ABSTRACT
BACKGROUND: Graded diagnosis and treatment, referral, and expert consultations between medical institutions all require cross domain access to patient medical information to support doctors' treatment decisions, leading to an increase in cross domain access among various medical institutions within the medical consortium. However, patient medical information is sensitive and private, and it is essential to control doctors' cross domain access to reduce the risk of leakage. Access control is a continuous and long-term process, and it first requires verification of the legitimacy of user identities, while utilizing control policies for selection and management. After verifying user identity and access permissions, it is also necessary to monitor unauthorized operations. Therefore, the content of access control includes authentication, implementation of control policies, and security auditing. Unlike the existing focus on authentication and control strategy implementation in access control, this article focuses on the control based on access log security auditing for doctors who have obtained authorization to access medical resources. This paper designs a blockchain based doctor intelligent cross domain access log recording system, which is used to record, query and analyze the cross domain access behavior of doctors after authorization. Through DBSCAN clustering analysis of doctors' cross domain access logs, we find the abnormal phenomenon of cross domain access, and build a penalty function to dynamically control doctors' cross domain access process, so as to reduce the risk of Data breach. Finally, through comparative analysis and experiments, it is shown that the proposed cross domain access control model for medical consortia based on DBSCAN and penalty function has good control effect on the cross domain access behavior of doctors in various medical institutions of the medical consortia, and has certain feasibility for the cross domain access control of doctors.
Subject(s)
Computer Security , Humans , Computer Security/standards , BlockchainABSTRACT
This Medical News story discusses the rise in ransomware cyberattacks on health care, as well as new cybersecurity initiatives.
Subject(s)
Computer Security , Delivery of Health Care , Health Information Systems , Humans , Delivery of Health Care/organization & administration , Delivery of Health Care/standards , United States , Computer Security/standards , Health Information Systems/organization & administration , Health Information Systems/standards , Personally Identifiable InformationABSTRACT
Artificial intelligence (AI) is a rapidly advancing technology in our society. The emergency radiology is an area facing an increase of the number of imaging studies and associated to the necessity to promptly deliver an accurate interpretation. The integration of AI algorithms to assist the clinician in providing analyses of the imaging studies while maintaining adequate diagnostic quality opens up new perspectives. There are numerous potential advantages of the implementation of AI in emergency radiology. However, the use of AI faces new challenges, as the algorithms reliability, data security, responsibility issues, and financial, human and material resources.
L'intelligence artificielle (IA) est une technologie en plein développement dans notre société. Le domaine médical, en particulier la radiologie aux urgences, semble offrir un champ d'application intéressant, en raison du nombre croissant d'examens radiologiques et de la nécessité pour le clinicien d'obtenir une interprétation rapide et précise. Les bénéfices potentiels de l'IA sont nombreux, notamment sa capacité à fournir une aide diagnostique pertinente et fiable. Cependant, son utilisation soulève également des préoccupations, telles que la fiabilité des algorithmes, la sécurité des données, les enjeux de responsabilité ou encore les ressources financières, humaines et matérielles.
Subject(s)
Artificial Intelligence , Radiology , Artificial Intelligence/trends , Humans , Radiology/methods , Radiology/organization & administration , Radiology/standards , Algorithms , Reproducibility of Results , Computer Security/standardsABSTRACT
INTRODUCTION AND PURPOSE: We present the needs, design, development, implementation, and accessibility of a crafted experimental PACS (ePACS) system to securely store images, ensuring efficiency and ease of use for AI processing, specifically tailored for research scenarios, including phantoms, animal and human studies and quality assurance (QA) exams. The ePACS system plays a crucial role in any medical imaging departments that handle non-care profile studies, such as protocol adjustments and dummy runs. By effectively segregating non-care profile studies from the healthcare assistance, the ePACS usefully prevents errors both in clinical practice and storage security. METHODS AND RESULTS: The developed ePACS system considers the best practices for management, maintenance, access, long-term storage and backups, regulatory audits, and economic aspects. Moreover, key aspects of the ePACS system include the design of data flows with a focus on incorporating data security and privacy, access control and levels based on user profiles, internal data management policies, standardized architecture, infrastructure and application monitorization and traceability, and periodic backup policies. A new tool called DicomStudiesQA has been developed to standardize the analysis of DICOM studies. The tool automatically identifies, extracts, and renames series using a consistent nomenclature. It also detects corrupted images and merges separated dynamic series that were initially split, allowing for streamlined post-processing. DISCUSSION AND CONCLUSIONS: The developed ePACS system encompasses a successful implementation, both in hospital and research environments, showcasing its transformative nature and the challenging yet crucial transfer of knowledge to industry. This underscores the practicality and real-world applicability of our innovative approach, highlighting the significant impact it has on the field of experimental radiology.
