No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Security and Privacy Issues with Health Care Information Technology
... Indirectly, the term refers to Artificial Intelligence because the decision for reaction necessitates the use of learning algorithms, which AI possesses [10]. The use of mobile devices in conjunction with wearable medical equipment such as blood pressure monitors and glucometers, as well as IoT devices such as implanted sensors, to enable remote patient surveillance and treatment was also emphasized [11]. ...
... The technology is not stated in this study except mentioning the wireless wearable sensing system. Author in article [11] describe Traditional Patient Monitoring approach on medical facility, nothing is stated about optimizing or enhancing the turnaround time (TAT) of a patient queuing system with a patient location and monitoring system in real-time using any technology. Author in article [12] describe the present overall healthcare applications and requirements, wireless networking solutions and several key research issues. ...
... Fluctuations in the magnetic field using cellphone for movement data are not stable and accurate. In article on the paper [11] mention the solution is purely on the specialized hardware sensors and does not indicate any specific technology. In article [12] author, mention using wireless and mobile networks are ideal solution theoretically without any solution. ...
Patient Turnaround Time (PTAT) is the extent of
time where a patient is being processed from the start at a
hospital until the patient is allowed to go back home. Currently,
PTAT in general hospitals around the globe has been highly time
consuming as there are a lot of processes to be conducted and
patients being untraceable as they go wandering waiting for their
turn. Thus, in this paper, we proposed a contemporary Bluetooth
Low Energy (BLE) based IOT solution in optimizing PTAT that
will enable hospitals to: (1) determine Real-time Patient
Localization, (2) determine Patient Movement Monitoring using
meta-analysis from a systematic review. Although technological
solutions exist for each of the elements stated, not many has been
able to mold them into a single solution towards optimizing
PTAT making it a novel approach to be used. The ultimate goal
of this study is the improvement of total waiting time to be less
than 60 minutes, which will be helping to reduce the waiting time
by 33 percent and prevent patient missing the treatment.
... With the help of the key the attacker can decrypt the message and access the protected data. [5] Usually the part of the message which contains data is encrypted, the process of encrypting the packet header is used to protect the identity of the node. ...
... Some sensor network applications, such as healthcare or environmental monitoring, rely largely on the integrity issue, and hence the safeguarding of data carried through the network. [5] ...
... It allows information and services to be accessed at any moment if necessary. Multiple services may become unavailable as a result of denial of service assaults or node compromise, which could have fatal effects for some realtime applications [5]. The WSN protocols used must be strong enough to handle any outages by providing alternative, more secure routes. ...
In recent events of the pandemic situation there is a heavy surge in the demand for health care applications for monitoring the vitals of the patients through real-time monitoring of the human body. The major concerns which we face in Wireless Body Area Network [WBAN] sensors are security, data privacy, data integrity, confidentiality and dependability. Moreover it has issues such as standardization, energy efficiency, and quality of service. We are more concerned about the security of the data. The main purpose of WBAN sensors is to monitor the patients continuously without any assistance. The sensors are meant to be worn by the patients and the data has to be sent to the Healthcare applications which hold the backend system through a secured network. In this paper we are discussing the various security mechanisms and routing challenges which we are facing and the attacks which could occur over the network and also the summary of certain mechanisms which are present to overcome them. We have analysed the security for the different attack scenarios. This survey is to summarize the major difficulties which we face while designing a network in WBANs which is an emerging field of science in this pandemic situation.
... Table II. Is representing the attacks and their description with countermeasures for health care sensor networks [22,23] . TABLE II. ...
... TABLE II. ATTACK AND THEIR COUNTERMEASURES [22,23]. ...
... Therefore, they can have a serious menace to the privacy of a patient or individual patient. There are many privacy issues concerning the use of sensors in health care [22][23]. ...
For decades, the wireless medical sensor network (WMSN) has shown great prospective in refining health care quality. The vast ranges of medical applications that lead to computer-assisted treatment from all over the health monitoring are based on WMSNs technology. These applications introduce emergency medical response systems with its numerous advantages and facilities. However, these technologies have privacy and security challenges that need to be analyzed to make it preferable and socially acceptable. This survey paper depicts the current state-of-the-art wireless sensor network (WSN) technologies being used in medical applications. In this paper, we have focused on system architecture, routing, security, and privacy issues with various medical applications from various research work.
... In addition to being reservoirs of descriptive information about the facilities and services of the organisations, these websites allow patients global access to their medical information, such as clinical laboratory reports, appointment information, health and prevention reports, billing information and other components of their patient record, via the Internet. 1,2 Acceptance of the Internet as a tool by health-care providers has not only enabled a transformation from paper-based records to electronic patient records (EPRs), but has also facilitated the use of sensor networks for remote patient monitoring, which allows for easy accessibility of medical information by health-care practitioners. For example, Intel's Integrated Digital Hospital combines mobile point-of-care and other information technology concepts to integrate patient and administrative information into a comprehensive digital view of a patient's health. ...
... In addition, EPRs can be more easily backed up than paperbased records, which prevents the possible loss of data. 1 Accessing an EPR is easy because it is stored in the database, which confines it within a particular location. Patient information is exchanged across the server via the Internet or other interfaces designed for presenting the records. ...
... Electronic transmissions across the Internet and wireless networks will be used to transmit data from at-home devices and medical records. This enhances the threat to people's security and privacy (Meingast et al., 2006). Many applications of sensor networks in healthcare rely mainly on tools that could potentially expose users to security risks including eavesdropping and denial of a service (Moshaddique Al Ameen, 2010). ...
... As soon as this data is made public electronically, it becomes available for both authorized users as well as hostile attackers to access these medical records (Meingast et al., 2006). ...
The healthcare industry has been transformed using information and communication technologies (ICTs), which has improved patient outcomes, increased access to high-quality treatment, and lowered costs. And we can further anticipate future advancements in medical technology that will enhance the healthcare sector in Bahrain. The aim of this report is to examine the current situation of using health technology applications as well as the motivation of individuals to use them. The report also explores if people are willing to adopt these advancements in health technology in the future. This was examined by looking at the healthcare industry, and the various benefits and concerns that come with the usage of health tech applications. The Technology Acceptance Model (TAM) was adapted as a theoretical lens to explore this theme. A quantitative methodology was applied to collect the data from the residents in the Kingdom of Bahrain with a sample size of 273 and a total of 278 responses were collected and analyzed for this study. The findings suggest that most respondents were familiar with health technology applications as well as their importance for the advancement of the healthcare sector. In addition, the user's attitude towards health tech applications was found to be significantly influenced by security and privacy, performance expectancy, reliability, perceived ease of use and community role. iii
... Furthermore, the suggested technique protects against a variety of security assaults by employing a new technique based on discrete logarithmic issue, which provides increased security. In references [22,23], techniques for managing group session keys between sensor nodes as well as servers were presented. This approach is based on the well-known symmetric key encryption AES. ...
