295 resultados para confidentiality
Resumo:
The therapeutic letter has a long history, with roots in psychoanalytic work and continuing application in family therapy. The advent of e-mail has allowed another form for therapeutic written communication which, while incorporating the benefits of therapeutic letters, adds to these. It has also opened up some potential risks. This article incorporates a brief review of the literature covering therapeutic written communication and offers a case example where e-mail was used as an adjunct in face-to-face therapy with a client who experienced attachment difficulties. This therapy was informed by systemic and psychoanalytic traditions. The authors explore a variety of technical matters including the timing and Crafting of e-mail responses, the integration of written communication with face-to-face therapy, impact on the therapeutic relationship and management of crisis. Ethical issues such as confidentiality and duty of care are also considered.
Resumo:
Electronic communications devices intended for government or military applications must be rigorously evaluated to ensure that they maintain data confidentiality. High-grade information security evaluations require a detailed analysis of the device's design, to determine how it achieves necessary security functions. In practice, such evaluations are labour-intensive and costly, so there is a strong incentive to find ways to make the process more efficient. In this paper we show how well-known concepts from graph theory can be applied to a device's design to optimise information security evaluations. In particular, we use end-to-end graph traversals to eliminate components that do not need to be evaluated at all, and minimal cutsets to identify the smallest group of components that needs to be evaluated in depth.
Resumo:
All staff members of a child and adolescent mental health service were invited to participate in a survey about the use of email. Sixty-two of the 105 staff members responded to the survey, a participation rate of 59%. Of the respondents, 32 were allied health staff, 10 were nurses, seven were administrative staff, six were medical staff, three were operational staff and four were acting in a combination of these roles. The respondents reported extensive work-related email usage and considered that they were confident in using email despite low levels of training. However, they did not feel that they understood the legal and ethical issues involved. Furthermore, there was limited incorporation of email into standard record keeping. The majority of respondents thought that increased use of email would lead to a greater workload, a consequence they considered would probably increase over time. Many commented on the quick and practical use of this medium, but were wary about using email with individuals outside the service organization, especially if it were to contain clinical material. There was low use of email directly with clients, and clinicians were ambivalent about incorporating email into therapy. The results suggest that it is timely to consider the utility and appropriateness of email communication with clients and external service providers, and to formulate guidelines and procedures to ensure the confidentiality of client information and the safety of clients and staff.
Resumo:
Objective: The aim of this paper is to examine some of the factors that facilitate and hinder interagency collaboration between child protection services and mental health services in cases where there is a parent with a mental illness and there are protection concerns for the child(ren). The paper reports on agency practices, worker attitudes and experiences, and barriers to effective collaboration. Method: A self-administered, cross-sectional survey was developed and distributed via direct mail or via line supervisors to workers in statutory child protection services, adult mental health services, child and youth mental health services, and Suspected Child Abuse and Neglect (SCAN) Teams. There were 232 completed questionnaires returned, with an overall response rate of 21%. Thirty-eight percent of respondents were statutory child protection workers. 39% were adult mental health workers, 16% were child and youth mental health workers, and 4% were SCAN Team medical officers (with 3% missing data). Results: Analysis revealed that workers were engaging in a moderate amount of interagency contact, but that they were unhappy with the support provided by their agency. Principle components analysis and multivariate analysis of variance (MANOVA) on items assessing attitudes toward other workers identified four factors, which differed in rates of endorsement: inadequate training, positive regard for child protection workers, positive regard for mental health workers, and mutual mistrust (from highest to lowest level of endorsement). The same procedure identified the relative endorsement of five factors extracted from items about potential barriers: inadequate resources, confidentiality, gaps in interagency processes, unrealistic expectations, and professional knowledge domains and boundaries. Conclusions: Mental health and child protection professionals believe that collaborative practice is necessary; however, their efforts are hindered by a lack of supportive structures and practices at the organizational level. (c) 2005 Published by Elsevier Ltd.
