CoVnita, an end-to-end privacy-preserving framework for SARS-CoV-2 classification.

Classification of viral strains is essential in monitoring and managing the COVID-19 pandemic, but patient privacy and data security concerns often limit the extent of the open sharing of full viral genome sequencing data. We propose a framework called CoVnita, that supports private training of a classification model and secure inference with the same model. Using genomic sequences from eight common SARS-CoV-2 strains, we simulated scenarios where the data was distributed across multiple data providers. Our framework produces a private federated model, over 8 parties, with a classification AUROC of 0.99, given a privacy budget of [Formula: see text]. The roundtrip time, from encryption to decryption, took a total of 0.298 s, with an amortized time of 74.5 ms per sample.

Cyberthreats: A primer for healthcare professionals.

INTRODUCTION: Cyberattacks are one of the most widespread, damaging, and disruptive forms of action against healthcare entities. Data breaches, ransomware attacks, and other intrusions can lead to significant cost both in monetary and personal harm to those affected and may result in large payouts to cyber criminals, crashes of information technology systems, leaks of protected health and personal information, as well as fines and lawsuits. This study is a descriptive analysis of healthcare-related cyber breaches affecting 500 or more individuals in the past decade in the United States. METHODS: The publicly available U.S. breach report database was downloaded in the Microsoft Excel (Microsoft, Redmond, Washington, USA) format and searched for all reported breaches occurring between January 1, 2011 - December 31, 2021 (10 years). Breaches were subdivided by category and analyzed by states, breach submission dates, types of breach, location of breached information, entity type, and individuals affected. All subcategories were predefined by the breach report. RESULTS: There were a total of 3822 PHI breaches that affected 283,335,803 people in the United States from January 1, 2011 to December 31, 2021. Of the 3822 PHI breaches, 1593 (41.7%) were hacking/ IT related, 1055 (27.6%) were listed as unknown, 819 (21.4%) were theft related, 194 (5.1%) were loss related, 97 (2.5%) were related to improper disposal and 64 (1.7%) were listed as "others". Year 2020 saw the most breaches with 631 and California was the state with the highest number of breaches at 403. CONCLUSION: Cyberattacks and healthcare breaches are one of the most costly and disruptive situations facing healthcare today. A total of 3822 breaches affecting 283,335,803 people in the United States were recorded from January 1, 2011 to December 31, 2021. By understanding the extent of cyberthreats this will better prepare healthcare organizations and providers to mitigate, respond, and recover from these devastating attacks.

Implementation of Blockchain Technology Could Increase Equity and Transparency in Organ Transplantation: A Narrative Review of an Emergent Tool.

In the last few years, innovative technology and health care digitalization played a major role in all medical fields and a great effort worldwide to manage this large amount of data, in terms of security and digital privacy has been made by different national health systems. Blockchain technology, a peer-to-peer distributed database without centralized authority, initially applied to Bitcoin protocol, soon gained popularity, thanks to its distributed immutable nature in several non-medical fields. Therefore, the aim of the present review (PROSPERO N° CRD42022316661) is to establish a putative future role of blockchain and distribution ledger technology (DLT) in the organ transplantation field and its role to overcome inequalities. Preoperative assessment of the deceased donor, supranational crossover programs with the international waitlist databases, and reduction of black-market donations and counterfeit drugs are some of the possible applications of DLT, thanks to its distributed, efficient, secure, trackable, and immutable nature to reduce inequalities and discrimination.

Information Security Threats and Working from Home Culture: Taxonomy, Risk Assessment and Solutions.

During the COVID-19 pandemic, most organizations were forced to implement a work-from-home policy, and in many cases, employees have not been expected to return to the office on a full-time basis. This sudden shift in the work culture was accompanied by an increase in the number of information security-related threats which organizations were unprepared for. The ability to effectively address these threats relies on a comprehensive threat analysis and risk assessment and the creation of relevant asset and threat taxonomies for the new work-from-home culture. In response to this need, we built the required taxonomies and performed a thorough analysis of the threats associated with this new work culture. In this paper, we present our taxonomies and the results of our analysis. We also examine the impact of each threat, indicate when it is expected to occur, describe the various prevention methods available commercially or proposed in academic research, and present specific use cases.

Managing Security of Healthcare Data for a Modern Healthcare System.