... 16 where Df represents the calculated likelihood that a packet will be received by a neighbour and Dr is the calculated likelihood that an acknowledgement packet will be successfully received. 23 ...
The use of wireless and Internet of Things (IoT) devices is growing rapidly. Because of this expansion, nowadays, mobile apps are integrated into low-cost, low-power platforms. Low-power, inexpensive sensor nodes are used to facilitate this integration. Given that they self-organize, these systems qualify as IoT-based wireless sensor networks. WSNs have gained tremendous popularity in recent years, but they are also subject to security breaches from multiple entities. WSNs pose various challenges, such as the possibility of numerous attacks, their innate power, and their unfeasibility for use in standard security solutions. In this paper, to overcome these issues, we propose the secure encryption random permutation pseudo algorithm (SERPPA) for achieving network security and energy consumption. SERPPA contains a major entity known as a cluster head responsible for backing up and monitoring the activities of the nodes in the network. The proposed work performance is compared with other work based on secure IoT devices. The calculation metrics taken for consideration are energy, overheads, computation cost, and time consumption. The obtained results show that the proposed SERPPA is very significant in comparison to the existing works, such as GKA (Group Key Agreement) and MPKE (Multipath Key Establishment), in terms of data transfer rate, energy consumption and throughput.
... Healthcare technology is changing, and the paper-based records of the patient are not used anymore. The records are being converted into EHRs for easy digital access through the Internet [85]. The use of wearable technologies, patient monitoring through sensor networks, and data analysis of patient records for early disease prediction are being implemented to ease and improve the lifestyle. ...
... Most people from tier II and III cities do not trust their doctors and hospital staff for their data security. Most hospitals share data with a third party without acquiring patient consent [85,86]. No law covers such actions because no uniform policy regarding such fraud is defined in the constitution. ...
According to the renowned and Oscar award-winning American actor and film director Marlon Brando, “privacy is not something that I am merely entitled to, it is an absolute prerequisite.” Privacy threats and data breaches occur daily, and countries are mitigating the consequences caused by privacy and data breaches. The Indian healthcare industry is one of the largest and rapidly developing industry. Overall, healthcare management is changing from disease-centric into patient-centric systems. Healthcare data analysis also plays a crucial role in healthcare management, and the privacy of patient records must receive equal attention. Purpose: This paper mainly presents the utility and privacy factors of the Indian healthcare data and discusses the utility aspect and privacy problems concerning Indian healthcare systems. It defines policies that reform Indian healthcare systems. The case study of the NITI Aayog report is presented to explain how reformation occurs in Indian healthcare systems. Findings: It is found that there have been numerous research studies conducted on Indian healthcare data across all dimensions; however, privacy problems in healthcare, specifically in India, are caused by prevalent complacency, culture, politics, budget limitations, large population, and existing infrastructures. This paper reviews the Indian healthcare system and the applications that drive it. Additionally, the paper also maps that how privacy issues are happening in every healthcare sector in India. Originality/Value: To understand these factors and gain insights, understanding Indian healthcare systems first is crucial. To the best of our knowledge, we found no recent papers that thoroughly reviewed the Indian healthcare system and its privacy issues. The paper is original in terms of its overview of the healthcare system and privacy issues. Social Implications: Privacy has been the most ignored part of the Indian healthcare system. With India being a country with a population of 130 billion, much healthcare data are generated every day. The chances of data breaches and other privacy violations on such sensitive data cannot be avoided as they cause severe concerns for individuals. This paper segregates the healthcare system’s advances and lists the privacy that needs to be addressed first
... Mobile health activities have sprung up as health call centres which respond to patient enquiries [8], [9]. SMS is a form of the mobile technological approach that is used to reach the patient for drug administration, consultancy services, appointment reminders, health and prevention reports, billing information and so on [10], [11]. The role of SMS in mHealth services cannot be underestimated, for instance, it is used in South Africa to remind tuberculosis patients to administer their medication. ...
Patients using the Mobile-Health Information System can send SMS requests to a Frequently Asked Questions (FAQ) web server with the expectation of receiving an appropriate feedback on issues that relate to their health. The accuracy of such feedback is paramount to the mobile search user. However, automating SMS-based information search and retrieval poses significant challenges because of the inherent noise in SMS communication. First, in this paper an architecture is proposed for the implementation of the retrieval process, and second, an algorithm is developed for the best-ranked question-answer pair retrieval. We present an algorithm that assists in the selection of the best FAQ-query after the ranking of the query-answer pair. Results are generated based on the ranking of the FAQ-query. Our algorithm gives a better result in terms of average precision and recall when compared with the naïve retrieval algorithm.
... Issues of privacy and security in healthcare are of extreme concern [10, 78,94]. Over the past few years, data breaches such as hacking, malware attacks, and phishing have affected healthcare systems around the world almost incessantly [45,77,107]. ...
In healthcare, the role of AI is continually evolving, and understanding the challenges its introduction poses on relationships between healthcare providers and patients will require a regulatory and behavioral approach that can provide a guiding base for all users involved. In this paper, we present IAC (Informing, Assessment, and Consent), a framework for evaluating patient response to the introduction of AI-enabled digital technologies in healthcare settings. We justify the need for IAC with a general introduction of the challenges with and perceived relevance of AI in human-welfare-centered fields, with an emphasis on the provision of healthcare. The framework is composed of three core principles that guide how healthcare practitioners can inform patients about the use of AI in their healthcare, how practitioners can assess patients' acceptability and comfortability with the use of AI, and how patient consent can be gained after this process. We propose that the principles composing this framework can be translated into guidelines that improve patient agency regarding the use of AI in healthcare while broadening the discourse on this topic.
