Authentication of professionals in the RTS e-Health system

This paper describes the design and implementation of a PKI-based e-Health authentication architecture. This architecture was developed to authenticate e-Health Professionals accessing RTS (Rede Telemática da Saúde), a regional platform for sharing clinical data among a set of affiliated health institutions. The architecture had to accommodate specific RTS requirements, namely the security of Professionals' credentials, the mobility of Professionals, and the scalability to accommodate new health institutions. The adopted solution uses short lived certificates and cross-certification agreements between RTS and e-Health institutions for authenticating Professionals accessing the RTS. These certificates carry as well the Professional's role at their home institution for role-based authorization. Trust agreements between health institutions and RTS are necessary in order to make the certificates recognized by the RTS. As a proof of concept, a prototype was implemented with Windows technology. The presented authentication architecture is intended to be applied to other medical telematic systems

Autenticação em sistemas telemáticos biomédicos

Mestrado em Engenharia Electrónica e TelecomunicaçõesNeste documento apresenta-se uma arquitectura para identificar e autenticar profissionais de saúde num sistema telemático de informação médica (Rede Telemática da Saúde - RTS). A arquitectura proposta é independente dos mecanismos de identificação e autenticação dos profissionais nos restantes sistemas das suas instituições de origem e potencia a mobilidade dos profissionais de saúde inter e intra instituições. Baseia-se numa Infra-Estrutura de Chave Pública (PKI) simplificada, em certificados de chave publica de curta duração, na utilização de smart cards para o armazenamento das credenciais dos profissionais e em certificação cruzada para o estabelecimento de relações de confiança entre as IS e a RTS. É, também, flexível e escalável, sendo capaz de suportar futuras adesões à RTS de forma simples e sem degradação de serviço. ABSTRACT: This document presents an architecture to identify and authenticate health professionals accessing a Telematic Health Information System (RTS – Rede Telemática da Saúde). The proposed architecture, is independent of other identification and authentication systems in health professionals home organizations, and promotes health professionals mobility inter and intra health organizations. It is based in a simplified Public Key Infrastructure, with short-lived public key certificates, the use of personal smart cards to store health professional credentials and in the cross-certification to establish trust relations between RTS and health organizations. The architecture is also flexible and scalable, supporting the future RTS adherence of more health organizations, smoothly and without quality of service degradation

RTS-sec: privacidade e segurança em redes telemáticas para a saúde

Mestrado em Engenharia de Computadores e TelemáticaEste trabalho apresenta o estudo de uma solução que permite a autenticação de profissionais na Rede Telemática da Saúde (RTS) com o Cartão de Cidadão. São definidas ligeiras alterações numa arquitectura anteriormente definida de forma a adaptar o mecanismo de autenticação ao uso do Cartão de Cidadão. Uma Infra-Estrutura de Chave Pública (PKI) serve de base para a solução apresentada. É descrito como se gera um certificado de chave pública que aproveita o par de chaves de autenticação existente no Cartão de Cidadão. ABSTRACT: This work presents a study of a solution which allows the authentication of health professionals to access a Telematic Health Information System (RTS – Rede Telemática de Saúde) using the Citizen’s Card (Cartão de Cidadão). Some changes in a previous defined architecture are defined, in a way to adapt the authentication mechanism so it can use the Citizen’s Card. A Public Key Infrastructure provides the basis for the presented solution. It’s described how to generate a public key certificate that can reuse the authentication key pair existing in the Citizen’s Card

PKI security in large-scale healthcare networks

During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a large-scale Internet-based healthcare network connecting a wide spectrum of healthcare units geographically distributed within a wide region. Furthermore, the proposed PKI infrastructure facilitates the trust issues that arise in a large-scale healthcare network including multi-domain PKI infrastructures

