Showing 1 to 10 of 3108 records(fetched in 1.123 seconds)
TitleA Smartcard-Based User-Controlled Single Sign-On for Privacy Preservation in 5G-IoT Telemedicine Systems.
AuthorsLin, TW; Hsu, CL; Le, TV; Lu, CF; Huang, BY
JournalSensors (Basel, Switzerland)
Publication Date20 Apr 2021
Date Added to PubMed1 May 2021
AbstractHealthcare is now an important part of daily life because of rising consciousness of health management. Medical professionals can know users' health condition if they are able to access information immediately. Telemedicine systems, which provides long distance medical communication and services, is a multi-functional remote medical service that can help patients in bed in long-distance communication environments. As telemedicine systems work in public networks, privacy preservation issue of sensitive and private transmitted information is important. One of the means of proving a user's identity are user-controlled single sign-on (UCSSO) authentication scheme, which can establish a secure communication channel using authenticated session keys between the users and servers of telemedicine systems, without threats of eavesdropping, impersonation, etc., and allow patients access to multiple telemedicine services with a pair of identity and password. In this paper, we proposed a smartcard-based user-controlled single sign-on (SC-UCSSO) for telemedicine systems that not only remains above merits but achieves privacy preservation and enhances security and performance compared to previous schemes that were proved with BAN logic and automated validation of internet security protocols and applications (AVISPA).
TitleSensor-Based mHealth Authentication for Real-Time Remote Healthcare Monitoring System: A Multilayer Systematic Review.
AuthorsShuwandy, ML; Zaidan, BB; Zaidan, AA; Albahri, AS
JournalJournal of medical systems
Publication Date6 Jan 2019
Date Added to PubMed7 Jan 2019
AbstractThe new and groundbreaking real-time remote healthcare monitoring system on sensor-based mobile health (mHealth) authentication in telemedicine has considerably bounded and dispersed communication components. mHealth, an attractive part in telemedicine architecture, plays an imperative role in patient security and privacy and adapts different sensing technologies through many built-in sensors. This study aims to improve sensor-based defence and attack mechanisms to ensure patient privacy in client side when using mHealth. Thus, a multilayer taxonomy was conducted to attain the goal of this study. Within the first layer, real-time remote monitoring studies based on sensor technology for telemedicine application were reviewed and analysed to examine these technologies and provide researchers with a clear vision of security- and privacy-based sensors in the telemedicine area. An extensive search was conducted to find articles about security and privacy issues, review related applications comprehensively and establish the coherent taxonomy of these articles. ScienceDirect, IEEE Xplore and Web of Science databases were investigated for articles on mHealth in telemedicine-based sensor. A total of 3064 papers were collected from 2007 to 2017. The retrieved articles were filtered according to the security and privacy of sensor-based telemedicine applications. A total of 19 articles were selected and classified into two categories. The first category, 57.89% (n = 11/19), included survey on telemedicine articles and their applications. The second category, 42.1% (n = 8/19), included articles contributed to the three-tiered architecture of telemedicine. The collected studies improved the essential need to add another taxonomy layer and review the sensor-based smartphone authentication studies. This map matching for both taxonomies was developed for this study to investigate sensor field comprehensively and gain access to novel risks and benefits of the mHealth security in telemedicine application. The literature on sensor-based smartphones in the second layer of our taxonomy was analysed and reviewed. A total of 599 papers were collected from 2007 to 2017. In this layer, we obtained a final set of 81 articles classified into three categories. The first category of the articles [86.41% (n = 70/81)], where sensor-based smartphones were examined by utilising orientation sensors for user authentication, was used. The second category [7.40% (n = 6/81)] included attack articles, which were not intensively included in our literature analysis. The third category [8.64% (n = 7/81)] included 'other' articles. Factors were considered to understand fully the various contextual aspects of the field in published studies. The characteristics included the motivation and challenges related to sensor-based authentication of smartphones encountered by researchers and the recommendations to strengthen this critical area of research. Finally, many studies on the sensor-based smartphone in the second layer have focused on enhancing accurate authentication because sensor-based smartphones require sensors that could authentically secure mHealth.
TitleRisk management-based security evaluation model for telemedicine systems.
AuthorsKim, DW; Choi, JY; Han, KH
JournalBMC medical informatics and decision making
Publication Date10 Jun 2020
Date Added to PubMed12 Jun 2020
AbstractInfectious diseases that can cause epidemics, such as COVID-19, SARS-CoV, and MERS-CoV, constitute a major social issue, with healthcare providers fearing secondary, tertiary, and even quaternary infections. To alleviate this problem, telemedicine is increasingly being viewed as an effective means through which patients can be diagnosed and medications prescribed by doctors via untact Thus, concomitant with developments in information and communication technology (ICT), medical institutions have actively analyzed and applied ICT to medical systems to provide optimal medical services. However, with the convergence of these diverse technologies, various risks and security threats have emerged. To protect patients and improve telemedicine quality for patient safety, it is necessary to analyze these risks and security threats comprehensively and institute appropriate countermeasures. The security threats likely to be encountered in each of seven telemedicine service areas were analyzed, and related data were collected directly through on-site surveys by a medical institution. Subsequently, an attack tree, the most popular reliability and risk modeling approach for systematically characterizing the potential risks of telemedicine systems, was examined and utilized with the attack occurrence probability and attack success probability as variables to provide a comprehensive risk assessment method. In this study, the most popular modelling method, an attack tree, was applied to the telemedicine environment, and the security concerns for telemedicine systems were found to be very large. Risk management and evaluation methods suitable for the telemedicine environment were identified, and their benefits and potential limitations were assessed. This research should be beneficial to security experts who wish to investigate the impacts of cybersecurity threats on remote healthcare and researchers who wish to identify new modeling opportunities to apply security risk modeling techniques.