... In real-world scenarios, obtaining certain data types such as documents containing personal information (e.g., identification cards, medical receipts, and prescription receipts), voice phishing-related audio data for detecting phishing attempts, and documents with substantial defense information can be challenging [17,18,19]. Consequently, researchers frequently rely on synthetic data to generate these datasets. ...
In a Data-Centric AI paradigm, the model performance is enhanced without altering the model architecture, as evidenced by real-world and benchmark dataset demonstrations. With the advancements of large language models (LLM), it has become increasingly feasible to generate high-quality synthetic data, while considering the need to construct fully synthetic datasets for real-world data containing numerous personal information. However, in-depth validation of the solely synthetic data setting has yet to be conducted, despite the increased possibility of models trained exclusively on fully synthetic data emerging in the future. Therefore, we examined the question, "Do data quality control techniques (known to positively impact Data-Centric AI) consistently aid models trained exclusively on synthetic datasets?". To explore this query, we performed detailed analyses using synthetic datasets generated for speech recognition postprocessing using the BackTranScription (BTS) approach. Our study primarily addressed the potential adverse effects of data quality control measures (e.g., noise injection and balanced data) and training strategies in the context of synthetic-only experiments. As a result of the experiment, we observed the negative effect that the Data-Centric methodology drops by a maximum of 44.03 points in the fully synthetic data setting.
... The technical safeguards necessary include the use of properly configured firewalls and intrusion detection tools, usage of secure transmission modes for remote access and exchange of data (e.g., use of virtual private networks), use of advanced encryption algorithms and methods to store and transmit patients' data, and regular check and installation of software updates. It is best to use both hardware and software based encryption to provide highest-level of security protection to patients' health information (Meingast et al., 2006). To prevent unwanted exposure of EHR data stored and accessed across medical facilities, methods such as private-information retrieval should be used (Chor et al., 1998). ...
... Considering the sensitive nature of medical data and the requirement for protecting the privacy of patients, there is a need to design a system that protects against such data breaches. It must be considered while developing a system that patient data cannot be inferred by examining the outputs of the ML/DL model [159]. Thus, it is crucial to manage and protect the personal information of the patients. ...
With the advent of machine learning (ML) and deep learning (DL) empowered applications for critical applications like healthcare, the questions about liability, trust, and interpretability of their outputs are raising. The black-box nature of various DL models is a roadblock to clinical utilization. Therefore, to gain the trust of clinicians and patients, we need to provide explanations about the decisions of models. With the promise of enhancing the trust and transparency of black-box models, researchers are in the phase of maturing the field of eXplainable ML (XML). In this paper, we provided a comprehensive review of explainable and interpretable ML techniques for various healthcare applications. Along with highlighting security, safety, and robustness challenges that hinder the trustworthiness of ML, we also discussed the ethical issues arising because of the use of ML/DL for healthcare. We also describe how explainable and trustworthy ML can resolve all these ethical problems. Finally, we elaborate on the limitations of existing approaches and highlight various open research problems that require further development.
... Earlier, most of the healthcare data sharing used to be paper-based. On being converted into electronic format, the door gets opened to hackers, and other unscrupulous persons for accessing the records [5]. Further, IoT devices are constrained by resources such as having limited power supplies, less memory space, and low bandwidth. ...
In this article, we secure the healthcare data using low complexity hybrid cellular automata (CA) algorithm while enabling remote monitoring of patients using IoT (Internet of Things) network. Since IoT devices are limited to power and memory space, the traditional encryption and decryption algorithms, called as ciphers, cannot be executed owing to the inherent implementation complexities and power requirements. The results show that the encrypted data sequence passes the randomness tests as prescribed by the National Institute of Standards and Technology (NIST) and is suitable for cryptography. Comparison with the state-of-the-art methods proves the superiority of our proposed method in terms of run-time complexity. Using the proposed hybrid CA algorithm, we achieve an average execution time of 0.3892 seconds per kilobit (kb) of data.
... The works are reported in chronological order. A brief review of security and privacy issues both in electronic healthcare records and wearable healthcare monitoring devices is explored in [52]. While these technologies provide many benefits for healthcare delivery to all the involved, such as patients, doctors, and familiars, some privacy and security issues, like data storage, data transfer, and data analysis rights, raise privacy and security concerns and are examined in this work. ...
The wide use of wearable devices rises a lot of concerns about the privacy and security of personal data that are collected and stored by such services. This concern is even higher when such data is produced by healthcare monitoring wearable devices and thus the impact of any data leakage is more significant. In this work a classification of the wearable devices used for healthcare monitoring is conducted, and the most prominent relevant privacy and security issues and concerns are presented. Furthermore, a brief review of alternative approaches that can eliminate most of such issues, including federated learning, homomorphic encryption, and tinyML, is presented. The aim of this work is to present the privacy and security concerns in healthcare monitoring wearable devices, as well as some solutions in hot topics about these issues.
... Although the information or data obtained from people living with dementia requires adequate storage for future use, the current practice (paper-based) of managing patient records in care homes is not efficient for such voluminous data. This approach has continued to present numerous drawbacks and challenges to caregivers, patients, and administrators such as data replication, data discrepancy, data insecurity, and un-updated information making it difficult to trace the histories and flow of prescription data of patients, therefore, hampering prognosis outcome [13]. ...
This research proposes an improved framework that would support the healthcare services and attention given to dementia patients. The paper shows the design and implementation of a web-based application that demonstrates the proposed framework. This study was necessitated by the observed flaws and weaknesses in the current manual technique of handling dementia cases in care homes which are plagued with loss of records, time wastage in retrieving records, data insecurity, user entry and data management errors, among others. The system design was realized using the unified modeling language (UML) on EdrawMax. The frontend implementation was done using HTML5, CSS3, and JavaScript, while the business logic was achieved using PHP, and the Database was designed with MySQL and managed through PHPMyAdmin. The system was tested by medical practitioners and dementia patients in a select care home. Other tests on browsers' compatibility and platform interoperability were successful. The result of the study advances technical knowledge in developing medical expert systems using web 2.0 technologies, and promotes academic inquiry in the domain. The demonstration of the framework shows an improvement on the existing techniques which use quasi-automated approach. The proposed model is suitable for supporting efficient management of data of dementia patients.
... Privacy refers to the handling of a patient's personal information by the issuing authority [184]. It also should address where the data should be placed and who can view a person's medical records [185]. Under a general scenario, doctors, nurses and technicians can view and manage these data. ...