Resumo:
Our research described in this paper identifies a three part premise relating to the spyware paradigm. Firstly the data suggests spyware is proliferating at an exponential rate. Secondly ongoing research confirms that spyware produces many security risks – including that of privacy/confidentiality breaches via illicit data collection and reporting. Thirdly, anti-spyware controls are improving but are still considered problematic for several reasons. Our research then concludes that control measures to counter this very significant challenge should merit compliance auditing – and this auditing may effectively target the vital message passing performed by all illicit data collection spyware. Our research then evolves into an experiment involving the design and implementation of a software audit tool to conduct the desired compliance auditing. The software audit tool is positioned at the protected network’s gateway. The software audit tool uses ‘phone-home’ IP addresses as spyware signatures to detect the presence of the offending software. The audit tool also has the capability to differentiate legitimate message passing software from that produced by spyware – and ‘learn’ both new spyware signatures and new legitimate message passing profiles. The testing stage of the software has proven successful – albeit using very limited levels of network message passing variety and frequency.
Resumo:
Security protocols preserve essential properties, such as confidentiality and authentication, of electronically transmitted data. However, such properties cannot be directly expressed or verified in contemporary formal methods. Via a detailed example, we describe the phases needed to formalise and verify the correctness of a security protocol in the state-oriented Z formalism.
Resumo:
Este estudo teve por objetivos, identificar a percepção do padrasto sobre suas relações com seu(s) enteado(s) e identificar a percepção do padrasto acerca da sua função e papel na família. Utilizou-se de uma investigação clínica de referencial psicanalítico que levantou os dados por meio de entrevistas semi-dirigidas e do Desenho de família com estórias, em 3 participantes adultos e que eram padrastos. Os atendimentos foram realizados em ambiente de consultório, respeitando-se questões técnicas e éticas da pesquisa e da Psicologia em especial, tais como sigilo e consentimento dos participantes. A análise do conteúdo mostrou que havia peculiaridades em cada caso estudado, entretanto, havia fatores comuns em seus sentimentos e ações sobre a família e enteados: a) houve uma ambivalência pois tanto se perceberam como homens provedores e orientadores dos filhos e enteados, quanto havia também uma a percepção de que os sentimentos pelo filho biológico eram diferentes daqueles sentidos por seus enteados. b) todos os padrastos revelaram entraves nas relações por uma não definição clara de seu papel e função no contexto familiar, muitas vezes reforçado pelas esposas- mães, tidas como aquelas que detém o poder sobre o filho/enteado e, esta confusão gerava rivalidade entre padrasto e enteado, numa disputa pelo amor da esposa e mãe. c) do ponto de vista psíquico, foi observado que muitos conflitos os remetiam aos períodos precoces do desenvolvimento, especialmente à resolução edipiana, como numa reedição; assim, o exercício da função de padrasto se dá à base da qualidade de suas relações com seus pais na infância tal como se dá no exercício da paternidade consangüínea. De modo que, a função de padrasto, assim como a paterna se dá por um compromisso evolutivo . Sugerem-se outros trabalhos, pois se entendeu que esse tipo de estudo relacionado à Psicologia do desenvolvimento pode auxiliar em ações de saúde e prevenção em saúde mental.
Resumo:
Focal points: Patient views on pharmacists' access to medical records was studied using a self-completion questionnaire in medical practice and two community pharmacies There was some support for pharmacist access to records with a third of the sample being unsure There was a majority support when the purpose was clearly pharmacy related A clear majority was confident of confidentiality in the pharmacy
Resumo:
Purpose: This paper sets out to contribute to the advancement of knowledge, particularly with regard to the processes of implementation and the role of managers engaged in such high commitment strategies and work practices. Design/methodology/approach: This study is part of a research project investigating the extent to which employee involvement predicts job performance (as well as job satisfaction, wellbeing and organisational commitment) in the NHS, using both quantitative and qualitative methods. The main focus of this paper is to present evidence from four of the 20 case studies to show the barriers to implementing employee involvement as well as highlighting the techniques and practices that have proven to be most successful. Findings: Employee involvement is used successfully by management and has enabled frontline staff to contribute their knowledge to their work. Research limitations/implications: The ethical issues of confidentiality and anonymity permeated the research process throughout. Practical implications: The link between "high commitment" strategies and organisational performance is of great interest to academics and practitioners alike. One of these "high commitment" strategies, namely employee involvement, has been an important HR strategy for the NHS in the UK. Originality/value: Other organisations can learn from the findings by implementing the successful parts. © Emerald Group Publishing Limited.
