV Status: How Women with HIV/AIDS in Vietnam Decide and What They ConsiderThis study focuses on how women living with HIV/AIDS in Vietnam decide to share their HIV status with healthcare providers. We interviewed 30 women with HIV/AIDS in Vietnam and found that many choose to reveal their status only in certain situations, depending on the medical procedure and the setting. They weigh various factors before deciding to disclose, including the risk of facing stigma, the need to protect their privacy, how relevant their HIV status is to their other health issues, their wish to protect their healthcare providers and other patients, and how they have been advised by HIV specialists. Unfortunately, choosing not to disclose their status sometimes stops them from getting the full range of medical care they need. The findings stress the importance of helping these women make well-informed choices about disclosing their HIV status. We also need to provide them with additional support and navigational help through healthcare services. Moreover, reducing stigma in healthcare, enhancing providers' ability to gather necessary health information, and ensuring patient privacy are crucial to encouraging more open discussions of HIV status in medical settings.

A bidirectional reversible and multilevel location privacy protection method based on attribute encryption.

Various methods such as k-anonymity and differential privacy have been proposed to safeguard users' private information in the publication of location service data. However, these typically employ a rigid "all-or-nothing" privacy standard that fails to accommodate users' more nuanced and multi-level privacy-related needs. Data is irrecoverable once anonymized, leading to a permanent reduction in location data quality, in turn significantly diminishing data utility. In the paper, a novel, bidirectional and multi-layered location privacy protection method based on attribute encryption is proposed. This method offers layered, reversible, and fine-grained privacy safeguards. A hierarchical privacy protection scheme incorporates various layers of dummy information, using an access structure tree to encrypt identifiers for these dummies. Multi-level location privacy protection is achieved after adding varying amounts of dummy information at different hierarchical levels N. This allows for precise control over the de-anonymization process, where users may adjust the granularity of anonymized data based on their own trust levels for multi-level location privacy protection. This method includes an access policy which functions via an attribute encryption-based access control system, generating decryption keys for data identifiers according to user attributes, facilitating a reversible transformation between data anonymity and de-anonymity. The complexities associated with key generation, distribution, and management are thus markedly reduced. Experimental comparisons with existing methods demonstrate that the proposed method effectively balances service quality and location privacy, providing users with multi-level and reversible privacy protection services.

De-Identifying GRASCCO - A Pilot Study for the De-Identification of the German Medical Text Project (GeMTeX) Corpus.

INTRODUCTION: The German Medical Text Project (GeMTeX) is one of the largest infrastructure efforts targeting German-language clinical documents. We here introduce the architecture of the de-identification pipeline of GeMTeX. METHODS: This pipeline comprises the export of raw clinical documents from the local hospital information system, the import into the annotation platform INCEpTION, fully automatic pre-tagging with protected health information (PHI) items by the Averbis Health Discovery pipeline, a manual curation step of these pre-annotated data, and, finally, the automatic replacement of PHI items with type-conformant substitutes. This design was implemented in a pilot study involving six annotators and two curators each at the Data Integration Centers of the University Hospitals Leipzig and Erlangen. RESULTS: As a proof of concept, the publicly available Graz Synthetic Text Clinical Corpus (GRASSCO) was enhanced with PHI annotations in an annotation campaign for which reasonable inter-annotator agreement values of Krippendorff's α ≈ 0.97 can be reported. CONCLUSION: These curated 1.4 K PHI annotations are released as open-source data constituting the first publicly available German clinical language text corpus with PHI metadata.

Integration of Trusted Third Party Software into an EDC System for Data Protection - Compliant Identity Management, Consent Management and Pseudonymization in Medical Research Studies.

INTRODUCTION: Medical research studies which involve electronic data capture of sensitive data about human subjects need to manage medical and identifying participant data in a secure manner. To protect the identity of data subjects, an independent trusted third party should be responsible for pseudonymization and management of the identifying data. METHODS: We have developed a web-based integrated solution that combines REDCap as an electronic data capture system with the trusted third party software tools of the University Medicine Greifswald, which provides study personnel with a single user interface for both clinical data entry and management of identities, pseudonyms and informed consents. RESULTS: Integration of the two platforms enables a seamless workflow of registering new participants, entering identifying and consent information, and generating pseudonyms in the trusted third party system, with subsequent capturing of medical data in the electronic data capture system, while maintaining strict separation of medical and identifying data in the two independently managed systems. CONCLUSION: Our solution enables a time-efficient data entry workflow, provides a high level of data protection by minimizing visibility of identifying information and pseudonym lists, and avoids errors introduced by manual transfer of pseudonyms between separate systems.