Subject(s)
Computer Security , Radiology Information Systems , Computer Security/standards , Humans , Radiology Information Systems/standards , Artificial Intelligence , Information Storage and Retrieval/standards , Animals , Diagnostic Imaging/standardsABSTRACT
Many state-of-the-art results in natural language processing (NLP) rely on large pre-trained language models (PLMs). These models consist of large amounts of parameters that are tuned using vast amounts of training data. These factors cause the models to memorize parts of their training data, making them vulnerable to various privacy attacks. This is cause for concern, especially when these models are applied in the clinical domain, where data are very sensitive. Training data pseudonymization is a privacy-preserving technique that aims to mitigate these problems. This technique automatically identifies and replaces sensitive entities with realistic but non-sensitive surrogates. Pseudonymization has yielded promising results in previous studies. However, no previous study has applied pseudonymization to both the pre-training data of PLMs and the fine-tuning data used to solve clinical NLP tasks. This study evaluates the effects on the predictive performance of end-to-end pseudonymization of Swedish clinical BERT models fine-tuned for five clinical NLP tasks. A large number of statistical tests are performed, revealing minimal harm to performance when using pseudonymized fine-tuning data. The results also find no deterioration from end-to-end pseudonymization of pre-training and fine-tuning data. These results demonstrate that pseudonymizing training data to reduce privacy risks can be done without harming data utility for training PLMs.
Subject(s)
Natural Language Processing , Humans , Privacy , Sweden , Anonyms and Pseudonyms , Computer Security/standards , Confidentiality/standards , Electronic Health Records/standardsABSTRACT
BACKGROUND: Hospital apps are increasingly being adopted in many countries, especially since the start of the COVID-19 pandemic. Web-based hospitals can provide valuable medical services and enhanced accessibility. However, increasing concerns about personal information (PI) and strict legal compliance requirements necessitate privacy assessments for these platforms. Guided by the theory of contextual integrity, this study investigates the regulatory compliance of privacy policies for internet hospital apps in the mainland of China. OBJECTIVE: In this paper, we aim to evaluate the regulatory compliance of privacy policies of internet hospital apps in the mainland of China and offer recommendations for improvement. METHODS: We obtained 59 internet hospital apps on November 7, 2023, and reviewed 52 privacy policies available between November 8 and 23, 2023. We developed a 3-level indicator scale based on the information processing activities, as stipulated in relevant regulations. The scale comprised 7 level-1 indicators, 26 level-2 indicators, and 70 level-3 indicators. RESULTS: The mean compliance score of the 52 assessed apps was 73/100 (SD 22.4%), revealing a varied spectrum of compliance. Sensitive PI protection compliance (mean 73.9%, SD 24.2%) lagged behind general PI protection (mean 90.4%, SD 14.7%), with only 12 apps requiring separate consent for processing sensitive PI (mean 73.9%, SD 24.2%). Although most apps (n=41, 79%) committed to supervising subcontractors, only a quarter (n=13, 25%) required users' explicit consent for subcontracting activities. Concerning PI storage security (mean 71.2%, SD 29.3%) and incident management (mean 71.8%, SD 36.6%), half of the assessed apps (n=27, 52%) committed to bear corresponding legal responsibility, whereas fewer than half (n=24, 46%) specified the security level obtained. Most privacy policies stated the PI retention period (n=40, 77%) and instances of PI deletion or anonymization (n=41, 79%), but fewer (n=20, 38.5%) committed to prompt third-party PI deletion. Most apps delineated various individual rights, but only a fraction addressed the rights to obtain copies (n=22, 42%) or to refuse advertisement based on automated decision-making (n=13, 25%). Significant deficiencies remained in regular compliance audits (mean 11.5%, SD 37.8%), impact assessments (mean 13.5%, SD 15.2%), and PI officer disclosure (mean 48.1%, SD 49.3%). CONCLUSIONS: Our analysis revealed both strengths and significant shortcomings in the compliance of internet hospital apps' privacy policies with relevant regulations. As China continues to implement internet hospital apps, it should ensure the informed consent of users for PI processing activities, enhance compliance levels of relevant privacy policies, and fortify PI protection enforcement across the information processing stages.