The impact of IoT-ML in the healthcare sector is very significant and it has helped us to change our view at the traditional treatment methods. In IoT-ML–based healthcare applications, the sensing layer is responsible for collecting information from humans and transferring it to the storage layer through communication technology. ML is implemented to make intelligent decisions for healthcare applications. This survey shows all the fields starting from the IoT sensor devices to the deployment of ML in the healthcare sector. We have conducted a comprehensive survey of the existing literature covering IoT and ML strategies from a healthcare perspective. We also provide insights into the different types of network storage and computing strategies used for other health-based applications. We believe that the presented work is innovative as no other survey is furnished in such manner. From this survey, researchers can get an overview of IoT-ML and cloud-based healthcare applications under the single system. We have proposed a unique taxonomy from an IoT-ML–based healthcare perspective where we have highlighted key steps in developing healthcare systems. We have culminated the most striking technologies in IoT, communications, network storage and computing, and ML for healthcare systems. Another contribution of our survey is that we have collected and discussed surveys and scientific literature based on the proposed taxonomy and their sub-taxonomy throughout this paper. Besides that we have reviewed several types of popularly used sensors, development boards in healthcare with various examples. We also show the mapping of communication technology with the protocols used by IoT sensors. In the ML section, we have shown an ML pipeline centering on healthcare application and discussed every step of it. Finally, we have identified a number of research challenges including exploration of Deep Learning based models, proper data acquisition and handling of data, privacy and ethics, security issues in WBAN, etc. These research challenges will provide the researchers the necessary future research directions while developing IoT-ML-based healthcare applications.
... Table 6 shows an overview of the technical characteristics, advantages, and disadvantages of the developed system. [32], sensor networks and monitoring systems such as these can improve healthcare, both on a quality as a cost of care level. However, privacy and security concerns should be dealt with. ...
The aging population has resulted in interest in remote monitoring of elderly individuals’ health and well being. This paper describes a simple unsupervised monitoring system that can automatically detect if an elderly individual’s pattern of presence deviates substantially from the recent past. The proposed system uses a small set of low-cost motion sensors and analyzes the produced data to establish an individual’s typical presence pattern. Then, the algorithm uses a distance function to determine whether the individual’s observed presence for each day significantly deviates from their typical pattern. Empirically, the algorithm is validated on both synthetic data and data collected by installing our system in the residences of three older individuals. In the real-world setting, the system detected, respectively, five, four, and one deviating days in the three locations. The deviating days detected by the system could result from a health issue that requires attention. The information from the system can aid caregivers in assessing the subject’s health status and allows for a targeted intervention. Although the system can be refined, we show that otherwise hidden but relevant events (e.g., fall incident and irregular sleep patterns) are detected and reported to the caregiver.
... T HE proliferation of medical imaging acquisition equipment and the introduction of new modalities with high temporal and space resolution has resulted in a data explosion crisis in healthcare institutions [1], [2]. This presents a challenge for storage [3], data flow, security [4], interoperability [5] and document sharing. Health records are increasingly electronic but are often still trapped in silos. ...
Electronic Health Records (EHR) have a distributed nature and can be managed by distinct affinity domains. Sharing patient health information across distinct organisations helps to deliver a well-informed diagnosis, improving the quality of healthcare service. The federation of those information systems can take the form of a distributed database where data are partitioned and possibly replicated across distinct computational systems. However, the benefits of having a distributed system, such as consistency, availability, and data protection, are mostly absent. This article proposes a distributed database consensus protocol designed to improve the performance of EHR insertion operations, a particularly critical issue in medical imaging cases due to the data volume. It explores the personal and non-transferable nature of EHR and the proposed methodology reduces the data contention through data isolation, improving the overall retrieval performance and detection of misbehaving parties. Furthermore, the proposal follows the recent European General Data Protection Regulation (GDPR), which states that appropriate mechanisms should be used in order to protect data against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
... Literature also defines resilience based on failure probabilities aiming to reduce the impact of disruptive situations by minimising the probability of failures in the first instance, and then reducing the consequences of disruptive events, thus improving system recovery time [10]. In data sharing systems design for healthcare, the approaches applied to ensure system resilience may contribute to the difference between life and death for patients, especially when professionals could have access to crucial health information provided by the system and the data is unavailable, missing or incorrect [13,17]. ...
Healthcare data sharing platforms have been gaining prominence over the last decade, especially with the emergence of technologies dedicated to increase system security and users’ privacy. Moreover, these platforms are becoming less centralised as time progresses, with need for more data from a variety of locations and settings to be transferred between authorised parties. These requirements also include legal and ethical concerns when creating such solution. Through data sharing, organisations can gain access to previously unknown information or higher quality data, share research findings, and make decisions based on larger (and hopefully more representative) datasets. Such platform should be resilient to attack or loss of data and be able to recover quickly and efficiently from unexpected events. This paper focuses on the blend of emerging technologies (data lake and blockchain) in a design to provide secure and resilient data sharing to only those patients and healthcare professionals authorised to access it across multiple European countries.
... Si dans le domaine des applications de surveillance médicale, les dispositifs ubiquitaires comme des pompes à perfusion injectant des médicaments, des caméras de surveillance, des babyphones apportent de plus en plus d'information sur la vie quotidienne des utilisateurs, il convient que ces informations privées le restent. C'est pourquoi de tels dispositifs doivent être sécurisés afin d'empêcher les accès locaux et à distance non autorisés pour protéger les données produites [38]. ...
