967 resultados para privacy protection
Resumo:
In 2001, amendments to the Migration Act 1958 (Cth) made possible the offshore processing of protection claims. The same amendments also foreshadowed the processing of claims by ‘offshore entry persons’ in Australia according to non-statutory procedures. After disbanding offshore processing the then Rudd Labor Government commenced processing of protection claims by ‘offshore entry persons’ in Australia under the Refugee Status Assessment process (RSA). The RSA process sought to substitute well established legislative criteria for the grant of a protection visa, as interpreted by the courts, with administrative guidelines and decision-making immune from judicial review. This approach was rejected by the High Court in the cases M61 and M69. This article analyses these developments in light of Australia’s international protection obligations, as well as considering the practical obstacles that continue to confront offshore entry persons as they pursue judicial review of adverse refugee status determinations after the High Court’s decision.
Resumo:
Background: Patient privacy and confidentiality (PPaC) is an important consideration for nurses and other members of the health care team. Can a patient expect to have confidentiality and in particular privacy in the current climate of emergency health care? Do staff who work in the Emergency Department (ED) see confidentiality as an important factor when providing emergency care? These questions are important to consider. Methods: This is a two phased quality improvement project, developed and implemented over a six month period in a busy regional, tertiary referral ED. Results: Issues identified for this department included department design and layout, overcrowding due to patient flow and access block, staff practices and department policies which were also impacted upon by culture of the team, and use of space. Conclusions: Changes successful in improving this issue include increased staff awareness about PPaC, intercom paging prior to nursing handover to remove visitors during handover, one visitor per patient policy, designated places for handover, allocated bed space for patient reviews/assessment and a strategy to temporarily move the patient if procedures would have been undertaken in shared bed space. These are important issues when considering policy, practice and department design in the ED.
Resumo:
Notwithstanding the obvious potential advantages of information and communications technology (ICT) in the enhanced provision of healthcare services, there are some concerns associated with integration of and access to electronic health records. A security violation in health records, such as an unauthorised disclosure or unauthorised alteration of an individual's health information, can significantly undermine both healthcare providers' and consumers' confidence and trust in e-health systems. A crisis in confidence in any national level e-health system could seriously degrade the realisation of the system's potential benefits. In response to the privacy and security requirements for the protection of health information, this research project investigated national and international e-health development activities to identify the necessary requirements for the creation of a trusted health information system architecture consistent with legislative and regulatory requirements and relevant health informatics standards. The research examined the appropriateness and sustainability of the current approaches for the protection of health information. It then proposed an architecture to facilitate the viable and sustainable enforcement of privacy and security in health information systems under the project title "Open and Trusted Health Information Systems (OTHIS)". OTHIS addresses necessary security controls to protect sensitive health information when such data is at rest, during processing and in transit with three separate and achievable security function-based concepts and modules: a) Health Informatics Application Security (HIAS); b) Health Informatics Access Control (HIAC); and c) Health Informatics Network Security (HINS). The outcome of this research is a roadmap for a viable and sustainable architecture for providing robust protection and security of health information including elucidations of three achievable security control subsystem requirements within the proposed architecture. The successful completion of two proof-of-concept prototypes demonstrated the comprehensibility, feasibility and practicality of the HIAC and HIAS models for the development and assessment of trusted health systems. Meanwhile, the OTHIS architecture has provided guidance for technical and security design appropriate to the development and implementation of trusted health information systems whilst simultaneously offering guidance for ongoing research projects. The socio-economic implications of this research can be summarised in the fact that this research embraces the need for low cost security strategies against economic realities by using open-source technologies for overall test implementation. This allows the proposed architecture to be publicly accessible, providing a platform for interoperability to meet real-world application security demands. On the whole, the OTHIS architecture sets a high level of security standard for the establishment and maintenance of both current and future health information systems. This thereby increases healthcare providers‘ and consumers‘ trust in the adoption of electronic health records to realise the associated benefits.