Subject(s)
Mobile Applications , China , Humans , Mobile Applications/standards , Mobile Applications/statistics & numerical data , Mobile Applications/legislation & jurisprudence , Computer Security/standards , Computer Security/legislation & jurisprudence , COVID-19/prevention & control , COVID-19/epidemiology , Confidentiality/standards , Confidentiality/legislation & jurisprudence , Internet , Pandemics/prevention & controlABSTRACT
Increasing numbers of healthcare data breaches highlight the need for structured organisational responses to protect patients, trainees and psychiatrists against identity theft and blackmail. Evidence-based guidance that is informed by the COVID-19 pandemic response includes: timely and reliable information tailored to users' safety, encouragement to take protective action, and access to practical and psychological support. For healthcare organisations which have suffered a data breach, insurance essentially improves access to funded cyber security responses, risk communication and public relations. Patients, trainees and psychiatrists need specific advice on protective measures. Healthcare data security legislative reform is urgently needed.
Subject(s)
COVID-19 , Computer Security , Health Personnel , Mental Health Services , Humans , COVID-19/prevention & control , Computer Security/standards , Mental Health Services/standards , Mental Health Services/organization & administration , Communication , Confidentiality/standards , SARS-CoV-2ABSTRACT
BACKGROUND: Artificial intelligence (AI) has become a pivotal tool in advancing contemporary personalised medicine, with the goal of tailoring treatments to individual patient conditions. This has heightened the demand for access to diverse data from clinical practice and daily life for research, posing challenges due to the sensitive nature of medical information, including genetics and health conditions. Regulations like the Health Insurance Portability and Accountability Act (HIPAA) in the U.S. and the General Data Protection Regulation (GDPR) in Europe aim to strike a balance between data security, privacy, and the imperative for access. RESULTS: We present the Gemelli Generator - Real World Data (GEN-RWD) Sandbox, a modular multi-agent platform designed for distributed analytics in healthcare. Its primary objective is to empower external researchers to leverage hospital data while upholding privacy and ownership, obviating the need for direct data sharing. Docker compatibility adds an extra layer of flexibility, and scalability is assured through modular design, facilitating combinations of Proxy and Processor modules with various graphical interfaces. Security and reliability are reinforced through components like Identity and Access Management (IAM) agent, and a Blockchain-based notarisation module. Certification processes verify the identities of information senders and receivers. CONCLUSIONS: The GEN-RWD Sandbox architecture achieves a good level of usability while ensuring a blend of flexibility, scalability, and security. Featuring a user-friendly graphical interface catering to diverse technical expertise, its external accessibility enables personnel outside the hospital to use the platform. Overall, the GEN-RWD Sandbox emerges as a comprehensive solution for healthcare distributed analytics, maintaining a delicate equilibrium between accessibility, scalability, and security.
Subject(s)
Computer Security , Confidentiality , Humans , Computer Security/standards , Confidentiality/standards , Artificial Intelligence , HospitalsABSTRACT
AIM: Nurses play a crucial role within medical institutions, maintaining direct interaction with patient data. Despite this, there is a scarcity of tools for evaluating nurses' perspectives on patient information security. This study aimed to translate the Information Security Attitude Questionnaire into Chinese and validate its reliability and validity among clinical nurses. DESIGN: A cross-sectional design. METHODS: A total of 728 clinical nurses from three hospitals in China participated in this study. The Information Security Attitude Questionnaire (ISA-Q) was translated into Chinese utilizing the Brislin two-way translation method. The reliability was assessed through internal consistency coefficient and test-retest reliability. The validity was determined through the Delphi expert consultation method and factor analysis. RESULTS: The Chinese version of ISA-Q consists of 30 items. Cronbach's α coefficient of the questionnaire was 0.930, and Cronbach's α coefficient of the six dimensions ranged from 0.781 to 0.938. The split-half reliability and test-retest reliability were 0.797 and 0.848, respectively. The content validity index (S-CVI) was 0.962. Exploratory factor analysis revealed a 6-factor structure supported by eigenvalues, total variance interpretation, and scree plots, accounting for a cumulative variance contribution rate of 69.436%. Confirmatory factor analysis further validated the 6-factor structure, demonstrating an appropriate model fit. CONCLUSION: The robust reliability and validity exhibited by the Chinese version of ISA-Q establish it as a dependable tool for evaluating the information security attitudes of clinical nurses. IMPLICATIONS FOR NURSING PRACTICE: The Chinese iteration of the ISA-Q questionnaire offers a profound insight into the information security attitudes held by clinical nurses. This understanding serves as a foundation for nursing managers to develop targeted intervention strategies aimed at fortifying nurses' information security attitudes, thereby enhancing patient safety.
