441 resultados para privacy violations
Resumo:
Notwithstanding the obvious potential advantages of information and communications technology (ICT) in the enhanced provision of healthcare services, there are some concerns associated with integration of and access to electronic health records. A security violation in health records, such as an unauthorised disclosure or unauthorised alteration of an individual's health information, can significantly undermine both healthcare providers' and consumers' confidence and trust in e-health systems. A crisis in confidence in any national level e-health system could seriously degrade the realisation of the system's potential benefits. In response to the privacy and security requirements for the protection of health information, this research project investigated national and international e-health development activities to identify the necessary requirements for the creation of a trusted health information system architecture consistent with legislative and regulatory requirements and relevant health informatics standards. The research examined the appropriateness and sustainability of the current approaches for the protection of health information. It then proposed an architecture to facilitate the viable and sustainable enforcement of privacy and security in health information systems under the project title "Open and Trusted Health Information Systems (OTHIS)". OTHIS addresses necessary security controls to protect sensitive health information when such data is at rest, during processing and in transit with three separate and achievable security function-based concepts and modules: a) Health Informatics Application Security (HIAS); b) Health Informatics Access Control (HIAC); and c) Health Informatics Network Security (HINS). The outcome of this research is a roadmap for a viable and sustainable architecture for providing robust protection and security of health information including elucidations of three achievable security control subsystem requirements within the proposed architecture. The successful completion of two proof-of-concept prototypes demonstrated the comprehensibility, feasibility and practicality of the HIAC and HIAS models for the development and assessment of trusted health systems. Meanwhile, the OTHIS architecture has provided guidance for technical and security design appropriate to the development and implementation of trusted health information systems whilst simultaneously offering guidance for ongoing research projects. The socio-economic implications of this research can be summarised in the fact that this research embraces the need for low cost security strategies against economic realities by using open-source technologies for overall test implementation. This allows the proposed architecture to be publicly accessible, providing a platform for interoperability to meet real-world application security demands. On the whole, the OTHIS architecture sets a high level of security standard for the establishment and maintenance of both current and future health information systems. This thereby increases healthcare providers‘ and consumers‘ trust in the adoption of electronic health records to realise the associated benefits.
Resumo:
Many current HCI, social networking, ubiquitous computing, and context aware designs, in order for the design to function, have access to, or collect, significant personal information about the user. This raises concerns about privacy and security, in both the research community and main-stream media. From a practical perspective, in the social world, secrecy and security form an ongoing accomplishment rather than something that is set up and left alone. We explore how design can support privacy as practical action, and investigate the notion of collective information-practice of privacy and security concerns of participants of a mobile, social software for ride sharing. This paper contributes an understanding of HCI security and privacy tensions, discovered while “designing in use” using a Reflective, Agile, Iterative Design (RAID) method.
Resumo:
Though stadium style seating in large lecture theatres may suggest otherwise, effective teaching and learning is a not a spectator sport. A challenge in creating effective learning environments in both physical and virtual spaces is to provide optimal opportunity for student engagement in active learning. Queensland University of Technology (QUT) has developed the Open Web Lecture (OWL), a new web-based student response application, which seamlessly integrates a virtual learning environment within the physical learning space. The result is a blended learning experience; a fluid collaboration between academic and students connected to OWL via the University’s Wi-Fi using their own laptop or mobile web device. QUT is currently piloting the OWL application to encourage student engagement. OWL offers opportunities for participants to: • Post comments and questions • Reply to comments • "Like" comments • Poll students and review data • Review archived sessions. Many of these features instinctively appeal to student users of social networking media, yet avail the academic of control within the University network. Student privacy is respected through a system of preserving peer-peer anonymity, a functionality that seeks to address a traditional reluctance to speak up in large classes. The pilot is establishing OWL as an opportunity for engaging students in active learning opportunities by enabling • virtual learning in physical spaces for large group lectures, seminar groups, workshops and conferences • live collaborative technology connecting students and the academic via the wireless network using their own laptop or mobile device • an non- intimidating environment in which to ask questions • promotion of a sense of community • instant feedback • problem based learning. The student and academic response to OWL has been overwhelmingly positive, crediting OWL as an easy to use application, which creates effective learning opportunities though interactivity and immediate feedback. This poster and accompanying online presentation of the technology will demonstrate how OWL offers new possibilities for active learning in physical spaces by: • providing increased opportunity for student engagement • supporting a range of learners and learning activities • fostering blended learning experiences. The presentation will feature visual displays of the technology, its various interfaces and feedback including clips from interviews with students and academics participating in the early stages of the pilot.