Privacy Risk Assessment for Synthetic Longitudinal Health Data.

INTRODUCTION: A modern approach to ensuring privacy when sharing datasets is the use of synthetic data generation methods, which often claim to outperform classic anonymization techniques in the trade-off between data utility and privacy. Recently, it was demonstrated that various deep learning-based approaches are able to generate useful synthesized datasets, often based on domain-specific analyses. However, evaluating the privacy implications of releasing synthetic data remains a challenging problem, especially when the goal is to conform with data protection guidelines. METHODS: Therefore, the recent privacy risk quantification framework Anonymeter has been built for evaluating multiple possible vulnerabilities, which are specifically based on privacy risks that are considered by the European Data Protection Board, i.e. singling out, linkability, and attribute inference. This framework was applied to a synthetic data generation study from the epidemiological domain, where the synthesization replicates time and age trends previously found in data collected during the DONALD cohort study (1312 participants, 16 time points). The conducted privacy analyses are presented, which place a focus on the vulnerability of outliers. RESULTS: The resulting privacy scores are discussed, which vary greatly between the different types of attacks. CONCLUSION: Challenges encountered during their implementation and during the interpretation of their results are highlighted, and it is concluded that privacy risk assessment for synthetic data remains an open problem.

Simplifying Multiparty Computation: A Client-Driven Metaprotocol for Federated Secure Computing.

INTRODUCTION: Secure Multi-Party Computation (SMPC) offers a powerful tool for collaborative healthcare research while preserving patient data privacy. STATE OF THE ART: However, existing SMPC frameworks often require separate executions for each desired computation and measurement period, limiting user flexibility. CONCEPT: This research explores the potential of a client-driven metaprotocol for the Federated Secure Computing (FSC) framework and its SImple Multiparty ComputatiON (SIMON) protocol as a step towards more flexible SMPC solutions. IMPLEMENTATION: This client-driven metaprotocol empowers users to specify and execute multiple calculations across diverse measurement periods within a single client-side code execution. This eliminates the need for repeated code executions and streamlines the analysis process. The metaprotocol offers a user-friendly interface, enabling researchers with limited cryptography expertise to leverage the power of SMPC for complex healthcare analyses. LESSONS LEARNED: We evaluate the performance of the client-driven metaprotocol against a baseline iterative approach. Our evaluation demonstrates performance improvements compared to traditional iterative approaches, making this metaprotocol a valuable tool for advancing secure and efficient collaborative healthcare research.

Studying Privacy Aspects of Learned Knowledge Bases in the Context of Synthetic and Medical Data.

INTRODUCTION: Retrieving comprehensible rule-based knowledge from medical data by machine learning is a beneficial task, e.g., for automating the process of creating a decision support system. While this has recently been studied by means of exception-tolerant hierarchical knowledge bases (i.e., knowledge bases, where rule-based knowledge is represented on several levels of abstraction), privacy concerns have not been addressed extensively in this context yet. However, privacy plays an important role, especially for medical applications. METHODS: When parts of the original dataset can be restored from a learned knowledge base, there may be a practically and legally relevant risk of re-identification for individuals. In this paper, we study privacy issues of exception-tolerant hierarchical knowledge bases which are learned from data. We propose approaches for determining and eliminating privacy issues of the learned knowledge bases. RESULTS: We present results for synthetic as well as for real world datasets. CONCLUSION: The results show that our approach effectively prevents privacy breaches while only moderately decreasing the inference quality.

A location-based service scheme with attribute information privacy.

In location-based service (LBS), private information retrieval (PIR) is an efficient strategy used for preserving personal privacy. However, schemes with traditional strategy that constructed by information indexing are usually denounced by its processing time and ineffective in preserving the attribute privacy of the user. Thus, in order to cope with above two weaknesses, in this paper, based on the conception of ciphertext policy attribute-based encryption (CP-ABE), a PIR scheme based on CP-ABE is proposed for preserving the personal privacy in LBS (location privacy preservation scheme with CP-ABE based PIR, short for LPPCAP). In this scheme, query and feedback are encrypted with security two-parties calculation by the user and the LBS server, so as not to violate any personal privacy and decrease the processing time in encrypting the retrieved information. In addition, this scheme can also preserve the attribute privacy of users such as the query frequency as well as the moving manner. At last, we analyzed the availability and the privacy of the proposed scheme, and then several groups of comparison experiment are given, so that the effectiveness and the usability of proposed scheme can be verified theoretically, practically, and the quality of service is also preserved.