The advent of Artificial Intelligence (AI) and the Internet of Things (IoT) have recently created previously unimaginable opportunities for boosting clinical and patient services, reducing costs and improving community health. Yet, a fundamental challenge that the modern healthcare management system faces is storing and securely transferring data. Therefore, this research proposes a novel Lionized remora optimization-based serpent (LRO-S) encryption method to encrypt sensitive data and reduce privacy breaches and cyber-attacks from unauthorized users and hackers. The LRO-S method is the combination of hybrid metaheuristic optimization and improved security algorithm. The fitness functions of lion and remora are combined to create a new algorithm for security key generation, which is provided to the serpent encryption algorithm. The LRO-S technique encrypts sensitive patient data before storing it in the cloud. The primary goal of this study is to improve the safety and adaptability of medical professionals' access to cloud-based patient-sensitive data more securely. The experiment's findings suggest that the secret keys generated are sufficiently random and one of a kind to provide adequate protection for the data stored in modern healthcare management systems. The proposed method minimizes the time needed to encrypt and decrypt data and improves privacy standards. This study found that the suggested technique outperformed previous techniques in terms of reducing execution time and is cost-effective.

Analyzing the Prospects of Blockchain in Healthcare Industry.

Deployment of secured healthcare information is a major challenge in a web-based environment. eHealth services are subjected to same security threats as other services. The purpose of blockchain is to provide a structure and security to the organization data. Healthcare data deals with confidential information. The medical records can be well organized and empower their propagation in a secured manner through the usage of blockchain technology. The study throws light on providing security of health services through blockchain technology. The authors have analyzed the various aspects of role of blockchain in healthcare through an extensive literature review. The application of blockchain in COVID-19 has also been analyzed and discussed in the study. Further application of blockchain in Indian healthcare has been highlighted in the paper. The study provides suggestions for strengthening the healthcare system by blending machine learning, artificial intelligence, big data, and IoT with blockchain.

A Blockchain-Based End-to-End Data Protection Model for Personal Health Records Sharing: A Fully Homomorphic Encryption Approach.

Personal health records (PHR) represent health data managed by a specific individual. Traditional solutions rely on centralized architectures to store and distribute PHR, which are more vulnerable to security breaches. To address such problems, distributed network technologies, including blockchain and distributed hash tables (DHT) are used for processing, storing, and sharing health records. Furthermore, fully homomorphic encryption (FHE) is a set of techniques that allows the calculation of encrypted data, which can help to protect personal privacy in data sharing. In this context, we propose an architectural model that applies a DHT technique called the interplanetary protocol file system and blockchain networks to store and distribute data and metadata separately; two new elements, called data steward and shared data vault, are introduced in this regard. These new modules are responsible for segregating responsibilities from health institutions and promoting end-to-end encryption; therefore, a person can manage data encryption and requests for data sharing in addition to restricting access to data for a predefined period. In addition to supporting calculations on encrypted data, our contribution can be summarized as follows: (i) mitigation of risk to personal privacy by reducing the use of unencrypted data, and (ii) improvement of semantic interoperability among health institutions by using distributed networks for standardized PHR. We evaluated performance and storage occupation using a database with 1.3 million COVID-19 registries, which showed that combining FHE with distributed networks could redefine e-health paradigms.

Reflection and Foresight on Personal Information Protection and Optimization in Public Health Emergencies in China-From the Perspective of Personal Information Collection during the Period of China's Dynamic-Zero COVID-19 Prevention and Control Policy.

Public health emergencies threaten the overall public health security of the country. Based on the need to control the ways of infection, the collection and processing of personal information by the government have become an important part of epidemic prevention and control. However, personal information related to the epidemic is highly sensitive, which contains other personal information and even private information in addition to information on personal health. In the early days of China's response to the public health emergency of COVID-19, a great deal of non-desensitized information was transmitted in an unaccredited manner. With the implementation of epidemic prevention and control measures, the collection and processing of personal information in China have gradually transited from the initial disorder and chaos to the current orderly, legal, and effective situation, continuously optimizing the processing paths of personal information. Serious summary and reflection on the optimization path of China's epidemic-related information collection and processing methods by looking for a border at which the way and scope of personal information disclosure in future major public health emergencies are compatible with its purpose and role may help to improve the development of China's personal information protection legal system from a long-term perspective.

It takes a pirate to know one: ethical hackers for healthcare cybersecurity.