L’Internet des Objets (IdO ou IoT en anglais) est un paradigme présent dans la vie quotidienne de chaque être humain. En effet, l’IdO comprend aujourd’hui une très grande diversité d’objets intégrants des capteurs, des actionneurs et également des modules de communication leur permettant de s’intégrer à Internet. Ces dispositifs observent et agissent sur l’état du monde réel constituant ainsi une passerelle entre la vie réelle et le monde numérique. L’IdO fournit de nombreux services avancés comme la surveillance automatique en temps réel d’environnements industriels, médicaux, agricoles, et autres qui peuvent être couverts et gérés automatiquement. L’Assistance à l’Autonomie des personnes à Domicile (AAD ou AAL) est l’un des nombreux domaines bénéficiant des avancées permises par l’IdO. L’AAD vise à aider les personnes âgées, malades ou dépendantes dans leurs routines quotidiennes en fournissant de nouveaux services d’assistance dans les maisons intelligentes (« smart home ») afin de surveiller en continue leurs constantes physiologiques à moindre coût pour détecter de possibles dégradations de leur état de santé. Cependant, malgré tous les avantages qu’apporte l’IdO dans la vie quotidienne de ces personnes dépendantes, les problématiques de sécurité freinent considérablement le déploiement de ces technologies. En effet, pour permettre une plus large adoption des solutions d’AAD s’appuyant sur l’IdO, la sécurité des objets et des réseaux utilisés doit être renforcée. Ainsi, de nouveaux mécanismes légers et robustes doivent être développés pour contrer les menaces et les attaques auxquelles les infrastructures de l’IdO sont exposées. Une première ligne de défense est d’utiliser des mécanismes d’authentification adaptés aux capacités et aux contraintes des objets et des technologies de communication afin d’assurer les services d’authentification des objets et de mettre en œuvre des canaux sécurisés permettant la protection des données. Dans cette thèse, notre objectif est de proposer des solutions de sécurité pour l’IdO dans le cadre médical. Pour cela, nous dressons tout d’abord un état de l’art de l’IdO. Puis, nous présentons les défis de sécurité auxquels l’IdO est confronté. Nous considérons alors les protocoles d’authentification destinés à garantir la sécurité et le respect de la vie privée des utilisateurs des objets connectés. Ainsi, notre première contribution consiste en la proposition de trois nouveaux protocoles d’authentification mutuelle pour les objets connectés avec deux modes de communication différents M2M et M2C, dans le cadre de l’assistance à l’autonomie des personnes à domicile. En plus de l’analyse informelle une validation formelle de sécurité de nos propositions a été menée en utilisant les outils AVISPA et ProVerif. Notre deuxième contribution consiste en un nouveau protocole d’identification et d’authentification pour l’AAD, adapté à la technologie RFID. Ce protocole vise à assurer l’authentification entre un lecteur et des étiquettes RFID pour garantir la sécurité et le respect de la vie privée des personnes dépendantes.
... Pervasive healthcare systems face many challenges. They are partially addressed [Al Ameen et al. 2012] [Meingast et al. 2006] ] [Alemdar and Ersoy 2010], but still a lot of them remain to be addressed. We elaborate them in the remaining sub-sections. ...
Pervasive healthcare is an emerging technology that aims to provide round-the-clock monitoring of several vital signs of patients using various health sensors, specialized communication protocols, and intelligent context-aware applications. Pervasive healthcare applications proactively contact the caregiver provided any abnormality arises in the health condition of a monitored patient. It has been a boon to the patients suffering from different diseases and requiring continuous monitoring and care, such as, disabled individuals, elderly and weak persons living alone, children of different ages, and adults who are susceptible to near-fatal falls or sudden increases in blood pressure, heart rates, stress level, etc. Existing surveys on pervasive healthcare cover generic techniques or a particular application, like fall detection. In this paper, we carry out a comprehensive coverage of several common disorders addressed by pervasive healthcare in recent years. We roughly classify different diseases by age groups of patients and then discuss various hardware and software tools and techniques to detect or treat them. We have also included a detailed tabular classification of a large selection of significant research articles in pervasive healthcare.
... Meingast et al. and Singelee et al. [17,18] proposed schemes that handled group session keys among sensor nodes and their server. e base of the proposed work is well-known symmetric key encryption AES. ...
Wireless Sensor Network (WSN) is a particular network built from small sensor nodes. These sensor nodes have unique features. That is, it can sense and process data in WSN. WSN has tremendous applications in many fields. Despite the significance of WSN, this kind of network faced several issues. The biggest problems rising in WSN are energy consumption and security. Robust security development is needed to cope with WSN applications. For security purposes in WSN, cryptography techniques are very favorable. However, WSN has resource limitations, which is the main problem in applying any security scheme. Hence, if we are using the cryptography scheme in WSN, we must first guarantee that it must be energy-efficient. Thus, we proposed a secure hybrid session key management scheme for WSN. In this scheme, the major steps of public key cryptography are minimized, and much of the operations are based on symmetric key cryptography. This strategy extensively reduces the energy consumption of WSN and ensures optimum security. The proposed scheme is implemented, and their analysis is performed using different parameters with benchmark schemes. We concluded that the proposed scheme is energy-efficient and outperforms the available benchmark schemes. Furthermore, it provides an effective platform for secure key agreements and management in the WSN environment.
... When medical records change from paper to electronic medical records to bring convenience to doctors and patients, it also poses security and privacy challenges. Meingast et al. [6] summarized the security and privacy issues in healthcare information technology and pointed out that in order to address the security and privacy challenges of healthcare information system and the cross-institutional transmission and sharing of electronic medical records, the following questions need to be considered and answered first: ...
Healthcare blockchains provide an innovative way to store healthcare information, execute healthcare transactions, and build trust for healthcare data sharing and data integration in a decentralized open healthcare network environment. Although the healthcare blockchain technology has attracted broad interests and attention in industry, government and academia, the security and privacy concerns remain the focus of debate when deploying blockchains for information sharing in the healthcare sector from business operation to research collaboration. This paper focuses on the security and privacy requirements for medical data sharing using blockchain, and provides a comprehensive analysis of the security and privacy risks and requirements, accompanied by technical solution techniques and strategies. First, we discuss the security and privacy requirements and attributes required for electronic medical data sharing by deploying the healthcare blockchain. Second, we categorize existing efforts into three reference blockchain usage scenarios for electronic medical data sharing, and discuss the technologies for implementing these security and privacy properties in the three categories of usage scenarios for healthcare blockchain, such as anonymous signatures, attribute-based encryption, zero-knowledge proofs, verification techniques for smart contract security. Finally, we discuss other potential blockchain application scenarios in healthcare sector. We conjecture that this survey will help healthcare professionals, decision makers, and healthcare service developers to gain technical and intuitive insights into the security and privacy of healthcare blockchains in terms of concepts, risks, requirements, development and deployment technologies and systems.
... Considering the sensitive nature of medical data and the requirement for protecting the privacy of patients, there is a need to design a system that protects against such data breaches. It must be considered while developing a system that patient data cannot be inferred by examining the outputs of the ML/DL model [159]. Thus, it is crucial to manage and protect the personal information of the patients. ...