Subject(s)
Attitude of Health Personnel , Psychometrics , Humans , Surveys and Questionnaires/standards , Reproducibility of Results , China , Cross-Sectional Studies , Female , Adult , Male , Psychometrics/instrumentation , Psychometrics/standards , Psychometrics/methods , Nurses/psychology , Nurses/statistics & numerical data , Computer Security/standards , Translating , Middle Aged , Factor Analysis, StatisticalABSTRACT
BACKGROUND: The increased application of Internet of Things (IoT) in healthcare, has fueled concerns regarding the security and privacy of patient data. Lightweight Cryptography (LWC) algorithms can be seen as a potential solution to address this concern. Due to the high variation of LWC, the primary objective of this study was to identify a suitable yet effective algorithm for securing sensitive patient information on IoT devices. METHODS: This study evaluates the performance of eight LWC algorithms-AES, PRESENT, MSEA, LEA, XTEA, SIMON, PRINCE, and RECTANGLE-using machine learning models. Experiments were conducted on a Raspberry Pi 3 microcontroller using 16 KB to 2048 KB files. Machine learning models were trained and tested for each LWC algorithm and their performance was evaluated based using precision, recall, F1-score, and accuracy metrics. RESULTS: The study analyzed the encryption/decryption execution time, energy consumption, memory usage, and throughput of eight LWC algorithms. The RECTANGLE algorithm was identified as the most suitable and efficient LWC algorithm for IoT in healthcare due to its speed, efficiency, simplicity, and flexibility. CONCLUSIONS: This research addresses security and privacy concerns in IoT healthcare and identifies key performance factors of LWC algorithms utilizing the SLR research methodology. Furthermore, the study provides insights into the optimal choice of LWC algorithm for enhancing privacy and security in IoT healthcare environments.
Subject(s)
Computer Security , Internet of Things , Machine Learning , Humans , Computer Security/standards , Algorithms , Confidentiality/standardsABSTRACT
The Australian healthcare sector is a complex mix of government departments, associations, providers, professionals, and consumers. Cybersecurity attacks, which have recently increased, challenge the sector in many ways; however, the best approaches for the sector to manage the threat are unclear. This study will report on a semi-structured focus group conducted with five representatives from the Australian healthcare and computer security sectors. An analysis of this focus group transcript yielded four themes: 1) the challenge of securing the Australian healthcare landscape; 2) the financial challenges of cybersecurity in healthcare; 3) balancing privacy and transparency; 4) education and regulation. The results indicate the need for sector-specific tools to empower the healthcare sector to mitigate cybersecurity threats, most notably using a self-evaluation tool so stakeholders can proactively prepare for incidents. Despite the vast amount of research into cybersecurity, little has been conducted on proactive cybersecurity approaches where security weaknesses are identified weaknesses before they occur.
Subject(s)
Computer Security , Computer Security/standards , Humans , Australia , Focus Groups , Delivery of Health Care/standards , Confidentiality/standardsABSTRACT
Patient privacy is essential and so is ensuring confidentiality in the doctor-patient relationship. However, today's reality is that patient information is increasingly accessible to third parties outside this relationship. This article discusses India's data protection framework and assesses data protection developments in India including the Digital Personal Data Protection Act, 2023.
Subject(s)
Computer Security , Confidentiality , India , Humans , Confidentiality/legislation & jurisprudence , Computer Security/legislation & jurisprudence , Computer Security/standards , Physician-Patient Relations/ethics , Privacy/legislation & jurisprudenceABSTRACT
In order to achieve the goals of the Medical Informatics Initiative (MII), staff with skills in the field of medical informatics and data science are required. Each consortium has established training activities. Further, cross-consortium activities have emerged. This article describes the concepts, implemented programs, and experiences in the consortia. Fifty-one new professorships have been established and 10 new study programs have been created: 1 bachelor's degree and 6 consecutive and 3 part-time master's degree programs. Further, learning and training opportunities can be used by all MII partners. Certification and recognition opportunities have been created.The educational offers are aimed at target groups with a background in computer science, medicine, nursing, bioinformatics, biology, natural science, and data science. Additional qualifications for physicians in computer science and computer scientists in medicine seem to be particularly important. They can lead to higher quality in software development and better support for treatment processes by application systems.Digital learning methods were important in all consortia. They offer flexibility for cross-location and interprofessional training. This enables learning at an individual pace and an exchange between professional groups.The success of the MII depends largely on society's acceptance of the multiple use of medical data in both healthcare and research. The information required for this is provided by the MII's public relations work. There is also an enormous need in society for medical and digital literacy.