Resumo:
With the growth and development of communication technology there is an increasing need for the use of interception technologies in modern policing. Law enforcement agencies are faced with increasingly sophisticated and complex criminal networks that utilise modern communication technology as a basis for their criminal success. In particular, transnational organised crime (TOC) is a diverse and complicated arena, costing global society in excess of $3 trillion annually, a figure that continues to grow (Borger, 2007) as crime groups take advantage of disappearing borders and greater profit markets. However, whilst communication can be a critical success factor for criminal enterprise it is also a key vulnerability. It is this vulnerability that the use of CIT, such as phone taps or email interception, can exploit. As such, law enforcement agencies now need a method and framework that allows them to utilise CIT to combat these crimes efficiently and successfully. This paper provides a review of current literature with the specific purpose of considering the effectiveness of CIT in the fight against TOC and the groundwork that must be laid in order for it to be fully exploited. In doing so, it fills an important gap in current research, focusing on the practical implementation of CIT as opposed to the traditional area of privacy concerns that arise with intrusive methods of investigation. The findings support the notion that CIT is an essential intelligence gathering tool that has a strong place within the modern policing arena. It identifies that the most effective use of CIT is grounded within a proactive, intelligence‐led framework and concludes that in order for this to happen Australian authorities and law enforcement agencies must re‐evaluate and address the current legislative and operational constraints placed on the use of CIT and the culture that surrounds intelligence in policing.
Resumo:
This paper introduces our research on influencing the experience of people in urban public places through mobile mediated interactions. Information and communication technology (ICT) devices are sometimes used to create personal space while in public. ICT devices could also be utilised to digitally augment the urban space with non-privacy sensitive data enabling mobile mediated interactions in an anonymous way between collocated strangers. We present what motivates the research on digital augmentations and mobile mediated interactions between unknown urban dwellers, define the research problem that drives this study and why it is significant research in the field of pervasive social networking. The paper illustrates three design interventions enabling social pervasive content sharing and employing pervasive presence, awareness and anonymous social user interaction in urban public places. The paper concludes with an outlook and summarises the research effort.
Resumo:
Smart metering presents opportunities for business model creation. However the viability of many potential business models in a smart metering scenario may be dictated by privacy regulation and data sharing arrangements. An understanding by businesses of customers’ preferences for the visualisation of their electricity consumption and the degree to which they are willing to share it, is valuable. We present results from two interviews exploring data visualisation and willingness to share personal electricity consumption information. Participants displayed a high willingness to share and a preference for access to additional information when visualising their electricity consumption.
Resumo:
The gathering of people in everyday life is intertwined with travelling to negotiated locations. As a result, mobile phones are often used to rearrange meetings when one or more participants are late or cannot make it on time. Our research is based on the hypothesis that the provision of location data can enhance the experience of people who are meeting each other in different locations. Disposable Maps allows users to select contacts from their phone’s address book who then receive up-to-date location data. The utilisation of peer-to-peer notifications and the application of unique URLs for location storage and presentation enable location sharing whilst ensuring users’ location privacy. In contrast to other location sharing services like Google Latitude, Disposable Maps enables ad hoc location sharing to actively selected location receivers for a fixed period of time in a specific given situation.
Resumo:
Current research in secure messaging for Vehicular Ad hoc Networks (VANETs) appears to focus on employing a digital certificate-based Public Key Cryptosystem (PKC) to support security. The security overhead of such a scheme, however, creates a transmission delay and introduces a time-consuming verification process to VANET communications. This paper proposes a non-certificate-based public key management for VANETs. A comprehensive evaluation of performance and scalability of the proposed public key management regime is presented, which is compared to a certificate-based PKC by employing a number of quantified analyses and simulations. Not only does this paper demonstrate that the proposal can maintain security, but it also asserts that it can improve overall performance and scalability at a lower cost, compared to the certificate-based PKC. It is believed that the proposed scheme will add a new dimension to the key management and verification services for VANETs.