Resumo:
The advent of personal communication systems within the last decade has depended upon the utilization of advanced digital schemes for source and channel coding and for modulation. The inherent digital nature of the communications processing has allowed the convenient incorporation of cryptographic techniques to implement security in these communications systems. There are various security requirements, of both the service provider and the mobile subscriber, which may be provided for in a personal communications system. Such security provisions include the privacy of user data, the authentication of communicating parties, the provision for data integrity, and the provision for both location confidentiality and party anonymity. This thesis is concerned with an investigation of the private-key and public-key cryptographic techniques pertinent to the security requirements of personal communication systems and an analysis of the security provisions of Second-Generation personal communication systems is presented. Particular attention has been paid to the properties of the cryptographic protocols which have been employed in current Second-Generation systems. It has been found that certain security-related protocols implemented in the Second-Generation systems have specific weaknesses. A theoretical evaluation of these protocols has been performed using formal analysis techniques and certain assumptions made during the development of the systems are shown to contribute to the security weaknesses. Various attack scenarios which exploit these protocol weaknesses are presented. The Fiat-Sharmir zero-knowledge cryptosystem is presented as an example of how asymmetric algorithm cryptography may be employed as part of an improved security solution. Various modifications to this cryptosystem have been evaluated and their critical parameters are shown to be capable of being optimized to suit a particular applications. The implementation of such a system using current smart card technology has been evaluated.
Resumo:
The introduction of agent technology raises several security issues that are beyond conventional security mechanisms capability and considerations, but research in protecting the agent from malicious host attack is evolving. This research proposes two approaches to protecting an agent from being attacked by a malicious host. The first approach consists of an obfuscation algorithm that is able to protect the confidentiality of an agent and make it more difficult for a malicious host to spy on the agent. The algorithm uses multiple polynomial functions with multiple random inputs to convert an agent's critical data to a value that is meaningless to the malicious host. The effectiveness of the obfuscation algorithm is enhanced by addition of noise code. The second approach consists of a mechanism that is able to protect the integrity of the agent using state information, recorded during the agent execution process in a remote host environment, to detect a manipulation attack by a malicious host. Both approaches are implemented using a master-slave agent architecture that operates on a distributed migration pattern. Two sets of experimental test were conducted. The first set of experiments measures the migration and migration+computation overheads of the itinerary and distributed migration patterns. The second set of experiments is used to measure the security overhead of the proposed approaches. The protection of the agent is assessed by analysis of its effectiveness under known attacks. Finally, an agent-based application, known as Secure Flight Finder Agent-based System (SecureFAS) is developed, in order to prove the function of the proposed approaches.
Resumo:
This thesis analyses the impact of deregulation on the theory and practice of investment decision making in the electricity sector and appraises the likely effects on its long term future inefficiency. Part I describes the market and its shortcomings in promoting an optimal generation margin and plant mix and in reducing prices through competition. A full size operational model is developed to simulate hour by hour operation of the market and analyse its features. A relationship is established between the SMP and plant mix and between the LOLP and plant margin and it is shown bow a theoretical optimum can be derived when the combined LOLP payments and the capital costs of additional generation reach a minimum. A comparison of prices against an idealised bulk supply tariff is used to show how energy prices have risen some 12% in excess of what might have occurred under the CEGB regime. This part concludes with proposals to improve the marl
Resumo:
Duties owed in banker customer relationships, with reference to Greenwood duty, duty to inform customers of new accounts and services, duty of confidentiality, drawing cheques on insufficient funds and restricting lender's discretion.