Uma rede telemática para a prestação regional de cuidados de saúde

Doutoramento em Engenharia InformáticaAs tecnologias de informação e comunicação na área da saúde não são só um instrumento para a boa gestão de informação, mas antes um fator estratégico para uma prestação de cuidados mais eficiente e segura. As tecnologias de informação são um pilar para que os sistemas de saúde evoluam em direção a um modelo centrado no cidadão, no qual um conjunto abrangente de informação do doente deve estar automaticamente disponível para as equipas que lhe prestam cuidados, independentemente de onde foi gerada (local geográfico ou sistema). Este tipo de utilização segura e agregada da informação clínica é posta em causa pela fragmentação generalizada das implementações de sistemas de informação em saúde. Várias aproximações têm sido propostas para colmatar as limitações decorrentes das chamadas “ilhas de informação” na saúde, desde a centralização total (um sistema único), à utilização de redes descentralizadas de troca de mensagens clínicas. Neste trabalho, propomos a utilização de uma camada de unificação baseada em serviços, através da federação de fontes de informação heterogéneas. Este agregador de informação clínica fornece a base necessária para desenvolver aplicações com uma lógica regional, que demostrámos com a implementação de um sistema de registo de saúde eletrónico virtual. Ao contrário dos métodos baseados em mensagens clínicas ponto-a-ponto, populares na integração de sistemas em saúde, desenvolvemos um middleware segundo os padrões de arquitetura J2EE, no qual a informação federada é expressa como um modelo de objetos, acessível através de interfaces de programação. A arquitetura proposta foi instanciada na Rede Telemática de Saúde, uma plataforma instalada na região de Aveiro que liga oito instituições parceiras (dois hospitais e seis centros de saúde), cobrindo ~350.000 cidadãos, utilizada por ~350 profissionais registados e que permite acesso a mais de 19.000.000 de episódios. Para além da plataforma colaborativa regional para a saúde (RTSys), introduzimos uma segunda linha de investigação, procurando fazer a ponte entre as redes para a prestação de cuidados e as redes para a computação científica. Neste segundo cenário, propomos a utilização dos modelos de computação Grid para viabilizar a utilização e integração massiva de informação biomédica. A arquitetura proposta (não implementada) permite o acesso a infraestruturas de e-Ciência existentes para criar repositórios de informação clínica para aplicações em saúde.Modern health information technology is not just a supporting instrument to good information management but a strategic requirement to provide more efficient and safer health care. Health information technology is a cornerstone to build the future patient-centric health care systems in which a comprehensive set of patient data will be available to the relevant care teams, in spite of where (system or service point) it was generated. Such secure and efficient use of clinical data is challenged by the existing fragmentation of health information systems implementation. Several approaches have been proposed to address the limitations of the so called “information silos” in healthcare, ranging from full centralization (a single system) to full-decentralized clinical message exchange networks. In this work we advocate the use of a service-based unification layer, by federating distributed heterogeneous information sources. This clinical information hub provides the basis to build regional-level applications, which we have demonstrated by implementing a virtual Electronic Health Record system. Unlike the message-driven, point-to-point approaches popular in health care systems integration, we developed a middleware layer, using J2EE architectural patterns, in which the common information is represented as an object model, accessible through programming interfaces. The proposed architecture was instantiated in the Rede Telemática da Saúde network, a platform deployed in the region of Aveiro connecting eight partner institutions (two hospitals and six primary care units), covering ~ 350,000 citizens, indexing information on more than 19,000,000 episodes of care and used by ~350 registered professionals. In addition to the regional health information collaborative platform (RTSys), we introduce a second line of research towards bridging the care networks and the science networks. In the later scenario, we propose the use of Grid computing to enable the massive use and integration of biomedical information. The proposed architecture (not implemented) enables to access existing e-Science infrastructures to create clinical information repositories for health applications

Security information sharing via Twitter: 'Heartbleed' as a case study

The current paper outlines an exploratory case study in which we examined the extent to which specific communities of Twitter users engaged with the debate about the security threat known as ‘Heartbleed’ in the first few days after this threat was exposed. The case study explored which professional groups appeared to lead the debate about Heartbleed, the nature of the communication (tweets and retweets), and evidence about behaviour change. Using keywords from the Twitter user profiles, six occupational groups were identified, each of which were likely to have a direct interest in learning about Heartbleed (including legal, financial, entrepreneurial, press, and IT professionals). The groups participated to different degrees in the debate about Heartbleed. This exploratory case study provides an insight into information sharing, potential communities of influence, and points for future research in the absence of a voice of authority in the field of cybersecurity

PROMIŠLJANJA STUDENATA SOCIJALNE POLITIKE I SOCIJALNOG RADA O UVEDENIM MJERAMA I MEDIJSKOM IZVJEŠTAVANJU TIJEKOM PANDEMIJE COVID-19

