Security and Privacy Challenges for Healthcare
Permanent URI for this collection
1 - 4 of 4
ItemUsing Design Science Research to Develop a Secure Social Platform for Complementary and Alternative Medicine( 2022-01-04)Complementary and alternative medicine (CAM) practices are being used by a growing number of individuals. However, many patients do not disclose this information to their physicians, which can lead to ineffective or even harmful treatment. Social platforms and mobile applications are an efficient approach to bridge this communication gap between patients, CAM practitioners, and western medicine physicians. We utilize a design science approach to design, build, and evaluate a secure CAM social platform. We demonstrate the utility and value of the tool using a Systems Usability Scale and data from Google Analytics. The current study identifies gaps in patient-physician communication related to CAM disclosure and provides an empirically validated and secure tool to improve the process. Further, it demonstrates how a social platform can organize more efficiently the efforts related to successful CAM communication. The study also identifies best practices in designing and developing mechanisms for patient engagement and empowerment.
ItemThe Double-Edged Sword of Health Data Breaches: A Comparison of Customer and Stock Price Perspectives on the Impact of Data Breaches of Response Strategies( 2022-01-04)Unauthorized access to personal health data, known as data breaches, causes multi-faceted adverse effects and damage. Companies are trying to counteract the impact on customer relationships through recovery strategies such as compensation. On the other hand, there is also a negative effect on the company's stock price. Here, the literature suggests an opposite effect of response strategies, but this has not been explored further until recently. Our study takes both perspectives into account and examines the impact of data breaches on the market valuation in the health sector through an event study. Our results show a controversial relationship: If companies offered compensation to their customers in response to a data breach, this had a negative effect on the company's stock price. Our paper discusses this finding and derives practical implications and lessons learned for response strategies in the case of recent data breaches in the health sector.
ItemClassifying Cyber-Risky Clinical Notes by Employing Natural Language Processing( 2022-01-04)Clinical notes, which can be embedded into electronic medical records, document patient care delivery and summarize interactions between healthcare providers and patients. These clinical notes directly inform patient care and can also indirectly inform research and quality/safety metrics, among other indirect metrics. Recently, some states within the United States of America require patients to have open access to their clinical notes to improve the exchange of patient information for patient care. Thus, developing methods to assess the cyber risks of clinical notes before sharing and exchanging data is critical. While existing natural language processing techniques are geared to de-identify clinical notes, to the best of our knowledge, few have focused on classifying sensitive-information risk, which is a fundamental step toward developing effective, widespread protection of patient health information. To bridge this gap, this research investigates methods for identifying security/privacy risks within clinical notes. The classification either can be used upstream to identify areas within notes that likely contain sensitive information or downstream to improve the identification of clinical notes that have not been entirely de-identified. We develop several models using unigram and word2vec features with different classifiers to categorize sentence risk. Experiments on i2b2 de-identification dataset show that the SVM classifier using word2vec features obtained a maximum F1-score of 0.792. Future research involves articulation and differentiation of risk in terms of different global regulatory requirements.