Resumo:
A microgrid provides economical and reliable power to customers by integrating distributed resources more effectively. Islanded operation enables a continuous power supply for loads during a major grid disturbance. Reliability of a microgrid can be further increased by forming a mesh configuration. However, the protection of mesh microgrids is a challenging task. In this paper, protection schemes are discussed using current differential protection of a microgrid. The protection challenges associated with bi-directional power flow, meshed configuration, changing fault current level due to intermittent nature of DGs and reduced fault current level in an islanded mode are considered in proposing the protection solutions. Relay setting criterion and current transformer (CT) selection guidelines are also discussed. The results are verified using MATLAB calculations and PSCAD simulations.
Resumo:
Client puzzles are moderately-hard cryptographic problems neither easy nor impossible to solve that can be used as a counter-measure against denial of service attacks on network protocols. Puzzles based on modular exponentiation are attractive as they provide important properties such as non-parallelisability, deterministic solving time, and linear granularity. We propose an efficient client puzzle based on modular exponentiation. Our puzzle requires only a few modular multiplications for puzzle generation and verification. For a server under denial of service attack, this is a significant improvement as the best known non-parallelisable puzzle proposed by Karame and Capkun (ESORICS 2010) requires at least 2k-bit modular exponentiation, where k is a security parameter. We show that our puzzle satisfies the unforgeability and difficulty properties defined by Chen et al. (Asiacrypt 2009). We present experimental results which show that, for 1024-bit moduli, our proposed puzzle can be up to 30 times faster to verify than the Karame-Capkun puzzle and 99 times faster than the Rivest et al.'s time-lock puzzle.
Resumo:
In the long term, with development of skill, knowledge, exposure and confidence within the engineering profession, rigorous analysis techniques have the potential to become a reliable and far more comprehensive method for design and verification of the structural adequacy of OPS, write Nimal J Perera, David P Thambiratnam and Brian Clark. This paper explores the potential to enhance operator safety of self-propelled mechanical plant subjected to roll over and impact of falling objects using the non-linear and dynamic response simulation capabilities of analytical processes to supplement quasi-static testing methods prescribed in International and Australian Codes of Practice for bolt on Operator Protection Systems (OPS) that are post fitted. The paper is based on research work carried out by the authors at the Queensland University of Technology (QUT) over a period of three years by instrumentation of prototype tests, scale model tests in the laboratory and rigorous analysis using validated Finite Element (FE) Models. The FE codes used were ABAQUS for implicit analysis and LSDYNA for explicit analysis. The rigorous analysis and dynamic simulation technique described in the paper can be used to investigate the structural response due to accident scenarios such as multiple roll over, impact of multiple objects and combinations of such events and thereby enhance the safety and performance of Roll Over and Falling Object Protection Systems (ROPS and FOPS). The analytical techniques are based on sound engineering principles and well established practice for investigation of dynamic impact on all self propelled vehicles. They are used for many other similar applications where experimental techniques are not feasible.
Resumo:
The 'dick' tog, a briefs-style male swimsuit as it is colloquially referred to, is linked to Australia's national identity with overtly masculine bronzed 'Aussie' bodies clothed in this iconic apparel. However, the reality is, our hunger for worshiping the sun and the addiction to a beach culture is tempered by the pragmatic need to cover up and wear neck-to-knee, or more apt, head-to-toe sun protective clothing. Australia, in particular the state of Queensland, has one of the highest rates of skin cancer in the world; nevertheless, even after wide-ranging public programs for sun safety awareness many people still continue to wear designs that provide minimal sun protection. This paper will examine issues surrounding fashion and sun safe clothing. It will be proposed that in order to have effective community adoption of sun safe practices it is critical to understand the important role that fashion plays in determining sun protective behaviour.
