Analysis of the Adherence of mHealth Applications to HIPAA Technical Safeguards

The proliferation of mobile health technology, or mHealth apps, has made it essential to protect individual health details. People now have easy access to digital platforms that allow them to save, share, and access their medical data and treatment information as well as easily monitor and manage health-related issues. It is crucial to make sure that protected health information (PHI) is effectively and securely transmitted, received, created, and maintained in accordance with the rules outlined by the Health Insurance Portability and Accountability Act (HIPAA), as the use of mHealth apps increases. Unfortunately, many mobile app developers, particularly those of mHealth apps, do not completely understand the HIPAA security and privacy requirements. This offers a unique opportunity for research to create an analytical framework that can help programmers maintain safe and HIPAA-compliant source code while also educating users about the security and privacy of private health information. The plan is to develop a framework which will serve as the foundation for developing an integrated development environment (IDE) plugin for mHealth app developers and a web-based interface for mHealth app consumers. This will help developers identify and address HIPAA compliance issues during the development process and provide consumers with a tool to evaluate the privacy and security of mHealth apps before downloading and using them. The goal is to encourage the development of secure and compliant mHealth apps that safeguard personal health information

HIPAAChecker: A Web Based Application on HIPAA Technical Safeguards Assessment of Android mHealth Applications

Protecting personal health records is becoming increasingly important as more people use Mobile Health applications (mHealth apps) to improve their health outcomes. These mHealth apps enable consumers to monitor their health-related problems, store, manage, and share health records, medical conditions, treatment, and medication. With the increase of mHealth apps accessibility and usability, it is crucial to create, receive, maintain or transmit protected health information (PHI) on behalf of a covered entity or another business associate. The Health Insurance Portability and Accountability Act (HIPAA) provides guidelines to the app developers so that the apps must be compliant with required and addressable Technical Safeguard rules. However, most mobile app developers, including mHealth apps are not aware of HIPAA security and privacy regulations. Therefore, a research opportunity has emerged to develop an analytical framework to assist the developer to maintain a secure and HIPAA-compliant source code and raise awareness among consumers about the privacy and security of sensitive and personal health information. We proposed an Android source code analysis framework that evaluates twelve HIPAA Technical Safeguards to check whether a mHealth application is compliant or not. The implemented meta-analysis and data-flow analysis algorithms are efficient in identifying the risk and safety features for evaluating mHealth apps HIPAA violations. Furthermore, we addressed API level checking for secure data communication mandated by recent CMS guidelines between third-party mobile health apps and EHR systems. Experimentally, a web-based tool has been developed for evaluating the efficacy of analysis techniques and algorithms. We have investigated more than 200 top popular Medical and Health & Fitness category Android apps collected from Google Play Store. We identified from the comparative analysis of the HIPAA rules assessment report that authorization to access sensitive resources, data encryption-decryption, and data transmission security is the most vulnerable features of the investigated apps. We recommend to app developers the most common mistake done at the time of app development and how to avoid these mistakes to implement secure and HIPAA-compliant applications. The proposed framework enables us to develop an IDE plugin for mHealth app developers and a web-based interface for mHealth app consumers

A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data

Managing and exchanging sensitive information securely is a paramount concern for the scientific and cybersecurity community. The increasing reliance on computing workflows and digital data transactions requires ensuring that sensitive information is protected from unauthorized access, tampering, or misuse. This research paper presents a comparative analysis of three novel approaches for authenticating and securing access to scientific data: SciTokens, Verifiable Credentials, and Smart Contracts. The aim of this study is to investigate the strengths and weaknesses of each approach from trust, revocation, privacy, and security perspectives. We examine the technical features and privacy and security mechanisms of each technology and provide a comparative synthesis with the proposed model. Through our analysis, we demonstrate that each technology offers unique advantages and limitations, and the integration of these technologies can lead to more secure and efficient solutions for authentication and access to scientific data.Comment: ACM Practice & Experience in Advanced Research Computing (PEARC) 202

BlockTheFall: Wearable Device-based Fall Detection Framework Powered by Machine Learning and Blockchain for Elderly Care

Falls among the elderly are a major health concern, frequently resulting in serious injuries and a reduced quality of life. In this paper, we propose "BlockTheFall," a wearable device-based fall detection framework which detects falls in real time by using sensor data from wearable devices. To accurately identify patterns and detect falls, the collected sensor data is analyzed using machine learning algorithms. To ensure data integrity and security, the framework stores and verifies fall event data using blockchain technology. The proposed framework aims to provide an efficient and dependable solution for fall detection with improved emergency response, and elderly individuals' overall well-being. Further experiments and evaluations are being carried out to validate the effectiveness and feasibility of the proposed framework, which has shown promising results in distinguishing genuine falls from simulated falls. By providing timely and accurate fall detection and response, this framework has the potential to substantially boost the quality of elderly care.Comment: Accepted to publish in The 1st IEEE International Workshop on Digital and Public Healt

Blockchain-based Medical Image Sharing and Automated Critical-results Notification: A Novel Framework

In teleradiology, medical images are transmitted to offsite radiologists for interpretation and the dictation report is sent back to the original site to aid timely diagnosis and proper patient care. Although teleradiology offers great benefits including time and cost efficiency, after-hour coverages, and staffing shortage management, there are some technical and operational limitations to overcome in reaching its full potential. We analyzed the current teleradiology workflow to identify inefficiencies. Image unavailability and delayed critical result communication stemmed from lack of system integration between teleradiology practice and healthcare institutions are among the most substantial factors causing prolonged turnaround time. In this paper, we propose a blockchain-based medical image sharing and automated critical-results notification platform to address the current limitation. We believe the proposed platform will enhance efficiency in workflow by eliminating the need for intermediaries and will benefit patients by eliminating the need for storing medical images in hard copies. While considerable progress was achieved, further research on governance and HIPAA compliance is required to optimize the adoption of the new application. Towards an idea to a working paradigm, we will implement the prototype during the next phase of our study

MicroRNAs: As Critical Regulators of Tumor- Associated Macrophages

Emerging shreds of evidence suggest that tumor-associated macrophages (TAMs) modulate various hallmarks of cancer during tumor progression. Tumor microenvironment (TME) prime TAMs to execute important roles in cancer development and progression, including angiogenesis, matrix metalloproteinases (MMPs) secretion, and extracellular matrix (ECM) disruption. MicroRNAs (miRNAs) are critical epigenetic regulators, which modulate various functions in diverse types of cells, including macrophages associated with TME. In this review article, we provide an update on miRNAs regulating differentiation, maturation, activation, polarization, and recruitment of macrophages in the TME. Furthermore, extracellular miRNAs are secreted from cancerous cells, which control macrophages phenotypic plasticity to support tumor growth. In return, TAMs also secrete various miRNAs that regulate tumor growth. Herein, we also describe the recent updates on the molecular connection between tumor cells and macrophages. A better understanding of the interaction between miRNAs and TAMs will provide new pharmacological targets to combat cancer