Jeffrey CL Looi,Richard CH Looi,Paul A Maguire,Steve Kisely,Tarun Bastiampillai,Stephen Allison

DOI: https://doi.org/10.1177/10398562241230816

2024-01-30

Australasian Psychiatry

Abstract:Australasian Psychiatry, Ahead of Print. ObjectiveTo update psychiatrists and trainees on the realised risks of electronic health record data breaches.MethodsThis is a selective narrative review and commentary regarding electronic health record data breaches.ResultsRecent events such as the Medibank and Australian Clinical Labs data breaches demonstrate the realised risks for electronic health records. If stolen identity data is publicly released, patients and doctors may be subject to blackmail, fraud, identity theft and targeted scams. Medical diagnoses of psychiatric illness and substance use disorder may be released in blackmail attempts.ConclusionsPsychiatrists, trainees and their patients need to understand the inevitability of electronic health record data breaches. This understanding should inform a minimised collection of personal information in the health record to avoid exposure of confidential information and identity theft. Governmental regulation of electronic health record privacy and security is needed.

psychiatry

Chukwuka Elendu,Eunice K. Omeludike,Praise O. Oloyede,Babajide T. Obidigbo,Janet C. Omeludike

DOI: https://doi.org/10.1097/md.0000000000039887

IF: 1.6

2024-09-29

Medicine

Abstract:In recent years, integrating digital technologies in healthcare has revolutionized medical practice, enhancing patient care, data management, and operational efficiency. However, this digital transformation has also exposed healthcare systems to significant cybersecurity threats, leading to legal and ethical challenges for clinicians. [ 1–3 ] The increasing frequency and sophistication of cyber-attacks, such as ransomware, data breaches, and hacking incidents, pose substantial risks to patient privacy, data integrity, and overall healthcare delivery. [ 1–3 ] These incidents jeopardize patient safety and implicate healthcare professionals in potential legal liabilities. Emerging technologies, including artificial intelligence (AI) and quantum computing, are at the forefront of cybersecurity innovations and challenges. AI, for instance, offers promising applications in detecting and mitigating cyber threats through advanced algorithms and machine learning (ML) techniques. However, deploying AI systems in healthcare raises concerns regarding data security, privacy, and ethical implications. If not properly managed, AI systems can introduce biases that may result in discriminatory practices or inaccurate decision-making. [ 4 , 5 ] Moreover, quantum computing, potentially breaking traditional encryption methods, further complicates the cybersecurity landscape, necessitating new cryptographic approaches and legal frameworks to safeguard sensitive health information. [ 6 ] The global nature of cybersecurity threats underscores the importance of international cooperation and regulatory harmonization. Countries have adopted varying approaches to managing cybersecurity incidents in healthcare, influenced by their legal systems, cultural values, and technological infrastructures. For example, the European Union's General Data Protection Regulation (GDPR) imposes stringent data protection requirements, including reporting data breaches within 72 hours. [ 7 ] In contrast, the United States has a more fragmented regulatory landscape, with laws such as the Health Insurance Portability and Accountability Act (HIPAA) providing a framework for protecting patient information. Still, varying state laws complicate compliance. [ 8 ] A comparative analysis of these international regulations reveals best practices and highlights areas where further harmonization is needed to protect healthcare data globally. The legal implications of cybersecurity incidents extend beyond compliance with data protection regulations. As custodians of patient data, clinicians may face legal consequences in data breaches or unauthorized access to sensitive information. These legal responsibilities necessitate a thorough understanding of cybersecurity best practices and implementing robust security measures. For instance, clinicians must ensure secure communication channels, regular updates to software systems, and adherence to data encryption standards. [ 9 ] Furthermore, clinicians should be aware of their obligations to report cybersecurity incidents and cooperate with investigations, as failure can result in legal penalties and damage to professional reputations. [ 10 ] Ethical considerations are also paramount in the context of cybersecurity in healthcare. The principle of patient autonomy, which underpins informed consent and confidentiality, is challenged when cybersecurity incidents compromise patient data. Healthcare professionals must navigate these ethical dilemmas, balancing the need to protect patient information with the necessity of using digital tools for medical care. [ 11 ] Moreover, deploying AI in healthcare introduces questions about the transparency and accountability of decision-making processes. Ensuring that AI systems are transparent, explainable, and free from biases is crucial to maintaining public trust and ensuring equitable healthcare outcomes. [ 12 ] Case studies of cybersecurity incidents in healthcare provide valuable insights into the practical challenges and consequences clinicians face. For example, the WannaCry ransomware attack in 2017 severely disrupted the UK's National Health Service (NHS), affecting numerous hospitals and clinics and leading to the cancelation of thousands of appointments. [ 13 ] This incident highlighted the vulnerability of healthcare systems to cyber threats and underscored the importance of proactive cybersecurity measures. Similarly, the breach of patient data at Ant -Abstract Truncated-

