Human Factors Standards and the Hard Human Factor Problems: Observations on Medical Usability Standards

With increasing variety and sophistication of computer-based medical devices, and more diverse users and use environments, usability is essential, especially to ensure safety. Usability standards and guidelines play an important role. We reviewed several, focusing on the IEC 62366 and 60601 sets. It is plausible that these standards have reduced risks for patients, but we raise concerns regarding: (1) complex design trade-offs that are not addressed, (2) a focus on user interface design (e.g., making alarms audible) to the detriment of other human factors (e.g., ensuring users actually act upon alarms they hear), and (3) some definitions and scope restrictions that may create “blind spots”. We highlight potential related risks, e.g. that clear directives on “easier to understand” risks, though useful, may preclude mitigating other, more “difficult” ones; but ask to what extent these negative effects can be avoided by standard writers, given objective constraints. Our critique is motivated by current research and incident reports, and considers standards from other domains and countries. It is meant to highlight problems, relevant to designers, standards committees, and human factors researchers, and to trigger discussion about the potential and limits of standards

Exploring Consumers’ Attitudes of Smart TV Related Privacy Risks

A number of privacy risks are inherent in the Smart TV ecosystem. It is likely that many consumers are unaware of these privacy risks. Alternatively, they might be aware but consider the privacy risks acceptable. In order to explore this, we carried out an online survey with 200 participants to determine whether consumers were aware of Smart TV related privacy risks. The responses revealed a meagre level of awareness. We also explored consumers’ attitudes towards specific Smart TV related privacy risks. We isolated a number of factors that influenced rankings and used these to develop awareness-raising messages. We tested these messages in an online survey with 155 participants. The main finding was that participants were generally unwilling to disconnect their Smart TVs from the Internet because they valued the Smart TV’s Internet functionality more than their privacy. We subsequently evaluated the awareness-raising messages in a second survey with 169 participants, framing the question differently. We asked participants to choose between five different Smart TV Internet connection options, two of which retained functionality but entailed expending time and/or effort to preserve privacy

Investigation of Attitudes Towards Security Behaviors

Cybersecurity attacks have increased as Internet technology has proliferated. Symantec’s 2013 Internet Security Report stated that two out of the top three causes of data breaches in 2012 were attributable to human error (Pelgrin, 2014). This suggests a need to educate end users so that they engage in behaviors that increase their cybersecurity. This study researched how a user’s knowledge affects their engagement in security behaviors. Security behaviors were operationalized into two categories: cyber hygiene and threat response behaviors. A sample of 194 San José State University students were recruited to participate in an observational study. Students completed a card sort, a semantic knowledge quiz, and a survey of their intention to perform security behaviors. A personality inventory was included to see if there would be any effects of personality on security behaviors. Multiple regression was used to see how card sorting and semantic knowledge quiz scores predicted security behaviors, but the results were not significant. Despite this, there was a correlation between cyber hygiene behaviors and threat response behaviors, as well as the Big Five personality traits. The results showed that many of the Big Five personality traits correlated with each other, which is consistent with other studies’ findings. The only personality trait that had a correlation with one of the knowledge measures was neuroticism, in which neuroticism had a negative correlation with the semantic knowledge quiz. Implications for future research are discussed to understand how knowledge, cyber hygiene behaviors, and threat response behaviors relate

Addressing the cyber safety challenge: from risk to resilience

Addressing the cyber safety challenge: from risk to resilience describes the cyber safety issues emerging from a range of technology trends, how different populations are using technologies and the risks they face, and how we can effectively respond to each group’s unique cyber safety needs. Written by the University of Western Sydney for Telstra Corporation Ltd, the report advocates for continuing to move cyber safety from a ‘risk and protection’ framework to one that focuses on building digital resilience, as well as fostering trust and confidence in the online environment. To do this we need to: Address the needs of populations often neglected by current policies and programs – including adults, seniors, parents, and small to medium enterprises Continue to build the digital literacy skills of all populations, because digital literacy strongly influences users’ ability to engage safely online – this is best achieved by a hands-on learning approach Keep risk in perspective – the risks and benefits of digital participation go hand in hand Broaden the focus from awareness-raising to long-term behaviour change. As digital technologies become further integrated into the everyday lives of Australians, users are potentially exposed to greater risks. However, the risks and benefits of digital participation go hand in hand. The challenge, therefore, is to support users to minimise the risks without limiting their digital participation and their capacity to derive the full benefits of connectivity. If Australians are to benefit as either consumers or providers of online services and products in the e-commerce environment, consumer safety and trust need to be improved. Cyber safety needs to be considered against a transforming backdrop of technology trends, products and practices. While the rise of social media has tended to dominate recent debate and developments in cyber safety, particularly in relation to young people, a range of other trends is also shaping how users engage online, the risks they potentially face in the new media landscape, and the strategies used to address them. These trends include the rise of user generated content and content sharing platforms; the uptake of mobile technologies and, in particular, the adoption of smartphones; cloud computing; platform integration and single sign-on mechanisms; and the rise of GPS and location based services