Challenges and recommendations in the implementation of audiovisual telemedicine communication: a systematic review.

This systematic review aims to identify the elements of doctor-patient communication in telemedicine, emerging challenges, and proposed recommendations. Four databases, including Science Direct, PubMed, Cochrane, and ProQuest, were searched using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses guidelines. The inclusion criteria consisted of original research papers, availability of free full text, and publications during the past 10 years. A total of 13 articles completed the selection process and satisfied the established criteria. The issues and recommendations of telemedicine communication were categorized into three distinct groups: pre-consultation, during-consultation, and post-consultation. Preparation encompasses the arranging of visual elements, safeguarding patient privacy and confidentiality, and addressing any technical challenges that may arise. The consultation encompasses nonverbal behavior, empathy, the doctor-patient connection, and a physical examination. Post-telemedicine consultations refer to medical appointments that occur after a telemedicine session, typically involving follow-up medical interactions. Telemedicine presents unique challenges in doctor-patient consultations that differ from face-to-face interactions. Therefore, clinicians must acquire communication skills specific to telemedicine to ensure effective consultations and achieve optimal health results.

Cybersecurity Frameworks in Healthcare Data: Short Literature Review.

The importance of cybersecurity in healthcare, with a focus on safeguarding sensitive patient information from unauthorized access, use, or disclosure, cannot be overstated Security breaches in this sector can have significant consequences due to the widespread use of electronic health records (EHRs) and interconnected medical devices, creating opportunities for exploitation. This work presents a first step to analyzing and organizing healthcare-specific cybersecurity problems and existing security frameworks. Special focus is put on the security risks associated with data integration centers while recognizing their role as hubs for innovation.

Methods and Algorithms of Ensuring Data Privacy in AI-Based Healthcare Systems and Technologies.

This project seeks to devise novel algorithms and techniques leveraged in healthcare to guarantee data privacy in AI-powered systems. To bolster its credibility, the study review presents various modern approaches and technologies used to preserve data privacy of healthcare data. The project conducted an empirical study of the current development in healthcare regarding AI privacy protection to compile a steadfast literature on the subject.

Implementing privacy preserving record linkage: Insights from Australian use cases.

OBJECTIVE: To describe the use of privacy preserving linkage methods operationally in Australia, and to present insights and key learnings from their implementation. METHODS: Privacy preserving record linkage (PPRL) utilising Bloom filters provides a unique practical mechanism that allows linkage to occur without the release of personally identifiable information (PII), while still ensuring high accuracy. RESULTS: The methodology has received wide uptake within Australia, with four state linkage units with privacy preserving capability. It has enabled access to general practice and private pathology data amongst other, both much sought after datasets previous inaccessible for linkage. CONCLUSION: The Australian experience suggests privacy preserving linkage is a practical solution for improving data access for policy, planning and population health research. It is hoped interest in this methodology internationally continues to grow.

Effective Privacy Protection Strategies for Pregnancy and Gestation Information From Electronic Medical Records: Retrospective Study in a National Health Care Data Network in China.