medicine, general & internal

Cartwright, Anthony James

DOI: https://doi.org/10.1007/s10877-023-01013-5

IF: 1.977

2023-04-24

Journal of Clinical Monitoring and Computing

Abstract:Cybersecurity has seen an increasing frequency and impact of cyberattacks and exposure of Protected Health Information (PHI). The uptake of an Electronic Medical Record (EMR), the exponential adoption of Internet of Things (IoT) devices, and the impact of the COVID-19 pandemic has increased the threat surface presented for cyberattack by the healthcare sector. Within healthcare generally and, more specifically, within anaesthesia and Intensive Care, there has been an explosion in wired and wireless devices used daily in the care of almost every patient—the Internet of Medical Things (IoMT); ventilators, anaesthetic machines, infusion pumps, pacing devices, organ support and a plethora of monitoring modalities. All of these devices, once connected to a hospital network, present another opportunity for a malevolent party to access the hospital systems, either to gain PHI for financial, political or other gain or to attack the systems directly to cause erroneous monitoring, altered settings of any device and even to access the EMR via this IoMT window. This exponential increase in the IoMT and the increasing wireless connectivity of anaesthesia and ICU devices as well as implantable devices presents a real and present danger to patient safety. There has, at the same time, been a chronic underfunding of cybersecurity in healthcare. This lack of cybersecurity investment has left the sector exposed, and with the monetisation of PHI, the introduction of technically unsecure IoT devices for monitoring and direct patient care, the healthcare sector is presenting itself for further devastating cyberattacks or breaches of PHI. Coupled with the immense strain that the COVID-19 pandemic has placed on healthcare and the changes in working patterns of many caregivers, this has further amplified the exposure of the sector to cyberattacks.

anesthesiology

Kevin Hore,Mong Hoi Tan,Anne Kehoe,Aidan Beegan,Sabina Mason,Nader Al Mane,Deirdre Hughes,Caroline Kelly,John Wells,Claire Magner

DOI: https://doi.org/10.1016/j.ijmedinf.2024.105412

IF: 4.73

2024-05-01

International Journal of Medical Informatics

Abstract:INTRODUCTION: Cyberattacks on healthcare organisations are becoming increasingly common and represent a growing threat to patient safety. The majority of breaches in cybersecurity have been attributed to human error. Intensive care departments are particularly vulnerable to cyberattacks. The aim of this study was to investigate cybersecurity awareness, knowledge and behaviours among critical care staff.METHODS: This was a multi-site cross-sectional survey study administered to critical care staff. Cybersecurity awareness was evaluated using the validated HAIS-Q instrument. Knowledge and behaviours were evaluated by direct questioning and scenario-based multiple-choice questions. Free text options were also offered to respondents. Thematic analysis was performed on free text sections.RESULTS: Median scores of 12-15 in each of the HAIS-Q focus areas were achieved, indicating high levels of cybersecurity awareness among critical care staff. However, self-reported confidence in cybersecurity practices, especially identifying signs of cybersecurity breaches and reporting cybersecurity incidents, were relatively low. Participants responses to the scenarios demonstrated a lack of knowledge and awareness of some of the mechanisms of cyberattacks. Barriers to safe cybersecurity practices among staff that emerged from the qualitative analysis included: a lack of training and education; heavy workloads and staff fatigue; perceived lack of IT support and poor IT infrastructure.CONCLUSION: Critical care staff appear to have a high-level cybersecurity awareness. However, in practice safe cybersecurity practices are not always followed. ICU departments and hospitals must invest in the human aspect of cybersecurity to strength their cyber-defences and to protect patients.

health care sciences & services,computer science, information systems,medical informatics

