363 resultados para Privacy.
Resumo:
Privacy issues have hindered the evolution of e-health since its emergence. Patients demand better solutions for the protection of private information. Health professionals demand open access to patient health records. Existing e-health systems find it difficult to fulfill these competing requirements. In this paper, we present an information accountability framework (IAF) for e-health systems. The IAF is intended to address privacy issues and their competing concerns related to e-health. Capabilities of the IAF adhere to information accountability principles and e-health requirements. Policy representation and policy reasoning are key capabilities introduced in the IAF. We investigate how these capabilities are feasible using Semantic Web technologies. We discuss with the use of a case scenario, how we can represent the different types of policies in the IAF using the Open Digital Rights Language (ODRL).
Resumo:
Nursing personnel are consistently identified as one of the occupational groups most at risk of work-related musculoskeletal disorders. During the moving and handling of bariatric patients, the weight of the patient combined with atypical body mass contributes to a significant risk of injury to the care provider and patient. This is further compounded by the shape, mobility and co-operation of the patient. The aim of this study was determine user experiences and design requirements for mobile hoists with bariatric patients. Structured interviews were conducted with six experienced injury management staff from the Manual Task Services department of three hospitals in Adelaide, South Australia. All staff had experience in patient handling, the use of patient handling equipment and the provision of patient handling training. A series of open-ended questions were structured around five main themes: 1) patient factors; 2) building/vehicle space and design; 3) equipment and furniture; 4) communication; and 5) staff issues. Questions focussed on the use of mobile hoists for lifting and transferring bariatric patients. Interviews were supplemented with a walk-through of the hospital to view the types of mobile hoists used, and the location and storage of equipment. Across the three hospitals there were differing classification systems to define bariatric patients. Ensuring patient dignity, respect and privacy were viewed as important in the management and rehabilitation of bariatric patients. Storage and space constraints were considered factors restricting the use of mobile floor hoists, with ceiling hoists being the preferred method for patient transfers. When using mobile floor hoists, the forces required to push, pull and manoeuvre, as well as sudden unstable movements of the hoist were considered important risks factors giving rise to a risk of injury to the care provider. Record keeping and purchasing policies appeared to inhibit the effective use of patient handling equipment. The moving and handling of bariatric patients presents complex and challenging issues. A co-ordinated and collaborative approach for moving and handling bariatric patients is needed across the range of care providers. Designers must consider both user and patient requirements.
Resumo:
Comprehensive BCM plan testing for complex information systems is difficult and expensive, if not infeasible. This paper suggests that a simulator could be employed to ameliorate these problems. A general model for such a BCM simulator is presented, and the implementation of a prototype simulator is described. The simulator reacts to system disturbances by seeking alternative configurations provided within the BCM plan, reporting the resource availabilities in the updated system and identifying any failure to meet the requirements placed on the system. The simulator then explores any changes in data security introduced by the proposed post disturbance configuration and reports any enhanced risk.
Resumo:
Significant numbers of children are severely abused and neglected by parents and caregivers. Infants and very young children are the most vulnerable and are unable to seek help. To identify these situations and enable child protection and the provision of appropriate assistance, many jurisdictions have enacted ‘mandatory reporting laws’ requiring designated professionals such as doctors, nurses, police and teachers to report suspected cases of severe child abuse and neglect. Other jurisdictions have not adopted this legislative approach, at least partly motivated by a concern that the laws produce dramatic increases in unwarranted reports, which, it is argued, lead to investigations which infringe on people’s privacy, cause trauma to innocent parents and families, and divert scarce government resources from deserving cases. The primary purpose of this paper is to explore the extent to which opposition to mandatory reporting laws is valid based on the claim that the laws produce ‘overreporting’. The first part of this paper revisits the original mandatory reporting laws, discusses their development into various current forms, explains their relationship with policy and common law reporting obligations, and situates them in the context of their place in modern child protection systems. This part of the paper shows that in general, contemporary reporting laws have expanded far beyond their original conceptualisation, but that there is also now a deeper understanding of the nature, incidence, timing and effects of different types of severe maltreatment, an awareness that the real incidence of maltreatment is far higher than that