Resumo:
ICT is becoming a prominent part of healthcare delivery but brings with it information privacy concerns for patients and competing concerns by the caregivers. A proper balance between these issues must be established in order to fully utilise ICT capabilities in healthcare. Information accountability is a fairly new concept to computer science which focuses on fair use of information. In this paper we investigate the different issues that need to be addressed when applying information accountability principles to manage healthcare information. We briefly introduce an information accountability framework for handling electronic health records (eHR). We focus more on digital rights management by considering data in eHRs as digital assets and how we can represent privacy policies and data usage policies as these are key factors in accountability systems.
Resumo:
Privacy issues have hindered the evolution of e-health since its emergence. Patients demand better solutions for the protection of private information. Health professionals demand open access to patient health records. Existing e-health systems find it difficult to fulfill these competing requirements. In this paper, we present an information accountability framework (IAF) for e-health systems. The IAF is intended to address privacy issues and their competing concerns related to e-health. Capabilities of the IAF adhere to information accountability principles and e-health requirements. Policy representation and policy reasoning are key capabilities introduced in the IAF. We investigate how these capabilities are feasible using Semantic Web technologies. We discuss with the use of a case scenario, how we can represent the different types of policies in the IAF using the Open Digital Rights Language (ODRL).
Resumo:
Nursing personnel are consistently identified as one of the occupational groups most at risk of work-related musculoskeletal disorders. During the moving and handling of bariatric patients, the weight of the patient combined with atypical body mass contributes to a significant risk of injury to the care provider and patient. This is further compounded by the shape, mobility and co-operation of the patient. The aim of this study was determine user experiences and design requirements for mobile hoists with bariatric patients. Structured interviews were conducted with six experienced injury management staff from the Manual Task Services department of three hospitals in Adelaide, South Australia. All staff had experience in patient handling, the use of patient handling equipment and the provision of patient handling training. A series of open-ended questions were structured around five main themes: 1) patient factors; 2) building/vehicle space and design; 3) equipment and furniture; 4) communication; and 5) staff issues. Questions focussed on the use of mobile hoists for lifting and transferring bariatric patients. Interviews were supplemented with a walk-through of the hospital to view the types of mobile hoists used, and the location and storage of equipment. Across the three hospitals there were differing classification systems to define bariatric patients. Ensuring patient dignity, respect and privacy were viewed as important in the management and rehabilitation of bariatric patients. Storage and space constraints were considered factors restricting the use of mobile floor hoists, with ceiling hoists being the preferred method for patient transfers. When using mobile floor hoists, the forces required to push, pull and manoeuvre, as well as sudden unstable movements of the hoist were considered important risks factors giving rise to a risk of injury to the care provider. Record keeping and purchasing policies appeared to inhibit the effective use of patient handling equipment. The moving and handling of bariatric patients presents complex and challenging issues. A co-ordinated and collaborative approach for moving and handling bariatric patients is needed across the range of care providers. Designers must consider both user and patient requirements.
Resumo:
The greatly increased risk of being killed or injured in a car crash for the young novice driver has been recognised in the road safety and injury prevention literature for decades. Risky driving behaviour has consistently been found to contribute to traffic crashes. Researchers have devised a number of instruments to measure this risky driving behaviour. One tool developed specifically to measure the risky behaviour of young novice drivers is the Behaviour of Young Novice Drivers Scale (BYNDS) (Scott-Parker et al., 2010). The BYNDS consists of 44 items comprising five subscales for transient violations, fixed violations, misjudgement, risky driving exposure, and driving in response to their mood. The factor structure of the BYNDS has not been examined since its development in a matched sample of 476 novice drivers aged 17-25 years. Method: The current research attempted to refine the BYNDS and explore its relationship with the self-reported crash and offence involvement and driving intentions of 390 drivers aged 17-25 years (M = 18.23, SD = 1.58) in Queensland, Australia, during their first six months of independent driving with a Provisional (intermediate) driver’s licence. A confirmatory factor analysis was undertaken examining the fit of the originally proposed BYNDS measurement model. Results: The model was not a good fit to the data. A number of iterations removed items with low factor loadings, resulting in a 36-item revised BYNDS which was a good fit to the data. The revised BYNDS was highly internally consistent. Crashes were associated with fixed violations, risky driving exposure, and misjudgement; offences were moderately associated with risky driving exposure and transient violations; and road-rule compliance intentions were highly associated with transient violations. Conclusions: Applications of the BYNDS in other young novice driver populations will further explore the factor structure of both the original and revised BYNDS. The relationships between BYNDS subscales and self-reported risky behaviour and attitudes can also inform countermeasure development, such as targeting young novice driver non-compliance through enforcement and education initiatives.