Megha M. Moncy,Sadia Afreen,Saptarshi Purkayastha

2023-11-07

Abstract:This research examines the pivotal role of human behavior in the realm of healthcare data management, situated at the confluence of technological advancements and human conduct. An in-depth analysis of security breaches in the United States from 2009 to the present elucidates the dominance of human-induced security breaches. While technological weak points are certainly a concern, our study highlights that a significant proportion of breaches are precipitated by human errors and practices, thus pinpointing a conspicuous deficiency in training, awareness, and organizational architecture. In spite of stringent federal mandates, such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act, breaches persist, emphasizing the indispensable role of human factors within this domain. Such oversights not only jeopardize patient data confidentiality but also undermine the foundational trust inherent in the healthcare infrastructure. By probing the socio-technical facets of healthcare security infringements, this article advocates for an integrated, dynamic, and holistic approach to healthcare data security. The findings underscore the imperative of augmenting technological defenses while concurrently elevating human conduct and institutional ethos, thereby cultivating a robust and impervious healthcare data management environment.

Computers and Society,Cryptography and Security

Isabel Straw,Irina Brass,Andrew Mkwashi,Inika Charles,Amelie Soares,Caroline Steer

DOI: https://doi.org/10.2196/50505

2024-07-11

Abstract:Background: Health care professionals receive little training on the digital technologies that their patients rely on. Consequently, practitioners may face significant barriers when providing care to patients experiencing digitally mediated harms (eg, medical device failures and cybersecurity exploits). Here, we explore the impact of technological failures in clinical terms. Objective: Our study explored the key challenges faced by frontline health care workers during digital events, identified gaps in clinical training and guidance, and proposes a set of recommendations for improving digital clinical practice. Methods: A qualitative study involving a 1-day workshop of 52 participants, internationally attended, with multistakeholder participation. Participants engaged in table-top exercises and group discussions focused on medical scenarios complicated by technology (eg, malfunctioning ventilators and malicious hacks on health care apps). Extensive notes from 5 scribes were retrospectively analyzed and a thematic analysis was performed to extract and synthesize data. Results: Clinicians reported novel forms of harm related to technology (eg, geofencing in domestic violence and errors related to interconnected fetal monitoring systems) and barriers impeding adverse event reporting (eg, time constraints and postmortem device disposal). Challenges to providing effective patient care included a lack of clinical suspicion of device failures, unfamiliarity with equipment, and an absence of digitally tailored clinical protocols. Participants agreed that cyberattacks should be classified as major incidents, with the repurposing of existing crisis resources. Treatment of patients was determined by the role technology played in clinical management, such that those reliant on potentially compromised laboratory or radiological facilities were prioritized. Conclusions: Here, we have framed digital events through a clinical lens, described in terms of their end-point impact on the patient. In doing so, we have developed a series of recommendations for ensuring responses to digital events are tailored to clinical needs and center patient care.

D. Mucic,J. H. Shore,D. M. Hilty,K. Krysta,M. Krzystanek

DOI: https://doi.org/10.1007/s11920-021-01300-5

2021-11-29

Current Psychiatry Reports

Abstract:Purpose of ReviewThe COVID-19 pandemic has impacted lives globally, posing unique challenges to mental health services exposing vulnerability and limitations within these systems. During the course of the pandemic, telecommunications technologies (e-mental health care) have served a critical role in psychiatric care. It is important to understand current lessons learned in e-mental health care and implications for global mental health systems for both emerging from the pandemic and after the pandemic has ended.Recent FindingsThere are significant regulatory, policy, and evaluation challenges for global e-mental health impacting patients, clinicians, health systems, and decision-makers. These include complex regulatory issues, difficulties of providing care across boundaries, and keeping pace with the implementation of new technologies in behavioral health.SummaryThe collaborative development of global standards along with policies, appropriate regulations, and developing new models of research and development opens the possibility of improved access to care across national boundaries.

psychiatry

Wendy Burke,Andrew Stranieri,Taiwo Oseni,Iqbal Gondal

DOI: https://doi.org/10.1186/s12911-024-02551-x

IF: 3.298

2024-05-26

BMC Medical Informatics and Decision Making

Abstract:The Australian healthcare sector is a complex mix of government departments, associations, providers, professionals, and consumers. Cybersecurity attacks, which have recently increased, challenge the sector in many ways; however, the best approaches for the sector to manage the threat are unclear. This study will report on a semi-structured focus group conducted with five representatives from the Australian healthcare and computer security sectors. An analysis of this focus group transcript yielded four themes: 1) the challenge of securing the Australian healthcare landscape; 2) the financial challenges of cybersecurity in healthcare; 3) balancing privacy and transparency; 4) education and regulation. The results indicate the need for sector-specific tools to empower the healthcare sector to mitigate cybersecurity threats, most notably using a self-evaluation tool so stakeholders can proactively prepare for incidents. Despite the vast amount of research into cybersecurity, little has been conducted on proactive cybersecurity approaches where security weaknesses are identified weaknesses before they occur.