Subject(s)
Curriculum , Medical Informatics , Humans , Computer Security/standards , Electronic Health Records/standards , Germany , Medical Informatics/education , Professional Competence/standardsABSTRACT
The increased adoption of digital systems in the maritime domain has led to concerns about cyber resilience, especially in the wake of increasingly disruptive cyber-attacks. This has seen vessel operators increasingly adopt Maritime Security Operation Centers (M-SOCs), an action in line with one of the cyber resilience engineering techniques known as adaptive response, whose purpose is to optimize the ability to respond promptly to attacks. This research sought to investigate the domain-specific human factors that influence the adaptive response capabilities of M-SOC analysts to vessel cyber threats. Through collecting interview data and subsequent thematic analysis informed by grounded theory, cyber awareness of both crew onboard and vessel operators emerged as a pressing domain-specific challenge impacting M-SOC analysts' adaptive response. The key takeaway from this study is that vessel operators remain pivotal in supporting the M-SOC analysts' adaptive response processes through resource allocation towards operational technology (OT) monitoring and cyber personnel staffing onboard the vessels.
Subject(s)
Computer Security , Ships , Humans , Computer Security/standards , Male , Adult , Female , Ergonomics , Middle Aged , Grounded Theory , Qualitative Research , Security MeasuresABSTRACT
BACKGROUND: A blockchain can be described as a distributed ledger database where, under a consensus mechanism, data are permanently stored in records, called blocks, linked together with cryptography. Each block contains a cryptographic hash function of the previous block, a timestamp, and transaction data, which are permanently stored in thousands of nodes and never altered. This provides a potential real-world application for generating a permanent, decentralized record of scientific data, taking advantage of blockchain features such as timestamping and immutability. IMPLEMENTATION: Here, we propose INNBC DApp, a Web3 decentralized application providing a simple front-end user interface connected with a smart contract for recording scientific data on a modern, proof-of-stake (POS) blockchain such as BNB Smart Chain. Unlike previously proposed blockchain tools that only store a hash of the data on-chain, here the data are stored fully on-chain within the transaction itself as "transaction input data", with a true decentralized storage solution. In addition to plain text, the DApp can record various types of files, such as documents, images, audio, and video, by using Base64 encoding. In this study, we describe how to use the DApp and perform real-world transactions storing different kinds of data from previously published research articles, describing the advantages and limitations of using such a technology, analyzing the cost in terms of transaction fees, and discussing possible use cases. RESULTS: We have been able to store several different types of data on the BNB Smart Chain: raw text, documents, images, audio, and video. Notably, we stored several complete research articles at a reasonable cost. We found a limit of 95KB for each single file upload. Considering that Base64 encoding increases file size by approximately 33%, this provides us with a theoretical limit of 126KB. We successfully overcome this limitation by splitting larger files into smaller chunks and uploading them as multi-volume archives. Additionally, we propose AES encryption to protect sensitive data. Accordingly, we show that it is possible to include enough data to be useful for storing and sharing scientific documents and images on the blockchain at a reasonable cost for the users. CONCLUSION: INNBC DApp represents a real use case for blockchain technology in decentralizing biomedical data storage and sharing, providing us with features such as immutability, timestamp, and identity that can be used to ensure permanent availability of the data and to provide proof-of-existence as well as to protect authorship, a freely available decentralized science (DeSci) tool aiming to help bring mass adoption of blockchain technology among the scientific community.
Subject(s)
Blockchain , Humans , Information Storage and Retrieval/methods , Computer Security/standardsABSTRACT
The COVID-19 pandemic demonstrated the benefits of international data sharing. Data sharing enabled the health care policy makers to make decisions based on real-time data, it enabled the tracking of the virus, and importantly it enabled the development of vaccines that were crucial to mitigating the impact of the virus. This data sharing is not the norm as data sharing needs to navigate complex ethical and legal rules, and in particular, the fragmented application of the General Data Protection Regulation (GDPR). The introduction of the draft regulation for a European Health Data Space (EHDS) in May 2022 seeks to address some of these legal issues. If passed, it will create an obligation to share electronic health data for certain secondary purposes. While there is a clear need to address the legal complexities involved with data sharing, it is critical that any proposed reforms are in line with ethical principles and the expectations of the data subjects. In this paper we offer a critique of the EHDS and offer some recommendations for this evolving regulatory space.
