Search results for: healthcare data security

Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar

Abstract:

Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.

Keywords: interoperability, threats, attacks, medical devices

Procedia PDF Downloads 333

Authors: Samuel Owoade, Zainab Idowu, Idris Ajibade, Abel Uzoka

Abstract:

Cloud computing adoption continues to soar, with 83% of enterprise workloads estimated to be in the cloud by 2022. However, this rapid migration raises security concerns, needing strong security management solutions to safeguard sensitive data and essential applications. This paper investigates the critical role of technical project managers in orchestrating security management initiatives for cloud environments, evaluating their responsibilities, challenges, and best practices for assuring the resilience and integrity of cloud infrastructures. Drawing from a comprehensive review of industry reports and interviews with cloud security experts, this research highlights the multifaceted landscape of security management in cloud environments. Despite the rapid adoption of cloud services, only 25% of organizations have matured their cloud security practices, indicating a pressing need for effective management strategies. This paper proposes a strategy framework adapted to the demands of technical project managers, outlining the important components of effective cloud security management. Notably, 76% of firms identify misconfiguration as a major source of cloud security incidents, underlining the significance of proactive risk assessment and constant monitoring. Furthermore, the study emphasizes the importance of technical project managers in facilitating cross-functional collaboration, bridging the gap between cybersecurity professionals, cloud architects, compliance officers, and IT operations teams. With 68% of firms seeing difficulties integrating security policies into their cloud systems, effective communication and collaboration are critical to success. Case studies from industry leaders illustrate the practical use of security management projects in cloud settings. These examples demonstrate the importance of technical project managers in using their expertise to address obstacles and generate meaningful outcomes, with 92% of firms reporting improved security practices after implementing proactive security management tactics. In conclusion, this research underscores the critical role of technical project managers in safeguarding cloud environments against evolving threats. By embracing their role as guardians of the cloud realm, project managers can mitigate risks, optimize resource utilization, and uphold the trust and integrity of cloud infrastructures in an era of digital transformation.

Keywords: cloud security, security management, technical project management, cybersecurity, cloud infrastructure, risk management, compliance

Procedia PDF Downloads 54

Authors: S. Ithai, A. Oloo

Abstract:

The emergence of globalization has cultivated an international consensus that without economic development; it is very unlikely that a country may realize social or political development. It is equally important to note that the economic effect on social development automatically influence the country healthcare services as healthcare systems are improved and adopted. For decades and before 1980's, the colonial and the Governments of Kenya had pursued a goal to provide free healthcare services to its citizen with minimal success; but as population increased, this endeavor became almost a mirage. The challenge called for a change of strategy with introduction of cost sharing which also could not guarantee sustainability of healthcare services in the country due to increased number of poor people and poverty. An involvement of multisectral approach to provision of health individual, collaboration and adoption of all dimensions through globalization provides a ray of hope to not only economic, political and social development but also guaranteed equitable and reliable healthcare systems in Kenya and specifically referral healthcare services at KNH. With the advent of globalization, KNH has made positive strides that have guaranteed patients with reliable healthcare services. These include increased donor funding, collaboration levels, training and research as well as enhanced the hospital relations with international partners. During this period, the hospital has increased number of local doctors and nurses, enhanced transfer of skills, innovations and technologies which are driving forces to quality and efficient healthcare services. The period has also brought in challenges for the hospital which include increased competition, attraction of qualified nurses and doctors to international are some the issues that have made the hospital to spend more resources in research and development in order to stay afloat. This paper reveals the link between globalization and healthcare and its influence on institution policy choice. However, the process is not expected to take place automatically without institutional initiatives if KNH is to reap the benefits of globalization. KNH need to make use of the existing infrastructure, human resources and donor confidence, the opportunities that are indeed important in propelling KNH toward Vision 2030 and achieving the desired Millennium Development Goals (MDGs).