Resumo:
In June 2011, a research project team from the Institute for Ethics, Governance and Law (IEGL), Queensland University of Technology, the United Nations University, and the Australian Government’s Asia Pacific Civil-Military Centre of Excellence (APCMCOE) held three Capacity-Building Workshops (the Workshops) on the Responsibility to Protect (R2P) and the Protection of Civilians (POC) in Armed Conflict in Manila, Kuala Lumpur, and Jakarta. The research project is funded by the Australian Responsibility to Protect Fund, with support from APCMCOE. Developments in Libya and Cote d’Ivoire and the actions of the United Nations Security Council have given new significance to the relationship between R2P and POC, providing impetus to the relevance and application of the POC principle recognised in numerous Security Council resolutions, and the R2P principle, which was recognised by the United Nations General Assembly in 2005 and, now, by the Security Council. The Workshops considered the relationship between R2P and POC. The project team presented the preliminary findings of their study and sought contributions and feedback from Workshop participants. Prior to the Workshops, members of the project team undertook interviews with UN offices and agencies, international organisations (IOs) and non-government organisations (NGOs) in Geneva and New York as part of the process of mapping the relationship between R2P and POC. Initial findings were considered at an Academic-Practitioner Workshop held at the University of Sydney in November 2010. In addition to an extensive literature review and a series of academic publications, the project team is preparing a practical guidance text (the Guide) on the relationship between R2P and POC to assist the United Nations, governments, regional bodies, IOs and NGOs in considering and applying appropriate protection strategies. It is intended that the Guide be presented to the United Nations Secretariat in New York in early 2012. The primary aim of the Workshops was to test the project’s initial findings among an audience of diplomats, military, police, civilian policy-makers, practitioners, researchers and experts from within the region. Through dialogue and discussion, the project team gathered feedback – comments, questions, critique and suggestions – to help shape the development of practical guidance about when, how and by whom R2P and POC might be implemented.
Resumo:
This thesis is about the Australian domain name system and, in particular, the principles governing the registration of domain names in the '.au' country code domain space. It examines the different types of registration systems adopted in country code domain spaces and categorises them according to the extent to which they impose restrictions on registration, ranging from restrictive to unrestrictive. A comparative analysis is made of the restrictive registration system in Australia and the United Kingdom‘s unrestrictive system.
Resumo:
Privacy issues have hindered the evolution of e-health since its emergence. Patients demand better solutions for the protection of private information. Health professionals demand open access to patient health records. Existing e-health systems find it difficult to fulfill these competing requirements. In this paper, we present an information accountability framework (IAF) for e-health systems. The IAF is intended to address privacy issues and their competing concerns related to e-health. Capabilities of the IAF adhere to information accountability principles and e-health requirements. Policy representation and policy reasoning are key capabilities introduced in the IAF. We investigate how these capabilities are feasible using Semantic Web technologies. We discuss with the use of a case scenario, how we can represent the different types of policies in the IAF using the Open Digital Rights Language (ODRL).
Resumo:
Security and privacy in electronic health record systems have been hindering the growth of e-health systems since their emergence. The development of policies that satisfy the security and privacy requirements of different stakeholders in healthcare has proven to be difficult. But, these requirements have to be met if the systems developed are to succeed in achieving their intended goals. Access control is a fundamental security barrier for securing data in healthcare information systems. In this paper we present an access control model for electronic health records. We address patient privacy requirements, confidentiality of private information and the need for flexible access for health professionals for electronic health records. We carefully combine three existing access control models and present a novel access control model for EHRs which satisfies requirements of electronic health records.
Resumo:
Significant numbers of children are severely abused and neglected by parents and caregivers. Infants and very young children are the most vulnerable and are unable to seek help. To identify these situations and enable child protection and the provision of appropriate assistance, many jurisdictions have enacted ‘mandatory reporting laws’ requiring designated professionals such as doctors, nurses, police and teachers to report suspected cases of severe child abuse and neglect. Other jurisdictions have not adopted this legislative approach, at least partly motivated by a concern that the laws produce dramatic increases in unwarranted reports, which, it is argued, lead to investigations which infringe on people’s privacy, cause trauma to innocent parents and families, and divert scarce government resources from deserving cases. The primary purpose of this paper is to explore the extent to which opposition to mandatory reporting laws is valid based on the claim that the laws produce ‘overreporting’. The first part of this paper revisits the original mandatory reporting laws, discusses their development into various current forms, explains their relationship with policy and common law reporting obligations, and situates them in the context of their place in modern child protection systems. This part of the paper shows that in