With the advent of machine learning (ML) applications in daily life, the questions about liability, trust, and interpretability of their outputs are raising, especially for healthcare applications. The black-box nature of ML models is a roadblock for clinical utilization. Therefore, to gain the trust of clinicians and patients, researchers need to provide explanations of how and why the model is making a specific decision. With the promise of enhancing the trust and transparency of black-box models, researchers are in the phase of maturing the field of eXplainable ML (XML). In this paper, we provide a comprehensive review of explainable and interpretable ML techniques implemented for providing the reasons behind their decisions for various healthcare applications. Along with highlighting various security, safety, and robustness challenges that hinder the trustworthiness of ML we also discussed the ethical issues of healthcare ML and describe how explainable and trustworthy ML can resolve these ethical problems. Finally, we elaborate on the limitations of existing approaches and highlight various open research problems that require further development.
Background
The advancement of digital health technologies (DHTs) in the healthcare industry has revolutionized healthcare by improving efficiency and accessibility. The shift from paper-based records to electronic health records (EHRs) as a result of modern technologies introduced various security threats, endangering patient data privacy and system reliability. This study explores intricate security threats among healthcare professionals affecting DHT utilization.
Methodology
A structured questionnaire was designed to solicit for data from healthcare professionals on the existence of possible security threats, magnitude of physical and technical threats, and the extent to which the activities of staff and vendors affect the current DHTs being utilized in Cape Coast Teaching Hospital and Directorate of University Health Services at the University of Cape Coast. Purposive and convenience sampling techniques were employed to select healthcare professionals from various medical fields, and their views were captured for the study.
Results
Findings and data analyzed from the study revealed that technical threats, such as hacking, phishing, malware, and encryption weaknesses, pose more substantial dangers to DHTs compared to physical threats. The study explored viable strategies to prevent unauthorized access to DHTs and safeguard patient information. Encouraging measures, such as encryption, multi-factor authentication, regular security training, and periodic password changes, emerged as promising methods in addressing DHT security threats.
Conclusion
The study emphasizes the necessity of robust security measures and regular updates to effectively counter the emerging security threats. It underscores the critical necessity for a comprehensive protocol to enhance DHT security, addressing physical, technical, and personnel-related threats.
Çalışmada kişisel sağlık verilerinin paylaşımında gizlilik hesabı teorisine ilişkin literatür taraması yapılması amaçlanmıştır. Bu doğrultuda çalışma kapsamında kişisel sağlık verisi, algılanan risk, algılanan fayda kavramlarıtanımlanmış vegizlilik hesabı teorisi açıklanıp kişisel sağlık verisi paylaşımındaki rolü ele alınmıştır. Kişisel sağlık verileri bireyin hastaneye girişi ile çıkışına kadar paylaştığı ve yapılan tahlil, tetkik sonuçlarını da kapsayan bilgiler bütünüdür. Bu veriler gerek ulusal gerekse uluslararası yönetmeliklerde özel nitelikli kişisel veriler veya hassas veriler olarak ele alınmaktadır. Özel nitelikli kişisel veriler gizlilik açısından ayrıca korunmayı gerektiren verilerdir. İlerleyen teknolojiler doğrultusunda kişisel sağlık verileri elektronik ortamlarda işlenmekte, iletilmekte, depolanmakta ve korunmaktadır. Siber saldırıların ve kötü niyetli yazılım şirketlerinin mevcudiyeti bu veriler üzerinde algılanan riskleri artırırken faydaları azaltmaktadır. Bireyler belirsizlik ve tehlike barındıran durumlarda daha yüksek risk algılamaktadır. Risklerin ve faydaların mevcut olduğu durumlarda "homo economicus" varsayımı üzerinde durulmaktadır. Bu varsayıma göre bireyler risk ve fayda arasındaki dengede faydayı maksimize eden tercihlere yönelmektedir. Kişisel sağlık verileri paylaşımında ise algılanan fayda ve algılanan riskler gizlilik hesabı teorisi kapsamında ele alınmaktadır. Bu teoride homo economicus varsayımının aksine bireyler veri paylaşımında riskleri minimize edecek tercihlerde bulunmaktadır. Gizlilik hesabı teorisi, kişisel sağlık verisi paylaşımında algılanan faydaları algılanan risklere aracılık eden bir faktör olarak ele almaktadır. Sonuç olarak bu teoriye göre kişisel sağlık verisi paylaşımında algılanan risk, algılanan faydadan daha önemli hale gelmektedir.
Data-driven health care is truly valuable and promising. As long as relevant data are gathered, probed, used, and managed in a good fashion, significant improvements in the dependability of healthcare practices are achievable. Nevertheless, unless privacy facets of relevant sensitive data are addressed, there are notable concerns regarding data-driven healthcare policies and applications. In general, technical and engineering facets of such interventions are concentered on to a greater extent, but privacy facets are not adequately addressed. This chapter highlights and discusses privacy issues in data-driven health care. A comprehensive review and distillation of pertinent literature and works yielded relevant results and interpretations. Purposefully, generic privacy issues are elaborated in the beginning. Additionally, areas for improvement regarding privacy issues in data-driven health care are underlined and discussed. People, policy, and technology aspects are also explained and deliberated. Moreover, how privacy is related to people and policy to ensure the success in data-driven healthcare practices is discussed in this chapter. Besides, people’s perceptions about privacy are distilled and reported. The focal impact of this chapter is to deliver a contemporary interpretation and discussion regarding privacy issues in data-driven health care. Product developers and managers, policy-makers, and pertinent researchers might benefit from this chapter in order to improve related knowledge and implementations.KeywordsPrivacyPolicyPeopleTechnologyHealth careBig dataBlockchain
Background
The maintenance of health through prevention, diagnosis, and treatment of illnesses, injuries, and other mental and physical impairments in people is called healthcare that is performed by professionals in health fields. All activities performed in providing primary, secondary, and tertiary care, as well as in public health, are components of healthcare systems that are required to analyze massive amounts of patients’data to gain insights and aid in disease prediction. The healthcare recommender system (HRS) is a growing and robust platform for healthcare services.
Objective
The purpose of this paper is to identify, taxonomically classify, and compare current HRS researches in a systematic way.
Method
This study presents a systematic literature review (SLR) method for HRSs regarding 41 papers published between 2010 and 2021; the selected articles fall into five classes: collaborative-based, content-based, knowledge-based, context-based, and hybrid.