Keywords: globalization, Kenyatta National Hospital, native, healthcare

Procedia PDF Downloads 338

Authors: Christopher Manyamba

Abstract:

Women in Malawi produce perform between 50-70 percent of all agricultural tasks and yet the majority remain food insecure. The aim of his paper is to build on existing mixed evidence that indicates that empowering women in agriculture is conducive to improving food security. The WEAI is used to provide evidence on the relationship between women’s empowerment in agriculture and household food security. A multinomial logistic regression is applied to the Women Empowerment in Agriculture Index (WEAI) components and the Household Hunger Scale. The overall results show that the WEAI can be used to determine household food insecurity; however it has to be contextually adapted. Assets ownership, credit, group membership and leisure time are positively associated with food security. Contrary to other literature, empowerment in having control and decisions on income indicate negative association with household food security. These results could potentially better inform public, private and civil society stakeholders’ dialogues in creating the most effective and sustainable interventions to help women attain long-term food security.

Keywords: food security, gender, empowerment, agriculture index, framework for African food security, household hunger scale

Procedia PDF Downloads 370

Authors: Jessemyn Modiini, Timothy Lynar, Elena Sitnikova

Abstract:

We present a novel enhanced compartmental model for malware spread analysis in cyber security. This paper applies cyber security data features to epidemiological compartmental models to model the infectious potential of malware. Compartmental models are most efficient for calculating the infectious potential of a disease. In this paper, we discuss and profile epidemiologically relevant data features from a Domain Name System (DNS) dataset. We then apply these features to epidemiological compartmental models to network traffic features. This paper demonstrates how epidemiological principles can be applied to the novel analysis of key cybersecurity behaviours and trends and provides insight into threat modelling above that of kill-chain analysis. In applying deterministic compartmental models to a cyber security use case, the authors analyse the deficiencies and provide an enhanced stochastic model for cyber epidemiology. This enhanced compartmental model (SUEICRN model) is contrasted with the traditional SEIR model to demonstrate its efficacy.

Keywords: cybersecurity, epidemiology, cyber epidemiology, malware

Procedia PDF Downloads 109

Authors: Sohail Imran, Tariq Mahmood

Abstract:

In complex healthcare diagnostic investigation process, medical practitioners have to focus on ways to standardize their processes to perform high quality care and optimize the time and costs. Process mining techniques can be applied to extract process related knowledge from data without considering causal and dynamic dependencies in business domain and processes. The application of process mining is effective in diagnostic investigation. It is very helpful where a treatment gives no dispositive evidence favoring it. In this paper, we applied process mining to discover important process flow of diagnostic investigation for hepatitis patients. This approach has some benefits which can enhance the quality and efficiency of diagnostic investigation processes.

Keywords: process mining, healthcare, diagnostic investigation process, process flow

Procedia PDF Downloads 524

Authors: H. M. Nuralam, Z. Xiao-lan, B. K. Dubey, D. Wen-Chuan

Abstract:

Healthcare waste (HCW) is one of the major concerns in environmental issues due to its infectious and hazardous nature that is requires specific treatment and systematic management prior to final disposal. This study aimed to assess HCW management system in Dhaka City (DC), Bangladesh, by investigating the present practices implemented by the city. In this study, five different healthcare establishments were selected in DC. Field visits and interviews with health personnel and staff who are concerned with the waste management were conducted. The information was gathered through questionnaire focus on the different aspect of HCW management like, waste segregation and collection, storage and transport, awareness as well. The results showed that a total of 7,215 kg/day (7.2 ton/day) of waste were generated, of which 79.36% (5.6 ton/day) was non-hazardous waste and 20.6% (1.5 ton/day) was hazardous waste. The rate of waste generation in these healthcare establishments (HCEs) was 2.6 kg/bed/day. There was no appropriate and systematic management of HCWs except at few private HCEs that segregate their hazardous waste. All the surveyed HCEs dumped their HCW together with the municipal waste, and some staff members were also found to be engaged in improper handling of the generated waste. Furthermore, the used sharp instruments, saline bags, blood bags and test tubes were collected for resale or reuse. Nevertheless, the lack of awareness, appropriate policy, regulation and willingness to act, were responsible for the improper management of HCW in DC. There was lack of practical training of concerned healthcare to handle the waste properly, while the nurses and staff were found to be aware of the health impacts of HCW.

Keywords: awareness, disposal, Dhaka city, healthcare waste management, waste generation

Procedia PDF Downloads 326

Authors: Jared Oluoch

Abstract:

Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.

Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography

Procedia PDF Downloads 314

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities

Procedia PDF Downloads 204

Authors: Taiwo Hassanat Bawa-Muhammad, Opeoluwa Hope Adegoke

Abstract:

Introduction: This study aims to examine the knowledge and perceptions of preconception care among healthcare workers in Nigeria, recognizing its crucial role in ensuring safe pregnancies. Despite its significance, awareness of preconception care remains low in the country. The study seeks to assess the understanding of preconception services and identify the barriers that hinder their efficacy. Methods: Through semi-structured interviews, 129 healthcare workers across six states in Nigeria were interviewed between January and March 2023. The interviews explored the healthcare workers' knowledge of preconception care practices, the socio-cultural influences shaping decision-making, and the challenges that limit accessibility and utilization of preconception care services. Results: The findings reveal a limited knowledge of preconception care among healthcare workers, primarily due to inadequate information dissemination within the healthcare system. Additionally, cultural beliefs significantly influence perceptions surrounding preconception care. Furthermore, financial constraints, distance to healthcare facilities, and poor health infrastructure disproportionately restrict access to preconception services, particularly for vulnerable populations. The study also highlights insufficient skills and outdated training among healthcare workers regarding preconception guidance, primarily attributed to limited opportunities for professional development. Discussion: To improve preconception care in Nigeria, comprehensive education programs must be implemented, taking into account the societal influences that shape perceptions and behaviors. These programs should aim to dispel myths and promote evidence-based practices. Additionally, training healthcare workers and integrating preconception care services into primary care settings, with support from religious and community leaders, can help overcome barriers to access. Strategies should prioritize affordability while emphasizing the broader benefits of preconception care beyond fertility concerns alone. Lastly, widespread literacy campaigns utilizing trusted channels are crucial for effectively disseminating information and promoting the adoption of preconception practices in Nigeria.

Keywords: preconception care, knowledge, healthcare workers, Nigeria, barriers, education, training

Procedia PDF Downloads 101

Authors: Themistoklis Tzimas

Abstract:

The proposed paper focuses on a triangular relationship, between human security, human development and responsibility to rebuild. This relationship constitutes the innovative contribution to the debate about human security. Human security constitutes a generic and legally binding notion, which orientates from an integrated approach the UN Charter principles and of the collective security system. Such an approach brings at the forefront of international law and of international relations not only states but non- state actors as well. Several doctrines attempt to implement the fore-mentioned approach among which the Responsibility to Protect- hereinafter R2P- doctrine and its aspect of Responsibility to Rebuild- hereinafter R2R. In this sense, R2P in general and R2R are supposed to be guided by human security imperatives. Human security because of its human- centered approach encompasses as an integral part of it, human development. Human development constitutes part of the backbone of human security, since it deals with the social and economic root- causes of the threats, which human security attempts to confront. In this sense, doctrines which orientate from human security, such as R2P and its R2R aspect should also take into account human development imperatives, in order to improve their efficiency. On the contrary though, R2R is more often linked with market- orientated policies, which are often imposed under transitional authorities, regardless of local needs. The implementation of such policies can be identified as a cause for striking failures in the framework of R2R. In addition it is a misinterpretation of the essence of human security and subsequently of R2P as well. The findings of the article, on the basis of the fore-mentioned argument is that a change must take place from a market- orientated misinterpretation of R2R to an approach attempting to implement human development doctrines, since the latter lie at the heart of human security and can be proven more effective in dealing with the root- causes of conflicts. Methodologically, the article begins with an examination of human security and of its binding nature on the basis of its orientation from the UN Charter. It also examines its significance in the framework of the collective security system. Then, follows the analysis of why and how human development constitutes an integral part of human security. At the next part it is proven that R2P in general and R2R more specifically constitute or should constitute an attempt to implement human security doctrines within the collective security system. Having built this triangular relationship it is argued that human development is proven to be the most suitable notion, so that the spirit of human security and the scopes of R2P are successfully implemented.