BACKGROUND: Pregnancy and gestation information is routinely recorded in electronic medical record (EMR) systems across China in various data sets. The combination of data on the number of pregnancies and gestations can imply occurrences of abortions and other pregnancy-related issues, which is important for clinical decision-making and personal privacy protection. However, the distribution of this information inside EMR is variable due to inconsistent IT structures across different EMR systems. A large-scale quantitative evaluation of the potential exposure of this sensitive information has not been previously performed, ensuring the protection of personal information is a priority, as emphasized in Chinese laws and regulations. OBJECTIVE: This study aims to perform the first nationwide quantitative analysis of the identification sites and exposure frequency of sensitive pregnancy and gestation information. The goal is to propose strategies for effective information extraction and privacy protection related to women's health. METHODS: This study was conducted in a national health care data network. Rule-based protocols for extracting pregnancy and gestation information were developed by a committee of experts. A total of 6 different sub-data sets of EMRs were used as schemas for data analysis and strategy proposal. The identification sites and frequencies of identification in different sub-data sets were calculated. Manual quality inspections of the extraction process were performed by 2 independent groups of reviewers on 1000 randomly selected records. Based on these statistics, strategies for effective information extraction and privacy protection were proposed. RESULTS: The data network covered hospitalized patients from 19 hospitals in 10 provinces of China, encompassing 15,245,055 patients over an 11-year period (January 1, 2010-December 12, 2020). Among women aged 14-50 years, 70% were randomly selected from each hospital, resulting in a total of 1,110,053 patients. Of these, 688,268 female patients with sensitive reproductive information were identified. The frequencies of identification were variable, with the marriage history in admission medical records being the most frequent at 63.24%. Notably, more than 50% of female patients were identified with pregnancy and gestation history in nursing records, which is not generally considered a sub-data set rich in reproductive information. During the manual curation and review process, 1000 cases were randomly selected, and the precision and recall rates of the information extraction method both exceeded 99.5%. The privacy-protection strategies were designed with clear technical directions. CONCLUSIONS: Significant amounts of critical information related to women's health are recorded in Chinese routine EMR systems and are distributed in various parts of the records with different frequencies. This requires a comprehensive protocol for extracting and protecting the information, which has been demonstrated to be technically feasible. Implementing a data-based strategy will enhance the protection of women's privacy and improve the accessibility of health care services.

Research on privacy protection in the context of healthcare data based on knowledge map.

With the rapid development of emerging information technologies such as artificial intelligence, cloud computing, and the Internet of Things, the world has entered the era of big data. In the face of growing medical big data, research on the privacy protection of personal information has attracted more and more attention, but few studies have analyzed and forecasted the research hotspots and future development trends on the privacy protection. Presently, to systematically and comprehensively summarize the relevant privacy protection literature in the context of big healthcare data, a bibliometric analysis was conducted to clarify the spatial and temporal distribution and research hotspots of privacy protection using the information visualization software CiteSpace. The literature papers related to privacy protection in the Web of Science were collected from 2012 to 2023. Through analysis of the time, author and countries distribution of relevant publications, we found that after 2013, research on the privacy protection has received increasing attention and the core institution of privacy protection research is the university, but the countries show weak cooperation. Additionally, keywords like privacy, big data, internet, challenge, care, and information have high centralities and frequency, indicating the research hotspots and research trends in the field of the privacy protection. All the findings will provide a comprehensive privacy protection research knowledge structure for scholars in the field of privacy protection research under the background of health big data, which can help them quickly grasp the research hotspots and choose future research projects.

With advancement in health technology comes great responsibility - Ethical and safety considerations for using digital health technology: A narrative review.

The accelerated adoption of digital health technologies in the last decades has raised important ethical and safety concerns. Despite the potency and usefulness of digital health technologies, addressing safety, and ethical considerations needs to take greater prominence. This review paper focuses on ethical and safety facets, including health technology-related risks, users' safety and well-being risks, security and privacy concerns, and risks to transparency and diminished accountability associated with the utilization of digital health technologies. In order to maximize the potential of health technology benefits, awareness of safety risks, and ethical concerns should be increased, and the use of appropriate strategies and measures should be considered.

Putting patients at the center of health information exchange design: An exploration of patient preferences for data sharing.

BACKGROUND: Despite the many benefits of Health Information Exchange (HIE), Studies reported patients concerns about the privacy and security of sharing their health information. To address these concerns, it is important to understand their needs, preferences, and priorities in the design and implementing HIE systems. OBJECTIVE: The aim of this study is to investigate patients' preferences for HIE consent option and examine the extent to which they are comfortable sharing the different parts of their medical records. METHOD: A self-administered survey was conducted. The survey was administrated online and the total number of respondents was 660 participants. RESULTS: The most popular option selected by participants for sharing HIE information was to share information with their permission once when they register (33.3%) followed by the option to share their information temporarily on demand during their clinical visit (23.8%). The types of information which participants were willing to share the most were general data such as age, weight, height, and gender, followed closely by data needed for medical emergency. In contrast, the information which participants were less likely to share were data related to financial status or income, followed by data related to sexual disease, and mental illnesses.