medical informatics

Golnar Aref-Adib,Gabriella Landy,Michelle Eskinazi,Andrew Sommerlad,Nicola Morant,Sonia Johnson,Richard Graham,David Osborn,Alexandra Pitman

DOI: https://doi.org/10.2196/19008

2020-07-29

JMIR Mental Health

Abstract:Background The use of digital technology can help people access information and provide support for their mental health problems, but it can also expose them to risk, such as bullying or prosuicide websites. It may be important to consider internet-related risk behavior (digital risk) within a generic psychiatric risk assessment, but no studies have explored the practice or acceptability of this among psychiatrists. Objective This study aimed to explore psychiatry trainees’ experiences, views, and understanding of digital risk in psychiatry. We predicted that clinician awareness would be highest among trainees who work in child and adolescent mental health services. Methods We conducted a cross-sectional survey of psychiatry trainees attending a UK regional trainees’ conference to investigate how they routinely assess patients’ internet use and related risk of harm and their experience and confidence in assessing these risks. We conducted focus groups to further explore trainees’ understandings and experiences of digital risk assessment. Descriptive statistics and chi-squared tests were used to present the quantitative data. A thematic analysis was used to identify the key themes in the qualitative data set. Results The cross-sectional survey was completed by 113 out of 312 psychiatry trainees (response rate 36.2%), from a range of subspecialties and experience levels. Half of the trainees (57/113, 50.4%) reported treating patients exposed to digital risk, particularly trainees subspecializing in child and adolescent psychiatry (17/22, 77% vs 40/91, 44%;P=.02). However, 67.3% (76/113) reported not feeling competent to assess digital risk. Child and adolescent psychiatrists were more likely than others to ask patients routinely about specific digital risk domains, including reckless web-based behavior (18/20, 90% vs 54/82, 66%; P=.03), prosuicide websites (20/21, 95% vs 57/81, 70%; P=.01), and online sexual behavior (17/21, 81% vs 44/81, 54%; P=.02). Although 84.1% (95/113) of the participants reported using a proforma to record general risk assessment, only 5% (5/95) of these participants prompted an assessment of internet use. Only 9.7% (11/113) of the trainees had received digital risk training, and 73.5% (83/113) reported that they would value this. Our thematic analysis of transcripts from 3 focus groups (comprising 11 trainees) identified 2 main themes: barriers to assessment and management of digital risk, and the double-edged sword of web use. Barriers reported included the novelty and complexity of the internet, a lack of confidence and guidance in addressing internet use directly, and ongoing tension between assessment and privacy. Conclusions Although it is common for psychiatrists to encounter patients subject to digital risk, trainee psychiatrists lack competence and confidence in their assessment. Training in digital risk and the inclusion of prompts in standardized risk proformas would promote good clinical practice and prevent a potential blind spot in general risk assessment.

psychiatry

Pankaj Zanke,,Dipti Sontakke,

DOI: https://doi.org/10.47191/ijcsrr/v7-i6-42

2024-06-19

International Journal of Current Science Research and Review

Abstract:The COVID-19 pandemic accelerated telemedicine adoption, showcasing its potential in improving healthcare delivery. However, privacy and security risks pose challenges, impeding widespread acceptance. The aim is to investigate the integration of data analytics, data analysis, and data cleaning in telemedicine, focusing on patient data privacy and security, with the goal of proposing strategies to mitigate risks and uphold confidentiality. Utilizing a qualitative approach, privacy and security challenges in telemedicine were investigated. Multiple databases, including PubMed, Embase, and Cochrane Library, were searched from 2018-2023. Inclusion criteria involved English-language, peer-reviewed empirical studies focusing on telemedicine privacy and security. Out of 770 unique records screened, eight studies were included. Full-text review and risk of bias assessment were conducted using CASP tool. Privacy and security, technology hurdles for providers, patient trust, professional training, physical assessment challenges, and disparities among special populations were identified. Environmental, technological, and operational factors contribute to privacy and security risks in telehealth. Technology challenges like restricted access to telehealth tools and poor internet hinder adoption. Data analytics in telemedicine facilitates healthcare transformation, addressing privacy and security while optimizing patient outcomes through advanced analytics techniques and structured data analytics lifecycles. The integration of data analytics in telemedicine shows promise for healthcare transformation by providing insights into patient behavior and policy impacts, while ensuring data privacy and security. Addressing barriers, accelerated by the COVID-19 pandemic, requires infrastructure enhancements and global research efforts for inclusive telehealth ecosystems.