Keywords: human security, un charter, responsibility to protect, responsibility to rebuild, human development

Procedia PDF Downloads 280

Authors: Francesco Ceresia

Abstract:

Workplace aggression is broadly recognized as a main work-related risk for healthcare organizations the world over. Scholars underlined that nonfatal workplace aggressions can be also produced by Type II workplace aggression, that occur when the aggressor has a legitimate relationship with the organization and commits an act of hostility while being served or cared for by members of the organization. Several reviews and meta-analysis highlighted the main antecedents and consequences of Type II verbal and physical workplace aggression in the healthcare sector, also focusing on its economic and psychosocial costs. However, some scholars emphasized the need for a systemic and multi-factorial approach to deeply understand and effectively respond to such kind of aggression. The main aim of the study is to propose a qualitative model of Type II workplace aggression in a health care organization in accordance with the system thinking and multi-factorial perspective. A case study research approach, conducted in an Italian non-hospital healthcare organization, is presented. Two main data collection methods have been adopted: individual and group interviews with a sample (N = 24) of physicians, nurses and clericals. A causal loop diagram (CLD) that describes the main causal relationships among the key-variables of the proposed model has been outlined. The main feedback loops and the causal link polarities have been also defined to fully describe the structure underlining the Type II workplace aggression phenomenon. The proposed qualitative model shows how the Type II workplace aggression is related with burnout, work performance, job satisfaction, turnover intentions, work motivation and emotional dissonance. Finally, strategies and policies to reduce the strength of workplace aggression’s drivers are suggested.

Keywords: healthcare, system thinking, work motivation, workplace aggression

Procedia PDF Downloads 305

Authors: Ekin D. Horzum

Abstract:

The aim of the proposal is to examine the relationship between human trafficking related corruption and human security. The proposal suggests that the human trafficking related corruption is about willingness of the states to turn a blind eye to the human trafficking cases. Therefore, it is important to approach human trafficking related corruption in terms of human security and human rights violation to find an effective way to fight against human trafficking. In this context, the purpose of this proposal is to examine the human trafficking related corruption as a safe haven in which trafficking thrives for perpetrators.

Keywords: human trafficking, human security, human rights, corruption, organized crime

Procedia PDF Downloads 476

Authors: Mojtaba Fayaz, Richard Hallal

Abstract:

This study examines the various types of dangers that our virtual environment is vulnerable to, including how it can be attacked and how to avoid/secure our data. The terrain of cyberspace is never completely safe, and Covid- 19 has added to the confusion, necessitating daily periodic checks and evaluations. Cybercriminals have been able to enact with greater skill and undertake more conspicuous and sophisticated attacks while keeping a higher level of finesse by operating from home. Different types of cyberattacks, such as operation-based attacks, authentication-based attacks, and software-based attacks, are constantly evolving, but research suggests that software-based threats, such as Ransomware, are becoming more popular, with attacks expected to increase by 93 percent by 2020. The effectiveness of cyber frameworks has shifted dramatically as the pandemic has forced work and private life to become intertwined, destabilising security overall and creating a new front of cyber protection for security analysis and personal. The high-rise formats in which cybercrimes are carried out, as well as the types of cybercrimes that exist, such as phishing, identity theft, malware, and DDoS attacks, have created a new front of cyber protection for security analysis and personal safety. The overall strategy for 2022 will be the introduction of frameworks that address many of the issues associated with offsite working, as well as education that provides better information about commercialised software that does not provide the highest level of security for home users, allowing businesses to plan better security around their systems.

Keywords: cyber security, authentication, software, hardware, malware, COVID-19, threat actors, awareness, home users, confidentiality, integrity, availability, attacks

Procedia PDF Downloads 117

Authors: Ebtesam Shadadi, Rasha Ibrahim, Essam Ghadafi

Abstract:

Phishing poses a significant threat as a cybercrime by tricking end users into revealing their confidential and sensitive information. Attackers often manipulate victims to achieve their malicious goals. The increasing prevalence of Phishing has led to extensive research on this issue, including studies focusing on phishing attempts in healthcare institutions in the Kingdom of Saudi Arabia. This paper explores the importance of analyzing phishing attacks, specifically focusing on those targeting the healthcare industry. The study delves into the tactics, obstacles, and remedies associated with these attacks, all while considering the implications for Saudi Vision 2030.