officially recorded, and that there is strong evidence showing the majority of identified cases of severe maltreatment are the result of reports by mandated reporters. The second part of this paper discusses the apparent effect of mandatory reporting laws on ‘overreporting’ by referring to Australian government data about reporting patterns and outcomes, with a particular focus on New South Wales. It will be seen that raw descriptive data about report numbers and outcomes appear to show that reporting laws produce both desirable consequences (identification of severe cases) and problematic consequences (increased numbers of unsubstantiated reports). Yet, to explore the extent to which the data supports the overreporting claim, and because numbers of unsubstantiated reports alone cannot demonstrate overreporting, this part of the paper asks further questions of the data. Who makes reports, about which maltreatment types, and what are the outcomes of those reports? What is the nature of these reports; for example, to what extent are multiple numbers of reports made about the same child? What meaning can be attached to an ‘unsubstantiated’ report, and can such reports be used to show flaws in reporting effectiveness and problems in reporting laws? It will be suggested that available evidence from Australia is not sufficiently detailed or strong to demonstrate the overreporting claim. However, it is also apparent that, whether adopting an approach based on public health and or other principles, much better evidence about reporting needs to be collected and analyzed. As well, more nuanced research needs to be conducted to identify what can reasonably be said to constitute ‘overreports’, and efforts must be made to minimize unsatisfactory reporting practice, informed by the relevant jurisdiction’s context and aims. It is also concluded that, depending on the jurisdiction, the available data may provide useful indicators of positive, negative and unanticipated effects of specific components of the laws, and of the strengths, weaknesses and needs of the child protection system.
Resumo:
This paper argues that any future copyright policy should be proportional and flexible and be developed from a clear and evidence-based approach. An approach is required that carefully balances the incentives and rewards provided to economic rights holders against fundamental rights of privacy, self-expression, due process and the user rights embodied in copyright law to protect access, learning, critique, and reuse. This paper also suggests that while adequate enforcement measures are certainly part of a solution to a well functioning lawful, enforcement alone can never solve the root cause of unlawful file-sharing, since it utterly fails to address supply-side market barriers. Focus on enforcement measures alone continues to leave out a legitimate but un-served market demand, susceptible to unlawful alternatives. A competitive and consumer friendly digital content market and an appropriate legal framework to enable easy lawful access to digital content are essential preconditions for the creation of a culture of lawful, rather than unlawful, consumption.
Resumo:
The privacy of efficient tree-based RFID authentication protocols is heavily dependent on the branching factor on the top layer. Indefinitely increasing the branching factor, however, is not a viable option. This paper proposes the alternate-tree walking scheme as well as two protocols to circumvent this problem. The privacy of the resulting protocols is shown to be comparable to that of linear-time protocols, where there is no leakage of information, whilst reducing the computational load of the database by one-third of what is required of tree-based protocols during authentication. We also identify and address a limitation in quantifying privacy in RFID protocols.
Resumo:
U-Healthcare means that it provides healthcare services "at anytime and anywhere" using wired, wireless and ubiquitous sensor network technologies. As a main field of U-healthcare, Telehealth has been developed as an enhancement of Telemedicine. This system includes two-way interactive web-video communications, sensor technology, and health informatics. With these components, it will assist patients to receive their first initial diagnosis. Futhermore, Telehealth will help doctors diagnose patient's diseases at early stages and recommend treatments to patients. However, this system has a few limitations such as privacy issues, interruption of real-time service and a wrong ordering from remote diagnosis. To deal with those flaws, security procedures such as authorised access should be applied to as an indispensible component in medical environment. As a consequence, Telehealth system with these protection procedures in clinical services will cope with anticipated vulnerabilities of U-Healthcare services and security issues involved.
Resumo:
Mandatory data breach notification laws have been a significant legislative reform in response to unauthorized disclosures of personal information by public and private sector organizations. These laws originated in the state-based legislatures of the United States during the last decade and have subsequently garnered worldwide legislative interest. We contend that there are conceptual and practical concerns regarding mandatory data breach notification laws which limit the scope of their applicability, particularly in relation to existing information privacy law regimes. We outline these concerns here, in the light of recent European Union and Australian legal developments in this area.
