Privacy provision in eHealth using external services

Privacy provision is a key issue for successful secure access to patients’ health information. Current approaches do not always provide patients with the ability to define suitable rules to access to their information in a secure way. This paper presents an approach to give patients control over their information by means of external services. In this way, health information management and access control are kept independent and more secure.Postprint (published version

Implementation of privacy and security for a genomic information system based on standards

Genomic information is a very sensitive type of digital information as it not only applies to a person, but also to close relatives. Therefore, privacy provision is key to protecting genomic information from unauthorized access. It is worth noting that most of the current genomic information formats do not provide specific mechanisms by which to secure the stored information. In order to solve, among other things, the privacy provision issue, we proposed the GIPAMS (Genomic Information Protection And Management System) modular architecture, which is based on the use of standards such as ISO/IEC 23092 and a few GA4GH (Global Alliance for Genomics and Health) initiatives. Some of the GIPAMS modules have already been implemented, mainly based on ISO/IEC 23092 features, and we are conducting work on the complete version of the architecture, and other standards are also considered. One of the objectives of GIPAMS is to enable the management of different formats of genomic information in a unique and interoperable way, providing privacy and security for formats that do not currently support them.This research has been partially supported by the Spanish Government under the project GenClinLab-Sec (Mechanisms for secure and efficient management of genomic information tailored to clinical laboratories: Security Aspects, PID2020-114394RB-C31) funded by MCIN/AEI/10.13039/ 501100011033 and by the Generalitat de Catalunya (2017 SGR 1749).Peer ReviewedPostprint (published version

Tests d’autoavaluació de l’assignatura Xarxes de Computadors

Mòdul desenvolupat sobre Moodle que permet definir tests per a que els alumnes s’autoavaluïn Objectius: Proporcionar als alumnes més problemes resolts. Noves activitats docents per reduir les sessions presencials. Fomentar l’aprenentatge autònom. Millorar la percepció dels alumnes envers la docència rebuda. Com assolir-los? Incloent tot tipus de problemes (resposta curta, resolució numèrica, etc.) Preguntes reals d’exàmens i controls fets a altres cursos. Afegint una justificació per a què l’alumne sàpiga perquè ha fallat.Peer Reviewe

FAIR aspects of a genomic information protection and management system

To handle genomic information while supporting FAIR principles, we present GIPAMS, a modular architecture. GIPAMS provides security and privacy to manage genomic information by means of several independent services and modules that interact among them in an orchestrated way. The paper analyzes how some security and privacy aspects of the FAIRification process are covered by the GIPAMS platform.This work is partly supported by the Spanish Government (GenClinLab-Sec, PID2020-114394RB-C31) and by the Generalitat de Catalunya (2017 SGR 1749).Peer ReviewedPostprint (published version

An architecture for providing personalized digital health

Patients need mechanisms to integrate health information coming from different sources, including personal devices. This would lead to Personalized Digital Health (PDH). HIPAMS (Health Information Protection And Management System) is a modular and interoperable secure architecture that helps in achieving this objective and building a Framework for PDH. The paper presents HIPAMS and how it supports PDH.The work presented in this paper has been partially supported by the Spanish Government under the project GenClinLab-Sec (Mechanisms for secure and efficient management of genomic information tailored to clinical laboratories: Security Aspects, PID2020-114394RB-C31) funded by MCIN/AEI/10.13039/501100011033 and by the Generalitat de Catalunya (2017 SGR 1749).Peer ReviewedObjectius de Desenvolupament Sostenible::3 - Salut i BenestarPostprint (published version