Resumo:
Comprehensive BCM plan testing for complex information systems is difficult and expensive, if not infeasible. This paper suggests that a simulator could be employed to ameliorate these problems. A general model for such a BCM simulator is presented, and the implementation of a prototype simulator is described. The simulator reacts to system disturbances by seeking alternative configurations provided within the BCM plan, reporting the resource availabilities in the updated system and identifying any failure to meet the requirements placed on the system. The simulator then explores any changes in data security introduced by the proposed post disturbance configuration and reports any enhanced risk.
Resumo:
Significant numbers of children are severely abused and neglected by parents and caregivers. Infants and very young children are the most vulnerable and are unable to seek help. To identify these situations and enable child protection and the provision of appropriate assistance, many jurisdictions have enacted ‘mandatory reporting laws’ requiring designated professionals such as doctors, nurses, police and teachers to report suspected cases of severe child abuse and neglect. Other jurisdictions have not adopted this legislative approach, at least partly motivated by a concern that the laws produce dramatic increases in unwarranted reports, which, it is argued, lead to investigations which infringe on people’s privacy, cause trauma to innocent parents and families, and divert scarce government resources from deserving cases. The primary purpose of this paper is to explore the extent to which opposition to mandatory reporting laws is valid based on the claim that the laws produce ‘overreporting’. The first part of this paper revisits the original mandatory reporting laws, discusses their development into various current forms, explains their relationship with policy and common law reporting obligations, and situates them in the context of their place in modern child protection systems. This part of the paper shows that in general, contemporary reporting laws have expanded far beyond their original conceptualisation, but that there is also now a deeper understanding of the nature, incidence, timing and effects of different types of severe maltreatment, an awareness that the real incidence of maltreatment is far higher than that officially recorded, and that there is strong evidence showing the majority of identified cases of severe maltreatment are the result of reports by mandated reporters. The second part of this paper discusses the apparent effect of mandatory reporting laws on ‘overreporting’ by referring to Australian government data about reporting patterns and outcomes, with a particular focus on New South Wales. It will be seen that raw descriptive data about report numbers and outcomes appear to show that reporting laws produce both desirable consequences (identification of severe cases) and problematic consequences (increased numbers of unsubstantiated reports). Yet, to explore the extent to which the data supports the overreporting claim, and because numbers of unsubstantiated reports alone cannot demonstrate overreporting, this part of the paper asks further questions of the data. Who makes reports, about which maltreatment types, and what are the outcomes of those reports? What is the nature of these reports; for example, to what extent are multiple numbers of reports made about the same child? What meaning can be attached to an ‘unsubstantiated’ report, and can such reports be used to show flaws in reporting effectiveness and problems in reporting laws? It will be suggested that available evidence from Australia is not sufficiently detailed or strong to demonstrate the overreporting claim. However, it is also apparent that, whether adopting an approach based on public health and or other principles, much better evidence about reporting needs to be collected and analyzed. As well, more nuanced research needs to be conducted to identify what can reasonably be said to constitute ‘overreports’, and efforts must be made to minimize unsatisfactory reporting practice, informed by the relevant jurisdiction’s context and aims. It is also concluded that, depending on the jurisdiction, the available data may provide useful indicators of positive, negative and unanticipated effects of specific components of the laws, and of the strengths, weaknesses and needs of the child protection system.