Resumo:
In the medical and healthcare arena, patients‟ data is not just their own personal history but also a valuable large dataset for finding solutions for diseases. While electronic medical records are becoming popular and are used in healthcare work places like hospitals, as well as insurance companies, and by major stakeholders such as physicians and their patients, the accessibility of such information should be dealt with in a way that preserves privacy and security. Thus, finding the best way to keep the data secure has become an important issue in the area of database security. Sensitive medical data should be encrypted in databases. There are many encryption/ decryption techniques and algorithms with regard to preserving privacy and security. Currently their performance is an important factor while the medical data is being managed in databases. Another important factor is that the stakeholders should decide more cost-effective ways to reduce the total cost of ownership. As an alternative, DAS (Data as Service) is a popular outsourcing model to satisfy the cost-effectiveness but it takes a consideration that the encryption/ decryption modules needs to be handled by trustworthy stakeholders. This research project is focusing on the query response times in a DAS model (AES-DAS) and analyses the comparison between the outsourcing model and the in-house model which incorporates Microsoft built-in encryption scheme in a SQL Server. This research project includes building a prototype of medical database schemas. There are 2 types of simulations to carry out the project. The first stage includes 6 databases in order to carry out simulations to measure the performance between plain-text, Microsoft built-in encryption and AES-DAS (Data as Service). Particularly, the AES-DAS incorporates implementations of symmetric key encryption such as AES (Advanced Encryption Standard) and a Bucket indexing processor using Bloom filter. The results are categorised such as character type, numeric type, range queries, range queries using Bucket Index and aggregate queries. The second stage takes the scalability test from 5K to 2560K records. The main result of these simulations is that particularly as an outsourcing model, AES-DAS using the Bucket index shows around 3.32 times faster than a normal AES-DAS under the 70 partitions and 10K record-sized databases. Retrieving Numeric typed data takes shorter time than Character typed data in AES-DAS. The aggregation query response time in AES-DAS is not as consistent as that in MS built-in encryption scheme. The scalability test shows that the DBMS reaches in a certain threshold; the query response time becomes rapidly slower. However, there is more to investigate in order to bring about other outcomes and to construct a secured EMR (Electronic Medical Record) more efficiently from these simulations.
Resumo:
Purpose: The purpose of this study was to improve the retention of primary healthcare (PHC) nurses through exploring and assessing their quality of work life (QWL) and turnover intention. Design and methods: A cross-sectional survey design was used in this study. Data were collected using a questionnaire comprising four sections (Brooks’ survey of Quality of Nursing Work Life [QNWL], Anticipated Turnover Intention, open-ended questions and demographic characteristics). A convenience sample was recruited from 143 PHC centres in Jazan, Saudi Arabia. A response rate of 87% (n = 508/585) was achieved. The SPSS v17 for Windows and NVivo 8 were used for analysis purposes. Procedures and tests used in this study to analyse the quantitative data were descriptive statistics, t-test, ANOVA, General Linear Model (GLM) univariate analysis, standard multiple regression, and hierarchical multiple regression. Qualitative data obtained from responses to the open-ended questions were analysed using the NVivo 8. Findings: Quantitative findings suggested that PHC nurses were dissatisfied with their work life. Respondents’ scores ranged between 45 and 218 (mean = 139.45), which is lower than the average total score on Brooks’ Survey (147). Major influencing factors were classified under four dimensions. First, work life/home life factors: unsuitable working hours, lack of facilities for nurses, inability to balance work with family needs and inadequacy of vacations’ policy. Second, work design factors: high workload, insufficient workforce numbers, lack of autonomy and undertaking many non-nursing tasks. Third, work context factors: management practices, lack of development opportunities, and inappropriate working environment in terms of the level of security, patient care supplies and unavailability of recreation room. Finally, work world factors: negative public image of nursing, and inadequate payment. More positively, nurses were notably satisfied with their co-workers. Conversely, 40.4% (n = 205) of the respondents indicated that they intended to leave their current employment. The relationships between QWL and demographic variables of gender, age, marital status, dependent children, dependent adults, nationality, ethnicity, nursing tenure, organisational tenure, positional tenure, and payment per month were significant (p < .05). The eta squared test for these demographics indicates a small to medium effect size of the variation in QWL scores. Using the GLM univariate analysis, education level was also significantly related to