A systematic review of cluster detection mechanisms in syndromic surveillance: Towards developing a framework of cluster detection mechanisms for EDMON system

Source at http://www.ep.liu.se/ecp/151/011/ecp18151011.pdf.Time lag in detecting disease outbreaks remains a threat to global health security. Currently, our research team is working towards a system called EDMON, which uses blood glucose level and other supporting parameters from people with type 1 diabetes, as indicator variables for outbreak detection. Therefore, this paper aims to pinpoint the state of the art cluster detection mechanism towards developing an efficient framework to be used in EDMON and other similar syndromic surveillance systems. Various challenges such as user mobility, privacy and confidentiality, geographical location estimation and other factors have been considered. To this end, we conducted a systematic review exploring different online scholarly databases. Considering peer reviewed journals and articles, literatures search was conducted between January and March 2018. Relevant literatures were identified using the title, keywords, and abstracts as a preliminary filter with the inclusion criteria and a full text review were done for literatures that were found to be relevant. A total of 28 articles were included in the study. The result indicates that various clustering and aberration detection algorithms have been developed and tested up to the task. In this regard, privacy preserving policies and high computational power requirement were found challenging since it restrict usage of specific locations for syndromic surveillance

System Security Assurance: A Systematic Literature Review

System security assurance provides the confidence that security features, practices, procedures, and architecture of software systems mediate and enforce the security policy and are resilient against security failure and attacks. Alongside the significant benefits of security assurance, the evolution of new information and communication technology (ICT) introduces new challenges regarding information protection. Security assurance methods based on the traditional tools, techniques, and procedures may fail to account new challenges due to poor requirement specifications, static nature, and poor development processes. The common criteria (CC) commonly used for security evaluation and certification process also comes with many limitations and challenges. In this paper, extensive efforts have been made to study the state-of-the-art, limitations and future research directions for security assurance of the ICT and cyber-physical systems (CPS) in a wide range of domains. We conducted a systematic review of requirements, processes, and activities involved in system security assurance including security requirements, security metrics, system and environments and assurance methods. We highlighted the challenges and gaps that have been identified by the existing literature related to system security assurance and corresponding solutions. Finally, we discussed the limitations of the present methods and future research directions

Implementation of Cluster Detection Mechanism of Syndromic Surveillance System in EDMON

Background: Early detection of disease outbreak has become a global challenge because existing disease surveillance systems, ostensibly, appears not to be efficient enough. As a result, there still exists disease outbreaks such as Ebola, heatwaves, malaria and flu with high case fatality rates in some parts of the world. New disease surveillance methods are therefore being explored to enhance the disease outbreak detection capabilities for timely interventions. For this reason, Electronic Disease Monitoring Network (EDMON) was initiated. EDMON is an ongoing research in syndromic surveillance at University of Tromsø, The Arctic University of Norway. The broad goal of this project is to detect the spread of contagious dieses at the earliest possible moment, and potentially before people know that they have been infected thus as early as the incubation stage of infection. The results shall be visualized on real-time maps as well as presented in digital communication. The project uses self-recorded health related data from people with type-1 diabetes as input. The problem is that most syndromic surveillance systems do not detect disease outbreak as early enough. They detect outbreaks during or after visible symptoms stage of the infection which results in higher time lag. Therefore, health management is unable to manage the outbreaks early enough and this often lead to high disease burden. Appropriate algorithms were explored through systematic review towards the implementation of a cluster detection mechanism in EDMON. In this study, a Hybridge of K-nearness Neighbour (KNN) and Cumulative Summation (CUSUM) known as EDMON-Cluster, were proposed and explored to assess the dual combination ability to augment for the gap of loss of power to detect outbreaks in a geographically disaggregated data. Objective: The main aim of EDMON-cluster was to implement and assess clustering methods of detecting infectious disease outbreak in EDMON. Specifically, spatial and temporal algorithms were hybridized in the implementation and their performance of detection such as sensitivity, specificity and timeliness were evaluated. Various challenges such as privacy and security, geographical location estimation and visualization were considered. Materials and Methods: Synthetic or simulated data was generated to consist of required parameters such as infected Individuals’ detections, geolocations and respective time stamp of occurrences. Synthetic dataset of geolocations of centroid of post codes was also generated. K-nearest neighbour spatial classifier was used to cluster the detected infected Individuals into various centroid of post code areas. This was based on proximity of distance between geolocation of detected individuals and centroid of post codes of near neighbours. Cumulative summation (CUSUM) was then used to implement the temporal aspect of the clustering. A vertical baseline data of an average of one week was used to compare to a week’s scanning window. Z-score was used for thresholding while prototyping was adopted in the entire study. The performance of the KNN algorithm was assessed by determining the proportion of infections which were accurately classified. The Sensitivity, Specificity of the CUSUM method were also evaluated by varying the input data through injection of outbreak spikes at various times. Results: The KNN algorithm, which was implemented in the EDMON-Cluster, recorded 99.52% accuracy when it was evaluated with simulated dataset containing geolocation coordinates among other features and SckitLearn KNN algorithm achieves an accuracy of 93.81% when it was tested with the same dataset. After injection of spikes of known outbreaks in the simulated data, the CUSUM module was totally specific and sensitive by correctly identifying all outbreaks and non-outbreak clusters. Indication of outbreaks on visual maps and through alarm and SMS alerts were successful. The entire process was estimated to be 12.5 minutes with the simulated data. One-way hashing and deidentification were some of the data anonymization techniques which were adopted in the study to obscure privacy as recommended by the General Data Protection Regulation (GDPR). Conclusion: Basically, KNN and CUSUM algorithms were fused together as a spatiotemporal measure known as EDMON- Cluster. A prototype approach was adopted with synthetic data. With reference to the outstanding performance of the EDMON- Cluster, there is enormous motivation to further evaluate the dual paired algorithms with real dataset towards empirical implementation in EDMON. EDMON- Cluster exhibited a potentially useful method in comparison with other surveillance methods which can further be assessed with real data for practical implementation in EDMON. Suitable methods for obtaining a balance point of anonymizing geolocation attributes towards obscuring the privacy and confidentiality of diabetes subjects while maintaining the data requirements for public good, disease surveillance, remains a challenge