Results
Seventeen essential factors are identified to examine the selected HRSs, and each of the papers were studied to find advantages, disadvantages, evaluation types, and tools. In addition, we address a discussion of challenges, future directions, and open issues.
Conclusion
This paper demonstrates that HRSs are still in their early stages of maturity, but they are developing. It identifies the need for a scalable, confidential, and reliable framework to aid in the improvement of both patients’ and health professionals’ trust in HRSs. This research reveals a lack of standardization of medical codes across various healthcare systems. In addition, this review identifies the need for novel patterns to address cold start problems.
The rising urbanization of the world's population as a result in a slew of socioeconomic, societal, as well as climate change, which all have a substantial impact on people's lifestyle including living standards. The vision of a "smart city" opens up possibilities for resolving fundamental urban issues. Smart cities aim to make more effective usage government resources, bring outstanding services for the people, and promote wellbeing of individuals. In the deployment of smart cities, technological tools plays a critical role. The benefits of blockchain as a technological advancement include trustlessness, accountability, anonymization, democratic, automated, decentralized, as well as security. These blockchain properties aid in the improvement of smart appliances and the creation of IoT technology. We will give a comprehensive review of important literature on distributed ledger technologies in various applications in this article. We begin with discussing the fundamental principles of blockchain technology, then move on to how blockchain technologies have been applied to diverse domains such as IoT, agriculture, banking, and other industries. Finally, we looked at numerous security challenges in the health-care industry and conducted a thorough security analysis of blockchain technology.
Healthcare block chains provide an innovative way to store healthcare information, execute healthcare transactions, and build trust for sharing health data in a decentralized open health network environment. Although the healthcare block chain technology has attracted broad interests and attention in industry, government and academia, the security and privacy concerns remain the focus of debate when deploying block chains for information sharing in the healthcare sector from business operation to research collaboration. This paper focuses on the security and privacy requirements for medical data sharing using block chain, and provides a comprehensive overview of security and privacy risks and requirements, along with technical solutions techniques. First, we discuss the security and privacy requirements and attributes required for electronic medical data sharing by deploying the healthcare block chain. Second, we categorize existing efforts into three benchmark block chain use cases for electronic medical information sharing and discuss the technologies to execute these security and privacy properties in the three categories of use cases for healthcare block chain, such as anonymous signatures, attribute-based encryption, zero-knowledge proofs, and verification techniques for smart contract Finally, we discuss other potential block chain application scenarios in healthcare We conjecture that this survey will help healthcare professionals, decision makers, and healthcare service developers to gain technical and intuitive insights into the security and privacy of healthcare block chains in terms of concepts, risks, requirements, development and deployment technologies and systems. Key Words: Asymmetric-key algorithm and hash function, SHA-256 algorithm.
The paper presents simulation of piezoelectric energy harvester using COMSOL Multi-physics.
The simulated vibration energy harvester has bimorph cantilever structure with end mass. The performance of
the proposed energy harvester model is evaluated for six different piezoelectric materials as PZT-5A, PZT-5H,
PZT-4, PZT-2, PZT-5J, and PZT-7A with structural steel base. Resonant frequency and output voltage
produced are considered to compare the performance of different piezoelectric materials used in proposed
model. In addition, various design parameters of proposed model are also varied for in-depth analysis of
proposed model.
he paper presents simulation of piezoelectric energy harvester using COMSOL Multi-physics.
The simulated vibration energy harvester has bimorph cantilever structure with end mass. The performance of
the proposed energy harvester model is evaluated for six different piezoelectric materials as PZT-5A, PZT-5H,
PZT-4, PZT-2, PZT-5J, and PZT-7A with structural steel base. Resonant frequency and output voltage
produced are considered to compare the performance of different piezoelectric materials used in proposed
model. In addition, various design parameters of proposed model are also varied for in-depth analysis of
proposed model
As a result of modern progress, the usage of wireless sensor networks (WSNs) in the medical field has gotten considerable interest. WSNs are implemented to gather and transmit patient physiological data in healthcare management systems. Therefore, authentication and patient data privacy are two major challenges in the healthcare system. Thus, some cryptographic mechanisms are applied to secure the transmission of physiological data collected by the wearable sensors using bilinear pairing. However, the bilinear pairing is considered high computational. This paper provides a practical and efficient certificateless signcryption scheme with free pairing to secure communication between the sensors and the remote control system. Also, signcryption is employed to meet the main security requirements such as confidentiality, non-repudiation, integrity, and authentication. Besides, under the Computational Diffie-hellman assumption and the Discrete logarithm problem in the random oracle model, this protocol is shown to meet unforgeability and confidentiality. Finally, as shown in the security analysis, our protocol is secure and practical.
Assistive robotic systems could be a suitable solution to support a variety of health and care services, help independent living, and even simulate affection, to reduce loneliness. However, adoption is limited by several issues, as well as user concerns about ethics, data security, and privacy. Other than the common threats related to internet connectivity, personal robotic systems have advanced interaction possibilities, such as audio, video, touch, and gestures, which could be exploited to gain access to private data that are stored in the robot. Therefore, novel, safer methods of interaction should be designed to safeguard users’ privacy. To solicit further research on secure and private multimodal interaction, this article presents a thorough study of the state-of-the-art literature on data security and user privacy in interactive social robotic systems for health and care. In our study, we focus on social robotics to assist older people, which is a global challenge that is receiving a great deal of attention from the robotics and social care communities. This application will have a significant positive impact on the economy and society, but poses various security and privacy issues. This article analyses the key vulnerable areas where data leakage could occur during a multimodal interaction with a personal assistive robotic system. Thus, blockchain with a resource-aware framework, along with a continuous multifactor authentication mechanism, are envisaged as a potential solution for making such systems secure by design; therefore, increasing trust, acceptability, and adoption. Among the key cybersecurity research challenges, it is crucial to create an intelligent mechanism that autonomously determines the right trade-off between continuous user prompts and system usability, according to data types and personal preferences.
Change is the new convention and standard for the world's health sector. Change in the collection, storage, and transfer of healthcare data through digitization is experiencing a fundamental as well as dramatic move in the executing, business and clinical archetype in the world's economy for the predictable future. This change is propelled by lifestyle changes and mellowing populations, the development of software applications, smart devices and gadgets, progressive treatments, and increased emphasis on care value and quality. All these will offer remarkable opportunities for improving and helping clinical objective decision, hence improving healthcare facilities and delivery, monitoring adverse events, and leading to a rise in the standards of treatment for diseases. In this chapter, we will read about developments in medical systems, requirements in medical data systems, and security and privacy concerns.