the QWL (p < .05). The relationships between turnover intention and demographic variables including gender, age, marital status, dependent children, education level, nursing tenure, organisational tenure, positional tenure, and payment per month were significant (p < .05). The eta squared test for these demographics indicates a small to moderate effect size of the variation in the turnover intention scores. Using the GLM univariate analysis, the dependent adults’ variable was also significantly related to turnover intention (p < .05). Turnover intention was significantly related to QWL. Using standard multiple regression, 26% of the variance in turnover intention was explained by the QWL F (4,491), 43.71, p < .001, with R² = .263. Further analysis using hierarchical multiple regression found that the total variance explained by the model as a whole (demographics and QWL) was 32.1%, F (17.433) = 12.04, p < .001. QWL explained an additional 19% of the variance in turnover intention, after controlling for demographic variables, R squared change =.19, F change (4, 433) = 30.190, p < .001. The work context variable makes the strongest unique contribution (-.387) to explain the turnover intention, followed by the work design dimension (-.112). The qualitative findings reaffirmed the quantitative findings in terms of QWL and turnover intention. However, the home life/work life and work world dimensions were of great important to both QWL and turnover intention. The qualitative findings revealed a number of new factors that were not included in the survey questionnaire. These included being away from family, lack of family support, social and cultural aspects, accommodation facilities, transportation, building and infrastructure of PHC, nature of work, job instability, privacy at work, patients and community, and distance between home and workplace. Conclusion: Creating and maintaining a healthy work life for PHC nurses is very important to improve their work satisfaction, reduce turnover, enhance productivity and improve nursing care outcomes. Improving these factors could lead to a higher QWL and increase retention rates and therefore reinforcing the stabilisation of the nursing workforce. Significance of the research: Many countries are examining strategies to attract and retain the health care workforce, particularly nurses. This study identified factors that influence the QWL of PHC nurses as well as their turnover intention. It also determined the significant relationship between QWL and turnover intention. In addition, the present study tested Brooks’ survey of QNWL on PHC nurses for the first time. The qualitative findings of this study revealed a number of new variables regarding QWL and turnover intention of PHC nurses. These variables could be used to improve current survey instruments or to develop new research surveys. The study findings could be also used to develop and appropriately implement plans to improve QWL. This may help to enhance the home and work environments of PHC nurses, improve individual and organisational performance, and increase nurses’ commitment. This study contributes to the existing body of research knowledge by presenting new data and findings from a different country and healthcare system. It is the first of its kind in Saudi Arabia, especially in the field of PHC. It has examined the relationship between QWL and turnover intention of PHC nurses for the first time using nursing instruments. The study also offers a fresh explanation (new framework) of the relationship between QWL and turnover intention among PHC nurses, which could be used or tested by researchers in other settings. Implications for further research: Review of the extant literature reveals little in-depth research on the PHC workforce, especially in terms of QWL and organisational turnover in developing countries. Further research is required to develop a QWL tool for PHC nurses, taking into consideration the findings of the current study along with the local culture. Moreover, the revised theoretical framework of the current study could be tested in further research in other regions, countries or healthcare systems in order to identify its ability to predict the level of PHC nurses’ QWL and their intention to leave. There is a need to conduct longitudinal research on PHC organisations to gain an in-depth understanding of the determents of and changes in QWL and turnover intention of PHC nurses at various points of time. An intervention study is required to improve QWL and retention among PHC nurses using the findings of the current study. This would help to assess the impact of such strategies on reducing turnover of PHC nurses. Focusing on the location of the current study, it would be valuable to conduct another study in five years’ time to examine the percentage of actual turnover among PHC nurses compared with the reported turnover intention in the current study. Further in-depth research would also be useful to assess the impact of the local culture on the perception of expatriate nurses towards their QWL and their turnover intention. A comparative study is required between PHC centres and hospitals as well as the public and private health sector agencies in terms of QWL and turnover intention of nursing personnel. Findings may differ from sector to sector according to variations in health systems, working environments and the case mix of patients.