Introduced measures to deal with COVID-19 pandemic in Serbia affected everyday life of people. Media coverage during the pandemic played a significant role in providing verified information, protecting human health and well-being. In order to gain insight into the reactions of social work students on introduced measures and media coverage about these measures during the state of emergency in Republic of Serbia, an analysis of reflective journals is presented. Eighty reflective journals were analyzed, where students\u27 reactions on introduced measures and media coverage related to these measures are monitored and linked to the electronic archive of the public media service Radio Television of Serbia news. Students\u27 thoughts on several identified measures are presented and analyzed together with their reactions on media coverage about these measures. Findings indicate the important role of the content and ways of media reporting in creation of reflections, as well as the importance of using reflective journals in both education and preservation of mental health. Possible directions of mental health improvement through media coverage in crisis situations and recommendations for education of social workers are presented.Mjere koje su uvedene zbog pandemije COVID-19 u Srbiji utjecali su na svakodnevni život ljudi. Medijsko izvještavanju tijekom pandemije odigralo je značajnu ulogu u pružanju provjerenih informacija i zaštiti ljudskih prava i dobrobiti. Kako bi se stekao uvid u reakcije studenata socijalnog rada na uvedene mjere i medijsko izvješćivanje o tim mjerama tijekom izvanrednog stanja u Republici Srbiji, u radu se predstavlja analiza refleksivnih dnevnika. Analizirano je osamdeset refleksivnih dnevnika putem kojih su se reakcije studenata na uvedene mjere i na medijsko izvješćivanje povezano s tim mjerama pratile i povezivale s elektronskom arhivom javne medijske usluge novosti Radio Televizije Srbije. Studentska mišljenja o nekoliko uvedenih mjera se prikazuju i analiziraju zajedno s njihovim reakcijama na medijsko izvještavanje o tim mjerama. Rezultati ukazuju na važnu ulogu sadržaja i načina medijskog izvještavanja u stvaranju mišljenja, kao i na važnost korištenja refleksivnih dnevnika u obrazovanju i u očuvanju duševnog zdravlja. Predstavljaju se moguće smjernice za poboljšanje duševnog zdravlja putem medijskog izvještavanja tijeom izvanrednog stanja kao i preporuke za obrazovanje socijalnih radnika

Development of a digital research assistant for the management of patients\u2019 enrollment in oncology clinical trials within a research hospital

Clinical trials in cancer treatment are imperative in enhancing patients\u2019 survival and quality of life outcomes. The lack of communication among professionals may produce a non-optimization of patients\u2019 accrual in clinical trials. We developed a specific platform, called \u201cDigital Research Assistant\u201d (DRA), to report real-time every available clinical trial and support clinician. Healthcare professionals involved in breast cancer working group agreed nine minimal fields of interest to preliminarily classify the characteristics of patients\u2019 records (including omic data, such as genomic mutations). A progressive web app (PWA) was developed to implement a cross-platform software that was scalable on several electronic devices to share the patients\u2019 records and clinical trials. A specialist is able to use and populate the platform. An AI algorithm helps in the matchmaking between patient\u2019s data and clinical trial\u2019s inclusion criteria to personalize patient enrollment. At the same time, an easy configuration allows the application of the DRA in different oncology working groups (from breast cancer to lung cancer). The DRA might represent a valid research tool supporting clinicians and scientists, in order to optimize the enrollment of patients in clinical trials. User Experience and Technology The acceptance of participants using the DRA is topic of a future analysis

Implementation of privacy and security for a genomic information system based on standards

Genomic information is a very sensitive type of digital information as it not only applies to a person, but also to close relatives. Therefore, privacy provision is key to protecting genomic information from unauthorized access. It is worth noting that most of the current genomic information formats do not provide specific mechanisms by which to secure the stored information. In order to solve, among other things, the privacy provision issue, we proposed the GIPAMS (Genomic Information Protection And Management System) modular architecture, which is based on the use of standards such as ISO/IEC 23092 and a few GA4GH (Global Alliance for Genomics and Health) initiatives. Some of the GIPAMS modules have already been implemented, mainly based on ISO/IEC 23092 features, and we are conducting work on the complete version of the architecture, and other standards are also considered. One of the objectives of GIPAMS is to enable the management of different formats of genomic information in a unique and interoperable way, providing privacy and security for formats that do not currently support them.This research has been partially supported by the Spanish Government under the project GenClinLab-Sec (Mechanisms for secure and efficient management of genomic information tailored to clinical laboratories: Security Aspects, PID2020-114394RB-C31) funded by MCIN/AEI/10.13039/ 501100011033 and by the Generalitat de Catalunya (2017 SGR 1749).Peer ReviewedPostprint (published version