TitleCollaborative Ehealth Privacy and Security: An Access Control With Attribute Revocation Based on OBDD Access Structure.
AuthorsEdemacu, K; Jang, B; Kim, JW
JournalIEEE journal of biomedical and health informatics
Publication Date1 Oct 2020
Date Added to PubMed20 Feb 2020
AbstractThe digitization of health records due to technological developments has paved the way for patients to be collaboratively treated by different healthcare institutions. In collaborative ehealth systems, a patient's health data is stored remotely in the cloud for sharing with different healthcare service providers. However, the use of third parties for storage exposes the data to several privacy and security violation threats. Ciphertext policy attribute-based encryption (CP-ABE) which provides a fine-grained access control is a promising solution to privacy and security issues in the cloud environment and as a result, it has been widely studied for secure sharing of health data in cloud-based ehealth systems. Addressing the aspects of expressiveness, efficiency, user collusion resistance and attribute/user revocation in CP-ABE have been at the forefront of these studies. Thus, in this article, we proposed a novel expressive, efficient and collusion-resistant access control scheme with immediate attribute/user revocation for secure sharing of health data in collaborative ehealth systems. The proposed scheme additionally achieves forward and backward security. To realize these features, our access control is based on the ordered binary decision diagram (OBDD) access structure and it binds the user keys to the user identities. Security and performance analysis show that our proposed scheme is secure, expressive and efficient.
TitleTelemedicine, privacy, and information security in the age of COVID-19.
AuthorsJalali, MS; Landman, A; Gordon, WJ
JournalJournal of the American Medical Informatics Association : JAMIA
Publication Date1 Mar 2021
Date Added to PubMed17 Dec 2020
TitleSecurity, Privacy, and Usability in Continuous Authentication: A Survey.
AuthorsBaig, AF; Eskeland, S
JournalSensors (Basel, Switzerland)
Publication Date6 Sep 2021
Date Added to PubMed11 Sep 2021
AbstractContinuous authentication has been proposed as a possible approach for passive and seamless user authentication, using sensor data comprising biometric, behavioral, and context-oriented characteristics. Since these are personal data being transmitted and are outside the control of the user, this approach causes privacy issues. Continuous authentication has security challenges concerning poor matching rates and susceptibility of replay attacks. The security issues are mainly poor matching rates and the problems of replay attacks. In this survey, we present an overview of continuous authentication and comprehensively discusses its different modes, and issues that these modes have related to security, privacy, and usability. A comparison of privacy-preserving approaches dealing with the privacy issues is provided, and lastly recommendations for secure, privacy-preserving, and user-friendly continuous authentication.
TitleSecurity and privacy preserving approaches in the eHealth clouds with disaster recovery plan.
AuthorsSahi, A; Lai, D; Li, Y
JournalComputers in biology and medicine
Publication Date1 Nov 2016
Date Added to PubMed25 Oct 2016
AbstractCloud computing was introduced as an alternative storage and computing model in the health sector as well as other sectors to handle large amounts of data. Many healthcare companies have moved their electronic data to the cloud in order to reduce in-house storage, IT development and maintenance costs. However, storing the healthcare records in a third-party server may cause serious storage, security and privacy issues. Therefore, many approaches have been proposed to preserve security as well as privacy in cloud computing projects. Cryptographic-based approaches were presented as one of the best ways to ensure the security and privacy of healthcare data in the cloud. Nevertheless, the cryptographic-based approaches which are used to transfer health records safely remain vulnerable regarding security, privacy, or the lack of any disaster recovery strategy. In this paper, we review the related work on security and privacy preserving as well as disaster recovery in the eHealth cloud domain. Then we propose two approaches, the Security-Preserving approach and the Privacy-Preserving approach, and a disaster recovery plan. The Security-Preserving approach is a robust means of ensuring the security and integrity of Electronic Health Records, and the Privacy-Preserving approach is an efficient authentication approach which protects the privacy of Personal Health Records. Finally, we discuss how the integrated approaches and the disaster recovery plan can ensure the reliability and security of cloud projects.