Resumo:
Complexity is a major concern which is aimed to be overcome by people through modeling. One way of reducing complexity is separation of concerns, e.g. separation of business process from applications. One sort of concerns are cross-cutting concerns i.e. concerns which are scattered and tangled through one of several models. In business process management, examples of such concerns are security and privacy policies. To deal with these cross-cutting concerns, the aspect orientated approach was introduced in the software development area and recently also in the business process management area. The work presented in this paper elaborates on aspect oriented process modelling. It extends earlier work by defining a mechanism for capturing multiple concerns and specifying a precedence order according to which they should be handled in a process. A formal syntax of the notation is presented precisely capturing the extended concepts and mechanisms. Finally, the relevant of the approach is demonstrated through a case study.
Resumo:
We introduce the concept of Revocable Predicate Encryption (RPE), which extends current predicate encryption setting with revocation support: private keys can be used to decrypt an RPE ciphertext only if they match the decryption policy (defined via attributes encoded into the ciphertext and predicates associated with private keys) and were not revoked by the time the ciphertext was created. We formalize the notion of attribute hiding in the presence of revocation and propose an RPE scheme, called AH-RPE, which achieves attribute-hiding under the Decision Linear assumption in the standard model. We then present a stronger privacy notion, termed full hiding, which further cares about privacy of revoked users. We propose another RPE scheme, called FH-RPE, that adopts the Subset Cover Framework and offers full hiding under the Decision Linear assumption in the standard model. The scheme offers very flexible privacy-preserving access control to encrypted data and can be used in sender-local revocation scenarios.
Resumo:
Reducing complexity in Information Systems is a main concern in both research and industry. One strategy for reducing complexity is separation of concerns. This strategy advocates separating various concerns, like security and privacy, from the main concern. It results in less complex, easily maintainable, and more reusable Information Systems. Separation of concerns is addressed through the Aspect Oriented paradigm. This paradigm has been well researched and implemented in programming, where languages such as AspectJ have been developed. However, the rsearch on aspect orientation for Business Process Management is still at its beginning. While some efforts have been made proposing Aspect Oriented Business Process Modelling, it has not yet been investigated how to enact such process models in a Workflow Management System. In this paper, we define a set of requirements that specifies the execution of aspect oriented business process models. We create a Coloured Petri Net specification for the semantics of so-called Aspect Service that fulfils these requirements. Such a service extends the capability of a Workflow Management System with support for execution of aspect oriented business process models. The design specification of the Aspect Service is also inspected through state space analysis.
Resumo:
Teleradiology allows medical images to be transmitted over electronic networks for clinical interpretation, and for improved healthcare access, delivery and standards. Although, such remote transmission of the images is raising various new and complex legal and ethical issues, including image retention and fraud, privacy, malpractice liability, etc., considerations of the security measures used in teleradiology remain unchanged. Addressing this problem naturally warrants investigations on the security measures for their relative functional limitations and for the scope of considering them further. In this paper, starting with various security and privacy standards, the security requirements of medical images as well as expected threats in teleradiology are reviewed. This will make it possible to determine the limitations of the conventional measures used against the expected threats. Further, we thoroughly study the utilization of digital watermarking for teleradiology. Following the key attributes and roles of various watermarking parameters, justification for watermarking over conventional security measures is made in terms of their various objectives, properties, and requirements. We also outline the main objectives of medical image watermarking for teleradiology, and provide recommendations on suitable watermarking techniques and their characterization. Finally, concluding remarks and directions for future research are presented.
Resumo:
Despite the significant health benefits attributed to breastfeeding, rates in countries, such as Australia, continue to remain static or to decline. Typically, the tangible support offered for women to support breastfeeding behaviours takes the form of face-to-face advice from health professionals, peer counselling via not-for-profit organizations such as the ABA, and provision of information through websites, pamphlets, and books. Prior research indicates that face-to-face support is more effective than telephone contact (Britton, McCormic, Renfrew, Wade, & King, 2009). Given the increasing costs associated with the provision of personalized face-to-face professional support and the need for some women to maximize privacy, discretion, and judgment-free consultations, there is a gap that could be filled by the use of m-technologies such as text messaging and other social media. The research team developed MumBubConnect; a two-way SMS system which combined the personalized aspects of face-to-face contact but maintained levels of privacy. The use of SMS was immediate, portable, and overcame many of the barriers associated with embarrassment. An Page 205 of 312 online survey of 130 breastfeeding mothers indicated that MumBubConnect facilitated the seeking of social support using m-technology, increased self-efficacy and maintained the desire behaviour.