FAIR aspects of a health information protection and management system

Background: Privacy management is a key issue when dealing with storage and distribution of health information. However, FAIR (Findability, Accessibility, Interoperability, and Reusability) principles when sharing information are in increasing demand in several organizations, especially for information generated in public-funded research projects. Objectives: The two main objectives of the presented work are the definition of a secure and interoperable modular architecture to manage different kinds of medical content (xIPAMS [x, for Any kind of content, Information Protection And Management System] and HIPAMS [Health Information Protection And Management System]), and the application of FAIR principles to that architecture in such a way that privacy and security are compatible with FAIR. Methods: We propose the concept of xIPAMS as a modular architecture, following standards for interoperability, which defines mechanisms for privacy, protection, storage, search, and access to health-related information. Results: xIPAMS provides FAIR principles and preserves patient's privacy. For each module, we identify how FAIR principles apply. Conclusions: We have analyzed how xIPAMS, and in particular HIPAMS (Health content), support the FAIR principles focusing on security and privacy. We have identified the FAIR principles supported by the different xIPAMS modules, concluding that the four principles are supported. Our analysis has also considered a possible implementation based on the concept of DACS (Document Access and Communication System), a system storing medical documents in a private and secure way. In addition, we have analyzed security aspects of the FAIRification process and how they are provided by xIPAMS modules.The work presented in this article has been partially supported by the Spanish Government under the project: GenClinLab-Sec (Mechanisms for secure and efficient management of genomic information tailored to clinical laboratories: Security Aspects, PID2020-114394RB-C31) funded by MCIN/AEI/10.13039/501100011033 and by the Generalitat de Catalunya (2017 SGR 1749).Peer ReviewedPostprint (published version

Provenance and dynamic consents for the management of medical data

Medical data describe patient health information, both in healthy and disease conditions. In any case, health institutions need to ask for patient consent in order to provide their services. Patients usually give consent on a one-time basis, for a specific usage. Afterwards, if medical data usage is research, original patient consent does not apply and further consents should be required. On the other hand, provenance of medical data to verify the origin of health procedures is desirable, as digital health is increasing. We propose HIPAMS modular architecture to provide both provenance and dynamic consents for medical data as described in this paper.This work is partly supported by the Spanish Government (GenClinLab-Sec, PID2020-114394RB-C31) and by the Generalitat de Catalunya (2017 SGR 1749)Peer ReviewedPostprint (published version

Protecting privacy of genomic information

The ISO/IEC committee in charge of standardizing the well-known MPEG audiovisual standards has launched, in cooperation with the ISO committee on Biotechnology, a new activity for efficient compressed storage and transmission of genomic information. The paper presents proposals for adding privacy and security to such in-progress standards.Peer ReviewedPostprint (author's final draft

Adding security and privacy to genomic information representation

Provision of security and privacy to genomic data is a key issue in current genomic information representation. Existing formats do not give a solution to these issues (or they provide a partial one), so new solutions are demanded. MPEG-G (ISO/IEC 23092, Genomic Information Representation) is an International Standard for the representation of genomic information being defined by the MPEG Committee (Moving Pictures Expert Group, ISO/IEC JTC1 SC29/WG11). We provide flexible protection to the information stored inside the MPEG-G format with a combination of security techniques and privacy rules.Peer ReviewedPostprint (published version

Reversible fingerprinting for genomic information

This is a post-peer-review, pre-copyedit version of an article published in Multimedia Tools and Applications. The final authenticated version is available online at: https://doi.org/10.1007/s11042-019-08496-yNew genome sequencing technologies have simplified the generation of genomic data, making them more common but in turn a likely target of attack. Security strategies have been devised such as restricting the amount of information that can be queried or using new encryption techniques. These solutions might not be enough if the entire file has to be shared, as the recipient might leak the accessible information. This contribution addresses this issue using watermarking. Each read in a genomic file is modified depending on its content and a secret key. This allows generating different watermarked instances of the original file. Each watermark acts as a fingerprint: if a leak occurs, the unique modifications of the instance points to who originated the unauthorized publication. Using the key, the modifications can be undone. This allows sharing a leak-discouraging version with which the relevance of a file can be assessed, and can be reversed to the original if needed.Peer ReviewedPostprint (author's final draft