AuthorsKaplan, B
JournalInternational journal of medical informatics
Publication Date1 Nov 2020
Date Added to PubMed6 Nov 2020
AbstractInformation technologies have been vital during the COVID-19 pandemic. Telehealth and telemedicine services, especially, fulfilled their promise by allowing patients to receive advice and care at a distance, making it safer for all concerned. Over the preceding years, professional societies, governments, and scholars examined ethical, legal, and social issues (ELSI) related to telemedicine and telehealth. Primary concerns evident from reviewing this literature have been quality of care, access, consent, and privacy. To identify and summarize ethical, legal, and social issues related to information technology in healthcare, as exemplified by telehealth and telemedicine. To expand on prior analyses and address gaps illuminated by the COVID-19 experience. To propose future research directions. Literature was identified through searches, forward and backward citation chaining, and the author's knowledge of scholars and works in the area. EU and professional organizations' guidelines, and nineteen scholarly papers were examined and categories created to identify ethical, legal, and social issues they addressed. A synthesis matrix was developed to categorize issues addressed by each source. A synthesis matrix was developed and issues categorized as: quality of care, consent and autonomy, access to care and technology, legal and regulatory, clinician responsibilities, patient responsibilities, changed relationships, commercialization, policy, information needs, and evaluation, with subcategories that fleshed out each category. The literature primarily addressed quality of care, access, consent, and privacy. Other identified considerations were little discussed. These and newer concerns include: usability, tailoring services to each patient, curriculum and training, implementation, commercialization, and licensing and liability. The need for interoperability, data availability, cybersecurity, and informatics infrastructure also is more apparent. These issues are applicable to other information technologies in healthcare. Clinicians and organizations need updated guidelines for ethical use of telemedicine and telehealth care, and decision- and policy-makers need evidence to inform decisions. The variety of newly implemented telemedicine services is an on-going natural experiment presenting an unparalleled opportunity to develop an evidence-based way forward. The paper recommends evaluation using an applied ethics, context-sensitive approach that explores interactions among multiple factors and considerations. It suggests evaluation questions to investigate ethical, social, and legal issues through multi-method, sociotechnical, interpretive and ethnographic, and interactionist evaluation approaches. Such evaluation can help telehealth, and other information technologies, be integrated into healthcare ethically and effectively.
TitleSelfie Telemedicine - What Are the Legal and Regulatory Issues?
AuthorsMars, M; Morris, C; Scott, RE
JournalStudies in health technology and informatics
Publication Date1 Dec 2018
Date Added to PubMed12 Oct 2018
AbstractSelfies, self-taken photographs using mobile phones or tablet computers, have become a way of life. People are now sending selfies to health professionals for medical advice or dermatology triage or postoperative wound assessment. These selfies may be unsolicited and sent to clinicians with whom the patient may or may not have a prior doctor-patient relationship or on the instruction of the attending doctor or even to social media groups. They may be sent by email, or by mobile phone and instant messaging applications, or sent to Websites, or telemedicine specific application sites. These photographs and accompanying information are legal documents, should form part of the patient's record, and should be securely transmitted and stored to maintain patient confidentiality and privacy. This paper reviews the legal, ethical and regulatory issues associated with the different forms of selfie telemedicine. A scoping literature review was undertaken using PubMed, Scopus, Science Direct, Ebsco Host and Google Scholar which were searched for Selfie and any of medicine, telemedicine, telehealth, eHealth, or mHealth. Inclusion criteria were that the paper was in English and described the use of a selfie in relation to healthcare. These were then reviewed for reference to legal, ethical issues and regulatory issues. 68 papers met the inclusion criteria. Legal and ethical issues identified were consent, confidentiality, privacy, the doctor-patient relationship, data security, responsibility, record keeping, licensure, continuity of care, quality of care, image quality, concordance, phone stewardship and patient satisfaction. The literature provides little guidance on how legal and ethical issues and shortcomings of selfie telemedicine should be addressed especially the responsibilities of the patient and physician for unsolicited requests. Nor does it provide advice on how records are to be kept, or how images and information stored and sent to and from mobile phones or computers are to be managed. The new issues that arise need to be addressed.
TitleThe eHealth Trust Model: A Patient Privacy Research Framework.
AuthorsShen, N; Strauss, J; Silver, M; Carter-Langford, A; Wiljer, D
JournalStudies in health technology and informatics
Publication Date1 Dec 2019
Date Added to PubMed12 Feb 2019
AbstractPatient privacy concerns are often cited as a barrier to health information exchange (HIE) implementations; however, the current understanding of patient perspective is limited due to a fragmented approach to patient privacy research. The limited evidence suggests that the patient privacy perspective is context-dependent and may involve benefit-risk tradeoffs. A standardized approach to the contextual factors would allow for more consistent assessment, providing a better understanding or explanation of the contextual factors influencing the patient privacy perspective and their attitudes towards HIE. This paper describes the development of the eHealth Trust Model-an evidence-based theory-grounded conceptual framework intended to guide future patient privacy research.
MNCHFPRHHIV/AIDSMalariaNoncommunicable diseaseCOVID-19Decision-makingEducation & trainingBehavior changeGovernancePrivacy & securityEquityCHWsYouth & adolescentsSystematic reviewsProtocols & research designMedical RecordsLaboratoryPharmacyHuman ResourcesmHealthSMSChatbotsAI