Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement

During the past decade, the electronic healthcare (e-health) system has been evolved into a more patient-oriented service with smaller and smarter wireless devices. However, these convenient smart devices have limited computing capacity and memory size, which makes it harder to protect the user’s massive private data in the e-health system. Although some works have established a secure session key between the user and the medical server, the weaknesses still exist in preserving the anonymity with low energy consumption. Moreover, the misuse of biometric information in key agreement process may lead to privacy disclosure, which is irreparable. In this study, we design a dynamic privacy protection mechanism offering the biometric authentication at the server side whereas the exact value of the biometric template remains unknown to the server. And the user anonymity can be fully preserved during the authentication and key negotiation process because the messages transmitted with the proposed scheme are untraceable. Furthermore, the proposed scheme is proved to be semantic secure under the Real-or-Random Model. The performance analysis shows that the proposed scheme suits the e-health environment at the aspect of security and resource occupation

What’s Past Is Prologue: A Scoping Review of Recent Public Health and Global Health Informatics Literature

Objective: To categorize and describe the public health informatics (PHI) and global health informatics (GHI) literature between 2012 and 2014. Methods: We conducted a semi-systematic review of articles published between January 2012 and September 2014 where information and communications technologies (ICT) was a primary subject of the study or a main component of the study methodology. Additional inclusion and exclusion criteria were used to filter PHI and GHI articles from the larger biomedical informatics domain. Articles were identified using MEDLINE as well as personal bibliographies from members of the American Medical Informatics Association PHI and GHI working groups. Results: A total of 85 PHI articles and 282 GHI articles were identified. While systems in PHI continue to support surveillance activities, we identified a shift towards support for prevention, environmental health, and public health care services. Furthermore, articles from the U.S. reveal a shift towards PHI applications at state and local levels. GHI articles focused on telemedicine, mHealth and eHealth applications. The development of adequate infrastructure to support ICT remains a challenge, although we observed a small but growing set of articles that measure the impact of ICT on clinical outcomes. Discussion: There is evidence of growth with respect to both implementation of information systems within the public health enterprise as well as a widening of scope within each informatics discipline. Yet the articles also illuminate the need for more primary research studies on what works and what does not as both searches yielded small numbers of primary, empirical articles. Conclusion: While the body of knowledge around PHI and GHI continues to mature, additional studies of higher quality are needed to generate the robust evidence base needed to support continued investment in eHealth by governmental health agencies

Estudio de soluciones de seguridad para apps móviles en Sanidad

La seguridad de los datos enviados, recibidos y almacenados es una de las mayores preocupaciones de las soluciones móviles orientadas a la eSalud. Es necesario garantizar que las apps y sistemas desarrollados e implantados cumplan una serie de requisitos entorno a la seguridad. En el presente trabajo se plantearán de forma teórica soluciones de seguridad innovadoras para diferentes aplicaciones de m-health analizadas previamente.Grado en Ingeniería de Tecnologías Específicas de Telecomunicació

A Qualitative Exploration of the Security Practices of Registered Nurses

Increased breach occurrences in healthcare cause concern for health information as reported by the Federal Government. Significant effort, regulations, and safeguards are in place to protect the systems used in the healthcare industry. Employee handling of security remains an area of vulnerability related to security protocols. The unified theory of acceptance and usage of technology (UTAUT) served as the model for this qualitative exploratory study with the purpose of understanding registered nurse (RN) perceptions and lived experiences related to IT security. Face-to-face interviews were conducted with 20 participants from the Three Rivers Chapter American Association Critical Care Nurses. Transcribed data were analyzed with a priori codes aligned to the constructs of UTAUT and emergent themes. The emergent themes from the RNs\u27 lived experiences revealed perceptions of IT security mishandling, including walking away from the computer without log-off, and sharing of accounts through single sign on authenticated badges. Strategic planning for the organizational IT security may be strengthened due to the insight about the RNs\u27 workflow related to IT security. Understanding employee perceptions, expressed intentions, and self-reported behaviors to IT security allows for the ability as managers to apply that knowledge to IT security systems, access methods, and implement procedures that will provide for increased organizational IT security and increased patient confidence. The social change from this work may provide contributions to the development of IT infrastructure systems for healthcare helping to create and maintain continued access to and availability of electronic medical records and data for increasing numbers of people who need health maintenance and care