A Comprehensive Assessment of Human Factors in Cyber Security Compliance toward Enhancing the Security Practice of Healthcare Staff in Paperless Hospitals

Recent reports indicate that over 85% of data breaches are still caused by a human element, of which healthcare is one of the organizations that cyber criminals target. As healthcare IT infrastructure is characterized by a human element, this study comprehensively examined the effect of psycho-socio-cultural and work factors on security behavior in a typical hospital. A quantitative approach was adopted where we collected responses from 212 healthcare staff through an online questionnaire survey. A broad range of constructs was selected from psychological, social, cultural perception, and work factors based on earlier review work. These were related with some security practices to assess the information security (IS) knowledge, attitude and behavior gaps among healthcare staff in a comprehensive way. The study revealed that work emergency (WE) has a positive correlation with IS conscious care behavior (ISCCB) risk. Conscientiousness also had a positive correlation with ISCCB risk, but agreeableness was negatively correlated with information security knowledge (ISK) risk and information security attitude (ISA) risk. Based on these findings, intrinsic and extrinsic motivation methods combined with cutting-edge technologies can be explored to discourage IS risks behaviors while enhancing conscious care security practice

Investigation into Phishing Risk Behaviour among Healthcare Staff

A phishing attack is one of the less complicated ways to circumvent sophisticated technical security measures. It is often used to exploit psychological (as as well as other) factors of human users to succeed in social engineering attacks including ransomware. Guided by the state-of-the-arts in a phishing simulation study in healthcare and after deeply assessing the ethical dilemmas, an SMS-based phishing simulation was conducted among healthcare workers in Ghana. The study adopted an in-the-wild study approach alongside quantitative and qualitative surveys. From the state-of-the-art studies, the in-the-wild study approach was the most commonly used method as compared to laboratory-based experiments and statistical surveys because its findings are generally reliable and effective. The attack results also showed that 61% of the targeted healthcare staff were susceptible, and some of the healthcare staff were not victims of the attack because they prioritized patient care and were not susceptible to the simulated phishing attack. Through structural equation modelling, the workload was estimated to have a significant effect on self-efficacy risk (r = 0.5, p-value = 0.05) and work emergency predicted a perceived barrier in the reverse direction at a substantial level of r = −0.46, p-value = 0.00. Additionally, Pearson’s correlation showed that the perceived barrier was a predictor of self-reported security behaviour in phishing attacks among healthcare staff. As a result, various suggestions including an extra workload balancing layer of security controls in emergency departments and better security training were suggested to enhance staff’s conscious care behaviour

Mapping the Psychosocialcultural Aspects of Healthcare Professionals’ Information Security Practices: Systematic Mapping Study