general, contemporary reporting laws have expanded far beyond their original conceptualisation, but that there is also now a deeper understanding of the nature, incidence, timing and effects of different types of severe maltreatment, an awareness that the real incidence of maltreatment is far higher than that officially recorded, and that there is strong evidence showing the majority of identified cases of severe maltreatment are the result of reports by mandated reporters. The second part of this paper discusses the apparent effect of mandatory reporting laws on ‘overreporting’ by referring to Australian government data about reporting patterns and outcomes, with a particular focus on New South Wales. It will be seen that raw descriptive data about report numbers and outcomes appear to show that reporting laws produce both desirable consequences (identification of severe cases) and problematic consequences (increased numbers of unsubstantiated reports). Yet, to explore the extent to which the data supports the overreporting claim, and because numbers of unsubstantiated reports alone cannot demonstrate overreporting, this part of the paper asks further questions of the data. Who makes reports, about which maltreatment types, and what are the outcomes of those reports? What is the nature of these reports; for example, to what extent are multiple numbers of reports made about the same child? What meaning can be attached to an ‘unsubstantiated’ report, and can such reports be used to show flaws in reporting effectiveness and problems in reporting laws? It will be suggested that available evidence from Australia is not sufficiently detailed or strong to demonstrate the overreporting claim. However, it is also apparent that, whether adopting an approach based on public health and or other principles, much better evidence about reporting needs to be collected and analyzed. As well, more nuanced research needs to be conducted to identify what can reasonably be said to constitute ‘overreports’, and efforts must be made to minimize unsatisfactory reporting practice, informed by the relevant jurisdiction’s context and aims. It is also concluded that, depending on the jurisdiction, the available data may provide useful indicators of positive, negative and unanticipated effects of specific components of the laws, and of the strengths, weaknesses and needs of the child protection system.
Resumo:
U-Healthcare means that it provides healthcare services "at anytime and anywhere" using wired, wireless and ubiquitous sensor network technologies. As a main field of U-healthcare, Telehealth has been developed as an enhancement of Telemedicine. This system includes two-way interactive web-video communications, sensor technology, and health informatics. With these components, it will assist patients to receive their first initial diagnosis. Futhermore, Telehealth will help doctors diagnose patient's diseases at early stages and recommend treatments to patients. However, this system has a few limitations such as privacy issues, interruption of real-time service and a wrong ordering from remote diagnosis. To deal with those flaws, security procedures such as authorised access should be applied to as an indispensible component in medical environment. As a consequence, Telehealth system with these protection procedures in clinical services will cope with anticipated vulnerabilities of U-Healthcare services and security issues involved.
Resumo:
-International recognition of need for public health response to child maltreatment -Need for early intervention at health system level -Important role of health professionals in identifying, reporting, documenting suspician of maltreatment -Up to 10% of all children presenting at ED’s are victims and without identification, 35% reinjured and 5% die -In Qld, mandatory reporting requirement for doctors and nurses for suspected abuse or neglect
Resumo:
Information communication and technology (ICT) systems are almost ubiquitous in the modern world. It is hard to identify any industry, or for that matter any part of society, that is not in some way dependent on these systems and their continued secure operation. Therefore the security of information infrastructures, both on an organisational and societal level, is of critical importance. Information security risk assessment is an essential part of ensuring that these systems are appropriately protected and positioned to deal with a rapidly changing threat environment. The complexity of these systems and their inter-dependencies however, introduces a similar complexity to the information security risk assessment task. This complexity suggests that information security risk assessment cannot, optimally, be undertaken manually. Information security risk assessment for individual components of the information infrastructure can be aided by the use of a software tool, a type of simulation, which concentrates on modelling failure rather than normal operational simulation. Avoiding the modelling of the operational system will once again reduce the level of complexity of the assessment task. The use of such a tool provides the opportunity to reuse information in many different ways by developing a repository of relevant information to aid in both risk assessment and management and governance and compliance activities. Widespread use of such a tool allows the opportunity for the risk models developed for individual information infrastructure components to be connected in order to develop a model of information security exposures across the entire information infrastructure. In this thesis conceptual and practical aspects of risk and its underlying epistemology are analysed to produce a model suitable for application to information security risk assessment. Based on this work prototype software has been developed to explore these concepts for information security risk assessment. Initial work has been carried out to investigate the use of this software for information security compliance and governance activities. Finally, an initial concept for extending the use of this approach across an information infrastructure is presented.