Clemens Scott Kruse,Benjamin Frederick,Taylor Jacobson,D Kyle Monticone

DOI: https://doi.org/10.3233/THC-161263

Abstract:Background: The adoption of healthcare technology is arduous, and it requires planning and implementation time. Healthcare organizations are vulnerable to modern trends and threats because it has not kept up with threats. Objective: The objective of this systematic review is to identify cybersecurity trends, including ransomware, and identify possible solutions by querying academic literature. Methods: The reviewers conducted three separate searches through the CINAHL and PubMed (MEDLINE) and the Nursing and Allied Health Source via ProQuest databases. Using key words with Boolean operators, database filters, and hand screening, we identified 31 articles that met the objective of the review. Results: The analysis of 31 articles showed the healthcare industry lags behind in security. Like other industries, healthcare should clearly define cybersecurity duties, establish clear procedures for upgrading software and handling a data breach, use VLANs and deauthentication and cloud-based computing, and to train their users not to open suspicious code. Conclusions: The healthcare industry is a prime target for medical information theft as it lags behind other leading industries in securing vital data. It is imperative that time and funding is invested in maintaining and ensuring the protection of healthcare technology and the confidentially of patient information from unauthorized access.

Raul Luna,Emily Rhine,Matthew Myhra,Ross Sullivan,Clemens Scott Kruse

DOI: https://doi.org/10.3233/THC-151102

Abstract:Background: Recent legislation empowering providers to embrace the electronic exchange of health information leaves the healthcare industry increasingly vulnerable to cybercrime. The objective of this systematic review is to identify the biggest threats to healthcare via cybercrime. Objective: The rationale behind this systematic review is to provide a framework for future research by identifying themes and trends of cybercrime in the healthcare industry. Methods: The authors conducted a systematic search through the CINAHL, Academic Search Complete, PubMed, and ScienceDirect databases to gather literature relative to cyber threats in healthcare. All authors reviewed the articles collected and excluded literature that did not focus on the objective. Results: Researchers selected and examined 19 articles for common themes. The most prevalent cyber-criminal activity in healthcare is identity theft through data breach. Other concepts identified are internal threats, external threats, cyber-squatting, and cyberterrorism. Conclusions: The industry has now come to rely heavily on digital technologies, which increase risks such as denial of service and data breaches. Current healthcare cyber-security systems do not rival the capabilities of cyber criminals. Security of information is a costly resource and therefore many HCOs may hesitate to invest what is required to protect sensitive information.

Valsamma Eapen,Ann Dadich,Srilaxmi Balachandran,Anitha Dani,Rasha Howari,Anupama Zeena Sequeria,Joel D Singer

DOI: https://doi.org/10.1177/10398562211022748

Abstract:Objective: COVID-19 propelled e-mental health within the Australian health system. It is important to learn from this to inform mental healthcare during future crises. Method: A lexical analysis was conducted of clinician reflections during COVID-19 as they delivered psychiatry services to children and families in New South Wales (n = 6) and transitioned to e-mental health. Results: E-mental health can extend the reach of, and access to psychiatry services, particularly for individuals disadvantaged by inequity. Yet e-mental health can be problematic. It is partly contingent on technological prowess, equipment, internet access as well as space and privacy. Relatedly, e-mental health can hinder clinician capacity to conduct examinations, monitor child development as well as assess risk and the need for child protection. Conclusions: Given the benefits and limitations of e-mental health, a model that supports face-to-face mental healthcare and e-mental health may be of value. This model would require practical, yet flexible policies and protocols that protect the privacy of children and families, safeguard them from harm, and respect the needs and preferences of children, families and clinicians.