Resumo:
This dissertation established a software-hardware integrated design for a multisite data repository in pediatric epilepsy. A total of 16 institutions formed a consortium for this web-based application. This innovative fully operational web application allows users to upload and retrieve information through a unique human-computer graphical interface that is remotely accessible to all users of the consortium. A solution based on a Linux platform with My-SQL and Personal Home Page scripts (PHP) has been selected. Research was conducted to evaluate mechanisms to electronically transfer diverse datasets from different hospitals and collect the clinical data in concert with their related functional magnetic resonance imaging (fMRI). What was unique in the approach considered is that all pertinent clinical information about patients is synthesized with input from clinical experts into 4 different forms, which were: Clinical, fMRI scoring, Image information, and Neuropsychological data entry forms. A first contribution of this dissertation was in proposing an integrated processing platform that was site and scanner independent in order to uniformly process the varied fMRI datasets and to generate comparative brain activation patterns. The data collection from the consortium complied with the IRB requirements and provides all the safeguards for security and confidentiality requirements. An 1-MR1-based software library was used to perform data processing and statistical analysis to obtain the brain activation maps. Lateralization Index (LI) of healthy control (HC) subjects in contrast to localization-related epilepsy (LRE) subjects were evaluated. Over 110 activation maps were generated, and their respective LIs were computed yielding the following groups: (a) strong right lateralization: (HC=0%, LRE=18%), (b) right lateralization: (HC=2%, LRE=10%), (c) bilateral: (HC=20%, LRE=15%), (d) left lateralization: (HC=42%, LRE=26%), e) strong left lateralization: (HC=36%, LRE=31%). Moreover, nonlinear-multidimensional decision functions were used to seek an optimal separation between typical and atypical brain activations on the basis of the demographics as well as the extent and intensity of these brain activations. The intent was not to seek the highest output measures given the inherent overlap of the data, but rather to assess which of the many dimensions were critical in the overall assessment of typical and atypical language activations with the freedom to select any number of dimensions and impose any degree of complexity in the nonlinearity of the decision space.
Resumo:
Protecting confidential information from improper disclosure is a fundamental security goal. While encryption and access control are important tools for ensuring confidentiality, they cannot prevent an authorized system from leaking confidential information to its publicly observable outputs, whether inadvertently or maliciously. Hence, secure information flow aims to provide end-to-end control of information flow. Unfortunately, the traditionally-adopted policy of noninterference, which forbids all improper leakage, is often too restrictive. Theories of quantitative information flow address this issue by quantifying the amount of confidential information leaked by a system, with the goal of showing that it is intuitively "small" enough to be tolerated. Given such a theory, it is crucial to develop automated techniques for calculating the leakage in a system. ^ This dissertation is concerned with program analysis for calculating the maximum leakage, or capacity, of confidential information in the context of deterministic systems and under three proposed entropy measures of information leakage: Shannon entropy leakage, min-entropy leakage, and g-leakage. In this context, it turns out that calculating the maximum leakage of a program reduces to counting the number of possible outputs that it can produce. ^ The new approach introduced in this dissertation is to determine two-bit patterns, the relationships among pairs of bits in the output; for instance we might determine that two bits must be unequal. By counting the number of solutions to the two-bit patterns, we obtain an upper bound on the number of possible outputs. Hence, the maximum leakage can be bounded. We first describe a straightforward computation of the two-bit patterns using an automated prover. We then show a more efficient implementation that uses an implication graph to represent the two- bit patterns. It efficiently constructs the graph through the use of an automated prover, random executions, STP counterexamples, and deductive closure. The effectiveness of our techniques, both in terms of efficiency and accuracy, is shown through a number of case studies found in recent literature. ^