Keywords: phishing, cybersecurity, cyber threat, social engineering, vision 2030

Procedia PDF Downloads 65

Authors: Kun Li, Yuzheng Liu, Xiuqi Fan

Abstract:

High-security standard and high efficiency of screening seem to be contradictory to each other in the airport security check process. Improving the efficiency as far as possible while maintaining the same security standard is significantly meaningful. This paper utilizes the knowledge of Operation Research and Stochastic Process to establish mathematical models to explore this problem. We analyze the current process of airport security check and use the M/G/1 and M/G/k models in queuing theory to describe the process. Then we find the least efficient part is the pre-check lane, the bottleneck of the queuing system. To improve passenger throughput and reduce the variance of passengers’ waiting time, we adjust our models and use Monte Carlo method, then put forward three modifications: adjust the ratio of Pre-Check lane to regular lane flexibly, determine the optimal number of security check screening lines based on cost analysis and adjust the distribution of arrival and service time based on Monte Carlo simulation results. We also analyze the impact of cultural differences as the sensitivity analysis. Finally, we give the recommendations for the current process of airport security check process.

Keywords: queue theory, security check, stochatic process, Monte Carlo simulation

Procedia PDF Downloads 200

Authors: Umesh Kumar Singh, Chanchala Joshi

Abstract:

With increasing dependency on IT infrastructure, the main objective of a system administrator is to maintain a stable and secure network, with ensuring that the network is robust enough against malicious network users like attackers and intruders. Security risk management provides a way to manage the growing threats to infrastructures or system. This paper proposes a framework for risk level estimation which uses vulnerability database National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). The proposed framework measures the frequency of vulnerability exploitation; converges this measured frequency with standard CVSS score and estimates the security risk level which helps in automated and reasonable security management. In this paper equation for the Temporal score calculation with respect to availability of remediation plan is derived and further, frequency of exploitation is calculated with determined temporal score. The frequency of exploitation along with CVSS score is used to calculate the security risk level of the system. The proposed framework uses the CVSS vectors for risk level estimation and measures the security level of specific network environment, which assists system administrator for assessment of security risks and making decision related to mitigation of security risks.

Keywords: CVSS score, risk level, security measurement, vulnerability category

Procedia PDF Downloads 322

Authors: Anass Rahouti, Guillaume Salze, Ruggiero Lovreglio, Sélim Datoussaïd

Abstract:

In healthcare facilities, training the staff for firefighting and evacuation in real buildings is very challenging due to the presence of a vulnerable population in such an environment. In a standard environment, traditional approaches, such as fire drills, are often used to train the occupants and provide them with information about fire safety procedures. However, those traditional approaches may be inappropriate for a vulnerable population and can be inefficient from an educational viewpoint as it is impossible to expose the occupants to scenarios similar to a real emergency. Immersive serious games could be used as an alternative to traditional approaches to overcome their limitations. Serious games are already being used in different safety domains such as fires, earthquakes and terror attacks for several building types (e.g., office buildings, train stations, tunnels, etc.). In this study, we developed an immersive serious game to improve the fire safety skills of staff in healthcare facilities. An accurate representation of the healthcare environment was built in Unity3D by including visual and audio stimuli inspired from those employed in commercial action games. The serious game is organised in three levels. In each of them, the trainee is presented with a specific fire emergency and s/he can perform protective actions (e.g., firefighting, helping non-ambulant occupants, etc.) or s/he can ignore the opportunity for action and continue the evacuation. In this paper, we describe all the steps required to develop such a prototype, as well as the key questions that need to be answered, to develop a serious game for firefighting and evacuation in healthcare facilities.