Pius Ewoh,Tero Vartiainen

DOI: https://doi.org/10.2196/46904

2024-05-31

Abstract:Background: Health care organizations worldwide are faced with an increasing number of cyberattacks and threats to their critical infrastructure. These cyberattacks cause significant data breaches in digital health information systems, which threaten patient safety and privacy. Objective: From a sociotechnical perspective, this paper explores why digital health care systems are vulnerable to cyberattacks and provides sociotechnical solutions through a systematic literature review (SLR). Methods: An SLR using the PRISMA (Preferred Reporting Items for Systematic Reviews and Meta-Analyses) was conducted by searching 6 databases (PubMed, Web of Science, ScienceDirect, Scopus, Institute of Electrical and Electronics Engineers, and Springer) and a journal (Management Information Systems Quarterly) for articles published between 2012 and 2022 and indexed using the following keywords: "(cybersecurity OR cybercrime OR ransomware) AND (healthcare) OR (cybersecurity in healthcare)." Reports, review articles, and industry white papers that focused on cybersecurity and health care challenges and solutions were included. Only articles published in English were selected for the review. Results: In total, 5 themes were identified: human error, lack of investment, complex network-connected end-point devices, old legacy systems, and technology advancement (digitalization). We also found that knowledge applications for solving vulnerabilities in health care systems between 2012 to 2022 were inconsistent. Conclusions: This SLR provides a clear understanding of why health care systems are vulnerable to cyberattacks and proposes interventions from a new sociotechnical perspective. These solutions can serve as a guide for health care organizations in their efforts to prevent breaches and address vulnerabilities. To bridge the gap, we recommend that health care organizations, in partnership with educational institutions, develop and implement a cybersecurity curriculum for health care and intelligence information sharing through collaborations; training; awareness campaigns; and knowledge application areas such as secure design processes, phase-out of legacy systems, and improved investment. Additional studies are needed to create a sociotechnical framework that will support cybersecurity in health care systems and connect technology, people, and processes in an integrated manner.

Tafheem Ahmad Wani,Antonette Mendoza,Kathleen Gray

DOI: https://doi.org/10.1016/j.ijmedinf.2024.105606

2024-08-30

Abstract:Background/objective: The use of personal devices for work purposes (Bring-your-own-device) has increased in hospitals, as it facilitates productivity and mobility for clinicians. However, owing to increased risk of leaking patient information, and heavy reliance of patient data privacy on user actions, BYOD is a major challenge for hospitals. There has been a dearth of empirical research studying clinicians' BYOD security behaviour. Therefore, the study's aim was to attain subjective understanding of clinicians' attitudes and preferences towards protecting patient data on their devices through a qualitative study. Methods: 14 semi-structured interviews were conducted among Australian hospital-based clinicians. A hybrid thematic analysis was conducted using the framework method to explore socio-technical themes pertaining to the clinicians' BYOD security behavioural practices. Results: Limited use of secure tools like antivirus and passcodes, and inadequate separation of patient and personal data on BYOD devices was found. Key technology concerns included malware introduction into hospital network, inadvertent patient data sharing, and slow remote access. Hospitals lacked dedicated BYOD policies and training, resulting in unsafe practices. Participants also cited misalignment of BYOD policies with workflow needs, privacy maintenance challenges and fears of personal data breaches, while calling for improved communication between technical and clinical staff and a strong cybersecurity culture. Conclusion: This study provides a comprehensive understanding of BYOD related user behaviour and the usefulness of security controls used in time-sensitive and complex hospital environments. It can inform future policies or processes by advocating for secure and productive BYOD use.

Scott Monteith,Tasha Glenn,John R. Geddes,Eric D. Achtyes,Peter C. Whybrow,Michael Bauer

DOI: https://doi.org/10.1192/bjp.2024.77

2024-09-25

The British Journal of Psychiatry

Abstract:Summary The malicious use of artificial intelligence is growing rapidly, creating major security threats for individuals and the healthcare sector. Individuals with mental illness may be especially vulnerable. Healthcare provider data are a prime target for cybercriminals. There is a need to improve cybersecurity to detect and prevent cyberattacks against individuals and the healthcare sector, including the use of artificial intelligence predictive tools.

psychiatry

Morteza SaberiKamarposhti,Kok-Why Ng,Fang-Fang Chua,Junaidi Abdullah,Mehdi Yadollahi,Mona Moradi,Sima Ahmadpour