Subject(s)
COVID-19 , Information Dissemination , SARS-CoV-2 , Humans , Computer Security/ethics , Computer Security/legislation & jurisprudence , Computer Security/standards , COVID-19/epidemiology , Electronic Health Records/ethics , Electronic Health Records/legislation & jurisprudence , Europe , Information Dissemination/ethics , Information Dissemination/legislation & jurisprudence , Pandemics/ethicsABSTRACT
INTRODUCTION: Technological advances continue to transform society, including the health sector. The decentralized and verifiable nature of blockchain technology presents great potential for addressing current challenges in healthcare data management. DISCUSSION: This article reports on how the generalized adoption of blockchain faces important challenges and barriers that must be addressed, such as the lack of regulation, technical complexity, safeguarding privacy, and economic and technological costs. Collaboration between medical professionals, technologists and legislators is essential to establish a solid regulatory framework and adequate training. CONCLUSION: Blockchain technology has the potential to revolutionize data management in the healthcare sector, improving the quality of medical care, empowering users, and promoting the secure sharing of data, but an important cultural change is needed, along with more evidence, to reveal its advantages in front of the existing technological alternative.
Subject(s)
Blockchain , Computer Security , Computer Security/standards , Humans , Data ManagementABSTRACT
Directed signature is a special cryptographic technique in which only the verifier designated by the signer can verify the validity of the signature. Directed signature can effectively protect the privacy of the signer's identity, so it is very suitable for medical records, taxation, and other fields. To improve the security and performance of the directed signature scheme, Gayathri et al. proposed the first certificateless directed signature (CLDS) scheme without bilinear pairing and claimed that their CLDS scheme could withstand Type I and Type II attacks. In this article, we provide two attack methods to assess the security of their CLDS scheme. Unfortunately, our results indicate that their CLDS scheme is insecure against Type I and Type II attacks. That is, their CLDS scheme does not meet the unforgeability and cannot achieve the expected security goals. To resist these attacks, we present an improved CLDS scheme and give the security proof. Compared with similar schemes, our scheme has better performance and higher security.
Subject(s)
Algorithms , Computer Security/standards , Confidentiality/standards , Models, Theoretical , Privacy , Wireless Technology/instrumentation , HumansABSTRACT
Due to the high amount of electronic health records, hospitals have prioritized data protection. Because it uses parallel computing and is distributed, the security of the cloud cannot be guaranteed. Because of the large number of e-health records, hospitals have made data security a major concern. The cloud's security cannot be guaranteed because it uses parallel processing and is distributed. The blockchain (BC) has been deployed in the cloud to preserve and secure medical data because it is particularly prone to security breaches and attacks such as forgery, manipulation, and privacy leaks. An overview of blockchain (BC) technology in cloud storage to improve healthcare system security can be obtained by reading this paper. First, we will look at the benefits and drawbacks of using a basic cloud storage system. After that, a brief overview of blockchain cloud storage technology will be offered. Many researches have focused on using blockchain technology in healthcare systems as a possible solution to the security concerns in healthcare, resulting in tighter and more advanced security requirements being provided. This survey could lead to a blockchain-based solution for the protection of cloud-outsourced healthcare data. Evaluation and comparison of the simulation tests of the offered blockchain technology-focused studies can demonstrate integrity verification with cloud storage and medical data, data interchange with reduced computational complexity, security, and privacy protection. Because of blockchain and IT, business warfare has emerged, and governments in the Middle East have embraced it. Thus, this research focused on the qualities that influence customers' interest in and approval of blockchain technology in cloud storage for healthcare system security and the aspects that increase people's knowledge of blockchain. One way to better understand how people feel about learning how to use blockchain technology in healthcare is through the United Theory of Acceptance and Use of Technology (UTAUT). A snowball sampling method was used to select respondents in an online poll to gather data about blockchain technology in Middle Eastern poor countries. A total of 443 randomly selected responses were tested using SPSS. Blockchain adoption has been shown to be influenced by anticipation, effort expectancy, social influence (SI), facilitation factors, personal innovativeness (PInn), and a perception of security risk (PSR). Blockchain adoption and acceptance were found to be influenced by anticipation, effort expectancy, social influence (SI), facilitating conditions, personal innovativeness (PInn), and perceived security risk (PSR) during the COVID-19 pandemic, as well as providing an overview of current trends in the field and issues pertaining to significance and compatibility.