Healthcare cybersecurity is increasingly targeted by malicious hackers. This sector has many vulnerabilities and health data is very sensitive and valuable. Consequently, any damage caused by malicious intrusions is particularly alarming. The consequences of these attacks can be enormous and endanger patient care. Amongst the already-implemented cybersecurity measures and the ones that need to be further improved, this paper aims to demonstrate how penetration tests can greatly benefit healthcare cybersecurity. It is already proven that this approach has enforced cybersecurity in other sectors. However, it is not popular in healthcare since many prejudices still surround the hacking practice and there is a lack of education on hackers' categories and their ethics. The present analysis aims to comprehend what hacker ethics is and who ethical hackers are. Currently, hacker ethics has the status of personal ethics; however, to employ penetration testers in healthcare, it is recommended to draft an official code of ethics, comprising principles, standards, expectations, and best practices. Additionally, it is important to distinguish between malicious hackers and ethical hackers. Amongst the latter, penetration testers are only a sub-category. Acknowledging the subtle differences between ethical hackers and penetration testers allows to better understand why and how the latter can offer their services to healthcare facilities.

Transforming Health Data to Actionable Information: Recent Progress and Future Opportunities in Health Information Exchange.

OBJECTIVES: Provide a systematic review of literature pertaining to health information exchange (HIE) since 2018. Summarize HIE-associated literature for most frequently occurring topics, as well as within the context of the COVID-19 pandemic and health equity. Finally, provide recommendations for how HIE can advance the vision of a digital healthcare ecosystem. METHODS: A computer program was developed to mediate a literature search of primary literature indexed in MEDLINE that was: (1) indexed with "Health Information Exchange" MeSH descriptor as a major topic; and (2) published between January 2018 and December 2021. Frequency of MeSH descriptors was then used to identify and to rank topics associated with the retrieved literature. COVID-19 literature was identified using the general COVID-19 PubMed Clinical Query filter. Health equity literature was identified using additional MeSH descriptor-based searches. The retrieved literature was then reviewed and summarized. RESULTS: A total of 256 articles were retrieved and reviewed for this survey. The major thematic areas summarized were: (1) Information Dissemination; (2) Delivery of Health Care; (3) Hospitals; (4) Hospital Emergency Service; (5) COVID-19; (6) Health Disparities; and (7) Computer Security and Confidentiality. A common theme across all areas examined for this survey was the maturity of HIE to support data-driven healthcare delivery. Recommendations were developed based on opportunities identified across the reviewed literature. CONCLUSIONS: HIE is an essential advance in next generation healthcare delivery. The review of the recent literature (2018-2021) indicates that successful HIE improves healthcare delivery, often resulting in improved health outcomes. There remain major opportunities for expanded use of HIE, including the active engagement of clinical and patient stakeholders. The maturity of HIE reflects the maturity of the biomedical informatics and health data science fields.

COVID-19 Vehicle Based on an Efficient Mutual Authentication Scheme for 5G-Enabled Vehicular Fog Computing.

The COVID-19 pandemic is currently having disastrous effects on every part of human life everywhere in the world. There have been terrible losses for the entire human race in all nations and areas. It is crucial to take good precautions and prevent COVID-19 because of its high infectiousness and fatality rate. One of the key spreading routes has been identified to be transportation systems. Therefore, improving infection tracking and healthcare monitoring for high-mobility transportation systems is impractical for pandemic control. In order to enhance driving enjoyment and road safety, 5G-enabled vehicular fog computing may gather and interpret pertinent vehicle data, which open the door to non-contact autonomous healthcare monitoring. Due to the urgent need to contain the automotive pandemic, this paper proposes a COVID-19 vehicle based on an efficient mutual authentication scheme for 5G-enabled vehicular fog computing. The proposed scheme consists of two different aspects of the special flag, SF = 0 and SF = 1, denoting normal and COVID-19 vehicles, respectively. The proposed scheme satisfies privacy and security requirements as well as achieves COVID-19 and healthcare solutions. Finally, the performance evaluation section shows that the proposed scheme is more efficient in terms of communication and computation costs as compared to most recent related works.

Cybersecurity Awareness and Training (CAT) Framework for Remote Working Employees.

Currently, cybersecurity plays an essential role in computing and information technology due to its direct effect on organizations' critical assets and information. Cybersecurity is applied using integrity, availability, and confidentiality to protect organizational assets and information from various malicious attacks and vulnerabilities. The COVID-19 pandemic has generated different cybersecurity issues and challenges for businesses as employees have become accustomed to working from home. Firms are speeding up their digital transformation, making cybersecurity the current main concern. For software and hardware systems protection, organizations tend to spend an excessive amount of money procuring intrusion detection systems, antivirus software, antispyware software, and encryption mechanisms. However, these solutions are not enough, and organizations continue to suffer security risks due to the escalating list of security vulnerabilities during the COVID-19 pandemic. There is a thriving need to provide a cybersecurity awareness and training framework for remote working employees. The main objective of this research is to propose a CAT framework for cybersecurity awareness and training that will help organizations to evaluate and measure their employees' capability in the cybersecurity domain. The proposed CAT framework will assist different organizations in effectively and efficiently managing security-related issues and challenges to protect their assets and critical information. The developed CAT framework consists of three key levels and twenty-five core practices. Case studies are conducted to evaluate the usefulness of the CAT framework in cybersecurity-based organizational settings in a real-world environment. The case studies' results showed that the proposed CAT framework can identify employees' capability levels and help train them to effectively overcome the cybersecurity issues and challenges faced by the organizations.