DOI: https://doi.org/10.1016/j.heliyon.2024.e31406

IF: 3.776

2024-05-16

Heliyon

Abstract:As healthcare systems transition into an era dominated by quantum technologies, the need to fortify cybersecurity measures to protect sensitive medical data becomes increasingly imperative. This paper navigates the intricate landscape of post-quantum cryptographic approaches and emerging threats specific to the healthcare sector. Delving into encryption protocols such as lattice-based, code-based, hash-based, and multivariate polynomial cryptography, the paper addresses challenges in adoption and compatibility within healthcare systems. The exploration of potential threats posed by quantum attacks and vulnerabilities in existing encryption standards underscores the urgency of a change in basic assumptions in healthcare data security. The paper provides a detailed roadmap for implementing post-quantum cybersecurity solutions, considering the unique challenges faced by healthcare organizations, including integration issues, budget constraints, and the need for specialized training. Finally, the abstract concludes with an emphasis on the importance of timely adoption of post-quantum strategies to ensure the resilience of healthcare data in the face of evolving threats. This roadmap not only offers practical insights into securing medical data but also serves as a guide for future directions in the dynamic landscape of post-quantum healthcare cybersecurity.

Andrea Parziale,Deborah Mascalzoni

DOI: https://doi.org/10.3389/fpsyt.2022.873392

IF: 4.7

2022-06-10

Frontiers in Psychiatry

Abstract:Psychiatric research traditionally relies on subjective observation, which is time-consuming and labor-intensive. The widespread use of digital devices, such as smartphones and wearables, enables the collection and use of vast amounts of user-generated data as "digital biomarkers." These tools may also support increased participation of psychiatric patients in research and, as a result, the production of research results that are meaningful to them. However, sharing mental health data and research results may expose patients to discrimination and stigma risks, thus discouraging participation. To earn and maintain participants' trust, the first essential requirement is to implement an appropriate data governance system with a clear and transparent allocation of data protection duties and responsibilities among the actors involved in the process. These include sponsors, investigators, operators of digital tools, as well as healthcare service providers and biobanks/databanks. While previous works have proposed practical solutions to this end, there is a lack of consideration of positive data protection law issues in the extant literature. To start filling this gap, this paper discusses the GDPR legal qualifications of controller, processor, and joint controllers in the complex ecosystem unfolded by the integration of digital biomarkers in psychiatric research, considering their implications and proposing some general practical recommendations.

psychiatry

N Pontier,M Orre,M Martin

DOI: https://doi.org/10.1016/j.canrad.2022.06.011

Abstract:Cybersecurity is a major issue in today's world. Health structures are not immune to attacks aimed at stealing valuable sensitive data, demanding a ransom, disrupting or paralyzing a system for political purposes. The Dax Hospital Center (France) had to deal with such an attack in February 2021, bringing the entire computer system to its knees. Radiotherapy, a highly technological specialty and dependent on computers, is a very sensitive sector: unlike other specialties, computer malfunctions prevent any treatment of patients. Faced with this threat which is a reality and of which we bring here a testimony based on our experience, it is important to reflect on the human and technological means in cooperation with the IT specialists to reduce this risk as much as possible but also to be able in the event of an attack to reconstruct the system as quickly as possible and ensure continuity of care.

Jeffrey CL Looi,Paul A Maguire,Steve Kisely,Stephen Allison,Tarun Bastiampillai

DOI: https://doi.org/10.1177/10398562241283206

2024-09-14

Australasian Psychiatry

Abstract:Australasian Psychiatry, Ahead of Print. ObjectivesPsychosocially unsafe workplaces are related to burnout, especially amongst trainees and psychiatrists. Burgeoning research on psychosocial workplace safety indicates the importance of organisational governance to reduce adverse professional, and consequently patient, outcomes in healthcare by balancing job demands and resources. We provide a brief commentary on the relevance of the concept of the Psychosocial Safety Climate model for mental health services and healthcare workers, and considerations for action.ConclusionsBased on the Extended Job Demand-Resource model, the Psychosocial Safety Climate model has been developed and validated in community and healthcare environments. Psychosocial safety is also an Australian workplace safety requirement. An important direction to improve working conditions, reduce adverse outcomes, and improve recruitment and retention of healthcare workers, may be to adopt and formalise psychosocial workplace safety as a key performance indicator of equal importance to productivity for mental healthcare services.

psychiatry