Padronização de uma bateria para a avaliação de fatores de risco psicossociais trabalhistas em trabalhadores colombianos

A battery of questionnaires to assess psychosocial risk factors at work was developed in 2010 in response to Resolution 2646 created by the Colombian Ministry of Social Protection. However, this battery presents some theoretical and practical limitations. A new battery of instruments has been designed and validated that includes instruments and risk indicators of the demand-control-social support and the effort-reward imbalance models. Other factors, not included in these models, but that Resolution 2646 suggests should be assessed, have also been added, and with this additional information, the new battery allows us to also calculate a “global indicator” of demand, control, and social support; family and social risk conditions, coping and personality; and health and wellbeing. The new battery was administered to a sample of 16,095 workers from different occupations and representative Colombian regions. An analysis of the various domains indicates that internal consistency of the various scales is high. The new battery has the following properties: it is simple to use in paper format or when administered by computer, it enables comparison between occupations, it offers unified scores for each variable, and provides information to assess the risk factors suggested by Resolution 2646. In addition, it will make it possible to compare the results obtained when analyzing Colombian workers with those obtained from studies of workers from other countries.Em 2010, desenvolveu-se uma bateria de instrumentos para avaliar fatores psicossociais trabalhistas de risco para a saúde, em resposta à Resolução 2 646 do Ministério da Proteção Social da Colômbia. Contudo, esta conta com algumas limitações que, a partir da construção e da validação de uma nova bateria, neste estudo se pretendem superar. Além disso, a nova bateria oferece recursos adicionais para a avaliação desses fatores: a presente bateria incorpora os instrumentos e os indicadores centrais dos modelos demanda-controle-apoio social e desiquilíbrio esforço-recompensa e os fatores internos do trabalho não considerados nesses modelos, mas que a Resolução considera necessários, mediram-se com testes preexistentes ou desenvolvidos pelos autores. Com os dados coletados, é possível calcular indicadores globais de demanda, controle e apoio social; além de condições familiares e sociais de risco, enfrentamento, personalidade e indicadores de saúde e bem-estar. Para a validação, a bateria foi aplicada a uma amostra de 16 095 trabalhadores de diferentes cargos e municípios colombianos. As anál i ses de consistência interna e validade permitem afirmar que a bateria é simples de aplicar em papel ou digital, permitirá comparar cargos, obter pontuações unificadas por variável, oferecer um diagnóstico de um número importante das variáveis sugeridas na Resolução bem como permitirá comparar os resultados dos trabalhadores colombianos com os de outros países. Palavras-chave: fatores trabalhistas de risco psicossocial, Resolução 2 646 de 2008, modelo demanda-controle-apoio social, modelo desiquilíbrio esforço-recompensa, estresse profissional, avaliação.En 2010 se desarrolló una batería de instrumentos para evaluar factores psicosociales laborales de riesgo para la salud, en respuesta a la Resolución 2646 de 2008 del Ministerio de la Protección Social de Colombia. Sin embargo, esta cuenta con algunas limitaciones que, a partir de la construcción y validación de una nueva batería, en el presente estudio se buscan superar. La nueva batería ofrece recursos adicionales para la evaluación de estos factores: incorpora los instrumentos e indicadores centrales de los modelos demanda-control-apoyo social y desequilibrio esfuerzo-recompensa, y los factores intralaborales no contemplados en dichos modelos, pero que la Resolución considera necesarios, se midieron con pruebas preexistentes o desarrolladas por los autores. Con los datos recolectados es posible calcular indicadores globales de demanda, control y apoyo social; además de condiciones familiares y sociales de riesgo, afrontamiento, personalidad e indicadores de salud y bienestar. Para la validación, la batería se aplicó a una muestra de 16.095 trabajadores de diferentes ocupaciones y municipios colombianos. Los análisis de consistencia interna y validez permiten afirmar que la batería es sencilla de aplicar en papel o por computador, permitirá comparar ocupaciones, obtener puntuaciones unificadas por variable, ofrecer un diagnóstico de un número importante de las variables sugeridas en la Resolución y comparar los resultados de los trabajadores colombianos con los de otros países

Usable Security: Why Do We Need It? How Do We Get It?

Security experts frequently refer to people as “the weakest link in the chain” of system security. Famed hacker Kevin Mitnick revealed that he hardly ever cracked a password, because it “was easier to dupe people into revealing it” by employing a range of social engineering techniques. Often, such failures are attributed to users’ carelessness and ignorance. However, more enlightened researchers have pointed out that current security tools are simply too complex for many users, and they have made efforts to improve user interfaces to security tools. In this chapter, we aim to broaden the current perspective, focusing on the usability of security tools (or products) and the process of designing secure systems for the real-world context (the panorama) in which they have to operate. Here we demonstrate how current human factors knowledge and user-centered design principles can help security designers produce security solutions that are effective in practice