Consortium Framework Using Blockchain for Asthma Healthcare in Pandemics.

Asthma is a deadly disease that affects the lungs and air supply of the human body. Coronavirus and its variants also affect the airways of the lungs. Asthma patients approach hospitals mostly in a critical condition and require emergency treatment, which creates a burden on health institutions during pandemics. The similar symptoms of asthma and coronavirus create confusion for health workers during patient handling and treatment of disease. The unavailability of patient history to physicians causes complications in proper diagnostics and treatments. Many asthma patient deaths have been reported especially during pandemics, which necessitates an efficient framework for asthma patients. In this article, we have proposed a blockchain consortium healthcare framework for asthma patients. The proposed framework helps in managing asthma healthcare units, coronavirus patient records and vaccination centers, insurance companies, and government agencies, which are connected through the secure blockchain network. The proposed framework increases data security and scalability as it stores encrypted patient data on the Interplanetary File System (IPFS) and keeps data hash values on the blockchain. The patient data are traceable and accessible to physicians and stakeholders, which helps in accurate diagnostics, timely treatment, and the management of patients. The smart contract ensures the execution of all business rules. The patient profile generation mechanism is also discussed. The experiment results revealed that the proposed framework has better transaction throughput, query delay, and security than existing solutions.

Healthcare Breaches During COVID-19: The Effect of the Healthcare Entity Type on the Number of Impacted Individuals.

The COVID-19 pandemic led to an increase in cybersecurity attacks on organizations operating in the healthcare industry. Health information professionals and health executives are unable to limit the impact of data breaches on records their organizations handle. While current research focuses on prevention strategies and the understanding of the causes of data breaches, it failed to address how to mitigate the impact of successful cybersecurity attacks. This quantitative research paper examined the effect the healthcare entity type has on the number of impacted individuals for healthcare data breaches that occurred during the pandemic. Health information professionals will be able to mitigate the number of breached records based on their organizational type. Some of this paper's findings include the call for implementation of organizational frameworks aimed to protect patient information, and the call for further research to understand how other factors might affect the impact of healthcare data breaches.

Cybersecurity Challenges in Healthcare.

Cyber security attacks evidence has shown that many sectors and industries are still at an insufficient level of readiness to counter these threats, including healthcare organizations and the entire healthcare industry. The COVID-19 pandemic has additionally launched the issue of cyber protection of healthcare systems and connected medical and other devices as well as modern IT components, which are often the entry point for attackers against healthcare organizations. With the aim of a systematic approach to cyber security in healthcare organizations, this article comprehensively presents cyber risks and possible consequences of attacks in the context of healthcare organization services, as well as identifies the five most important cyber security challenges and provides recommendations for establishing protection mechanisms in line with best practices.

Blockchain Framework for Secure COVID-19 Pandemic Data Handling and Protection.

COVID-19 pandemic caused global epidemic infections, which is one of the most severe infections in human medical history. In the absence of proper medications and vaccines, handling the pandemic has been challenging for governments and major health facilities. Additionally, tracing COVID-19 cases and handling data generated from the pandemic are also extremely challenging. Data privacy access and collection are also a challenge when handling COVID-19 data. Blockchain technology provides various features such as decentralization, anonymity, cryptographic security, smart contracts, and a distributed framework that allows users and entities to handle COVID-19 data better. Since the outbreak has made the moral crisis in the clinical and administrative centers worse than any other that has resulted in the decline in the supply of the exact information, however, it is vital to provide fast and accurate insight into the situation. As a result of all these concerns, this study emphasizes the need for COVID-19 data processing to acquire aspects such as data security, data integrity, real-time data handling, and data management to provide patients with all benefits from which they had been denied owing to misinformation. Hence, the management of COVID-19 data through the use of the blockchain framework is crucial. Therefore, this paper illustrates how blockchain technology can be implemented in the COVID-19 data handling process. The paper also proposes a framework with three main layers: data collection layer; data access and privacy layer; and data storage layer.