BackgroundData breaches in health care are on the rise, emphasizing the need for a holistic approach to mitigation efforts. ObjectiveThe purpose of this study was to develop a comprehensive framework for modeling and analyzing health care professionals’ information security practices related to their individual characteristics, such as their psychological, social, and cultural traits. MethodsThe study area was a hospital setting under an ongoing project called the Healthcare Security Practice Analysis, Modeling, and Incentivization (HSPAMI) project. A literature review was conducted for relevant theories and information security practices. The theories and security practices were used to develop an ontology and a comprehensive framework consisting of psychological, social, cultural, and demographic variables. ResultsIn the review, a number of psychological, social, and cultural theories were identified, including the health belief model, protection motivation theory, theory of planned behavior, and social control theory, in addition to some social demographic variables, to form a comprehensive set of health care professionals’ characteristics. Furthermore, an ontology was developed from these theories to systematically organize the concepts. The framework, called the psychosociocultural (PSC) framework, was then developed from the various combined psychological and sociocultural attributes of the ontology. The Human Aspect of Information Security Questionnaire was adopted as a comprehensive tool for gathering staff security practices as mediating variables in the framework. ConclusionsData breaches occur often in health care today. This frequency has been attributed to the lack of experience of health care professionals in information security, the lack of development of conscious care security practices, and the lack of motivation to incentivize health care professionals. The frequent data breaches in health care threaten the mutual trust between health care professionals and patients, which implicitly impacts the quality of the health care service. The modeling and analysis of health care professionals’ security practices can be conducted with the PSC framework by combining methods of statistical survey, observations, and interviews in relation to PSC variables, such as perceptions (perceived benefits, perceived threats, and perceived barriers) or psychological traits, social factors, cultural factors, and social demographics

Assessing the Legal Aspects of Information Security Requirements for Health Care in 3 Countries: Scoping Review and Framework Development

BackgroundThe loss of human lives from cyberattacks in health care is no longer a probabilistic quantification but a reality that has begun. In addition, the threat scope is also expanding to involve a threat of national security, among others, resulting in surging data breaches within the health care sector. For that matter, there have been provisions of various legislation, regulations, and information security governance tools such as policies, standards, and directives toward enhancing health care information security–conscious care behavior among users. Meanwhile, in a research scenario, there are no comprehensive required security practices to serve as a yardstick in assessing security practices in health care. Moreover, an analysis of the holistic view of the requirements that need more concentration of management, end users, or both has not been comprehensively developed. Thus, there is a possibility that security practice research will leave out vital requirements. ObjectiveThe objective of this study was to systematically identify, assess, and analyze the state-of-the-art information security requirements in health care. These requirements can be used to develop a framework to serve as a yardstick for measuring the future real security practices of health care staff. MethodsA scoping review was, as a result, adopted to identify, assess, and analyze the information security requirement sources within health care in Norway, Indonesia, and Ghana. ResultsOf 188 security and privacy requirement sources that were initially identified, 130 (69.1%) were fully read by the authors. Subsequently, of these 188 requirement documents, 82 (43.6%) fully met the inclusion criteria and were accessed and analyzed. In total, 253 security and privacy requirements were identified in this work. The findings were then used to develop a framework to serve as a benchmark for modeling and analyzing health care security practices. ConclusionsOn the basis of these findings, a framework for modeling, analyzing, and developing effective security countermeasures, including incentivization measures, was developed. Following this framework, research results of health care security practices would be more reliable and effective than relying on incomprehensive security requirements

A systematic review of cluster detection mechanisms in syndromic surveillance: Towards developing a framework of cluster detection mechanisms for EDMON system

Time lag in detecting disease outbreaks remains a threat to global health security. Currently, our research team is working towards a system called EDMON, which uses blood glucose level and other supporting parameters from people with type 1 diabetes, as indicator variables for outbreak detection. Therefore, this paper aims to pinpoint the state of the art cluster detection mechanism towards developing an efficient framework to be used in EDMON and other similar syndromic surveillance systems. Various challenges such as user mobility, privacy and confidentiality, geographical location estimation and other factors have been considered. To this end, we conducted a systematic review exploring different online scholarly databases. Considering peer reviewed journals and articles, literatures search was conducted between January and March 2018. Relevant literatures were identified using the title, keywords, and abstracts as a preliminary filter with the inclusion criteria and a full text review were done for literatures that were found to be relevant. A total of 28 articles were included in the study. The result indicates that various clustering and aberration detection algorithms have been developed and tested up to the task. In this regard, privacy preserving policies and high computational power requirement were found challenging since it restrict usage of specific locations for syndromic surveillance