In this concluding chapter of the book, we present some issues related to the ethics of eHealth applications as well as privacy, data protection, data anonymization, encryption, etc., in AI medicine at large. Regulatory issues and policies, such as the EU General Data Protection Regulation (GDPR), among others, and healthcare standards are briefly discussed in terms of their impact on research and development of eHealth applications requiring specialized access control and authentication, patient data protection, clinical data, pharmaco-vigilance, etc. Also, emerging research trends and challenges in eHealth applications based on IoT technologies, Cloud digital ecosystem and data streams are discussed, including noninvasive and personalized solutions, detection vs. prediction solutions, Predictive, Personalized, Preventive and Participatory (4P) Medicine.
As the globally increasing population drives rapid urbanization in various parts of the world, there is a great need to deliberate on the future of the cities worth living. In particular, as modern smart cities embrace more and more data-driven artificial intelligence services, it is worth remembering that (1) technology can facilitate prosperity, wellbeing, urban livability, or social justice, but only when it has the right analog complements (such as well-thought out policies, mature institutions, responsible governance); and (2) the ultimate objective of these smart cities is to facilitate and enhance human welfare and social flourishing. Researchers have shown that various technological business models and features can in fact contribute to social problems such as extremism, polarization, misinformation, and Internet addiction. In the light of these observations, addressing the philosophical and ethical questions involved in ensuring the security, safety, and interpretability of such AI algorithms that will form the technological bedrock of future cities assumes paramount importance. Globally there are calls for technology to be made more humane and human-centered. In this paper, we analyze and explore key challenges including security, robustness, interpretability, and ethical (data and algorithmic) challenges to a successful deployment of AI in human-centric applications, with a particular emphasis on the convergence of these concepts/challenges. We provide a detailed review of existing literature on these key challenges and analyze how one of these challenges may lead to others or help in solving other challenges. The paper also advises on the current limitations, pitfalls, and future directions of research in these domains, and how it can fill the current gaps and lead to better solutions. We believe such rigorous analysis will provide a baseline for future research in the domain.
The main goal of HIPAA (Health Insurance Portability and Accountability Act) is to protect health information of individuals against access without consent or authorization. Security and privacy are the main issues in HIPAA. A compliant key management solution is used to reduce harm and risk while providing cryptographic mechanisms. Using ECC (Elliptic Curve Cryptography) we ensure more security for access of patient’s health records. This provides same level of security for access of patient’s health records. Patient’s health Information is stored in RFID cards. Finally, the proposed method ensures higher level of security than other existing cryptographic techniques. ECC provides more security even with small key sizes. Proposed scheme describes the various counter measures for improving security and a key recovery mechanism for the protection of keys.
The overall aim of this handbook is to provide a practical guide on the understanding of eHealth technology. Over the years, we have seen a steady growth in the number and type of eHealth technology, being adopted in different healthcare settings. Proponents of these systems claim eHealth can improve the quality of care provided, leading to better provider performance and health outcomes. Yet the evidence for such claims is mixed thus far, with some studies demonstrating benefits, others showing little to no impact, and some settings being even worse off than before. Understandably, there are now increasing pressures on government agencies and health organizations to demonstrate tangible return on value for the significant eHealth investments made. Despite the growing importance and need to evaluate eHealth technology, there are relatively few formal courses available from post- secondary educational institutions on how health information management, health information technology, supports eHealth technology studies. Most educational institutions that offer degree programs related to health information management research, administration and services would typically include eHealth technology as part of their health research methods or program evaluation courses. Of those that offer health informatics degree programs, only some have eHealth technology as a full self-contained course. For institutions that offer eHealth technology as either a course or a topic within a course, the choice of textbooks and reference materials can vary greatly depending on what is available and the preference of the instructors.
The main goal of HIPAA (Health Insurance Portability and Accountability Act) is to protect health information of individuals against access without consent or authorization. Security and privacy are the main issues in HIPAA. A compliant key management solution is used to reduce harm and risk while providing cryptographic mechanisms. Using ECC (Elliptic Curve Cryptography) we ensure more security for access of patient's health records. This provides same level of security for access of patient's health records. Patient's health Information is stored in RFID cards. Finally, the proposed method ensures higher level of security than other existing cryptographic techniques. ECC provides more security even with small key sizes. Proposed scheme describes the various counter measures for improving security and a key recovery mechanism for the protection of keys.
In today’s world, because of technological advancement, it is extremely important to safeguard the data from the dark web and the cybercriminals. The healthcare data that is collected and analyzed online is in jeopardy. The task of the data handler is to ensure that the patient’s information given to any healthcare organization is kept confidential so that their data is kept safe and secure. The information security and privacy are involved in the different phases like collection, usage, storage and transmission of the data especially with respect to Personal Health Information. With the advent of new technologies and because most of the devices are connected over the Internet and the data stored in cloud-based platforms, data could be compromised by the cybercriminals. It is about how well the data is protected and the confidentiality of the data is maintained. In this chapter, the challenges, threats, and concerns with respect to healthcare data and the solutions to the problems are looked at. Here we try and understand how these issues are handled by the various technology industries by looking at the several case studies in this area of healthcare and how the integrity of the data is maintained.
The increase in health-related communication due to Social Media (SM) has significantly contributed to the rapid progress of the healthcare industry. SM allows for 2-way communication among the patients, health experts, and third parties. It has become a major platform in which the public searches for information related to health care. Hence, the SM has developed as the largest source of discussions related to health care worldwide. Rich healthcare content is generated daily by the large network of healthcare stakeholders such as patients, doctors, pharmaceutical companies, organizations, government agencies on these Social Media platforms (SMP). Valuable knowledge can be extracted from this huge healthcare data if proper techniques are adopted. If this healthcare data related to SM is mined effectively, then the majority of the patient needs may be satisfied. In view of these aspects, this chapter describes how Social Media Analytics (SMA) is being applied in the domain of health care. The chapter focuses on the different SMA approaches used in health care, followed by certain recent case studies of SMA in health care. The research areas that can be explored for SMA in healthcare are also discussed along with certain drawbacks.
ResearchGate has not been able to resolve any references for this publication.