Keywords: fire safety, healthcare, serious game, training

Procedia PDF Downloads 454

Authors: Heather Clark, Jon Kelly

Abstract:

Burnout among healthcare professionals has been elevated to a high level of concern. The descriptions of the healthcare workplace often include language such as, stressful, long hours, rotating shifts, weekends and holidays, and exhausting. New graduate healthcare professionals are being sent into the workplace with little to no coping skills, knowledge of signs and symptoms of burnout, or resources that are available. The authors of this study created a university course entitled 'coping in your profession' that enrolled registered nurses, licensed practical nurses, EMTs, nurse assistants, and medical assistants. The course addresses burnout, self-analysis, incivility, coping mechanisms, and organizational responsibilities for employee well-being. The students were surveyed using QualtricsXM that included a pre-course and post-course analysis. Pre-course results showed high levels of individual experiences with burnout and limited knowledge of resources to combat burnout. Post-course results included personal growth and that students’ perception of burnout can be prevented at both the individual and the organization levels. Students also indicated that few to no resources to combat burnout existed at their place of employment. Addressing burnout at the educational level helps prepare graduates with the knowledge and tools to combat burnout at the individual and organization level.

Keywords: burnout, coping, healthcare workers, incivility, resilience

Procedia PDF Downloads 136

Authors: Natalia Kalinowska

Abstract:

The adoption of the General Data Protection Regulation, (GDPR) finished the four-year work of the European Commission in this area in the European Union. Considering far-reaching changes, which will be applied by GDPR, the European legislator envisaged two-year transitional period. Member states and companies have to prepare for a new regulation until 25 of May 2018. The idea, which becomes a new look at an attitude to data protection in the European Union is risk-based approach. So far, as a result of implementation of Directive 95/46/WE, in many European countries (including Poland) there have been adopted very particular regulations, specifying technical and organisational security measures e.g. Polish implementing rules indicate even how long password should be. According to the new approach from May 2018, controllers and processors will be obliged to apply security measures adequate to level of risk associated with specific data processing. The risk in GDPR should be interpreted as the likelihood of a breach of the rights and freedoms of the data subject. According to Recital 76, the likelihood and severity of the risk to the rights and freedoms of the data subject should be determined by reference to the nature, scope, context and purposes of the processing. GDPR does not indicate security measures which should be applied – in recitals there are only examples such as anonymization or encryption. It depends on a controller’s decision what type of security measures controller considered as sufficient and he will be responsible if these measures are not sufficient or if his identification of risk level is incorrect. Data protection regulation indicates few levels of risk. Recital 76 indicates risk and high risk, but some lawyers think, that there is one more category – low risk/now risk. Low risk/now risk data processing is a situation when it is unlikely to result in a risk to the rights and freedoms of natural persons. GDPR mentions types of data processing when a controller does not have to evaluate level of risk because it has been classified as „high risk” processing e.g. processing on a large scale of special categories of data, processing with using new technologies. The methodology will include analysis of legal regulations e.g. GDPR, the Polish Act on the Protection of personal data. Moreover: ICO Guidelines and articles concerning risk based approach in GDPR. The main conclusion is that an appropriate risk assessment is a key to keeping data safe and avoiding financial penalties. On the one hand, this approach seems to be more equitable, not only for controllers or processors but also for data subjects, but on the other hand, it increases controllers’ uncertainties in the assessment which could have a direct impact on incorrect data protection and potential responsibility for infringement of regulation.

Keywords: general data protection regulation, personal data protection, privacy protection, risk based approach

Procedia PDF Downloads 252

Authors: Amjad Nusayr

Abstract:

Software security is a general term used to any type of software architecture or model in which security aspects are incorporated in this architecture. These aspects are not part of the main logic of the underlying program. Software security can be achieved using a combination of approaches, including but not limited to secure software designs, third part component validation, and secure coding practices. Memory safety is one feature in software security where we ensure that any object in memory has a valid pointer or a reference with a valid type. Aspect-Oriented Programming (AOP) is a paradigm that is concerned with capturing the cross-cutting concerns in code development. AOP is generally used for common cross-cutting concerns like logging and DB transaction managing. In this paper, we introduce the concepts that enable AOP to be used for the purpose of memory and type safety. We also present ideas for extending AOP in software security practices.

Keywords: aspect oriented programming, programming languages, software security, memory and type safety

Procedia PDF Downloads 128

Authors: Galih Imaduddin

Abstract:

Knowledge has been viewed as one of the most important resources in organizations, including those that operate in the healthcare sector. On that basis, Knowledge Management (KM) is crucial for healthcare organizations to improve their productivity and ensure effective utilization of their resources. Despite the growing interests to understand how KM might work for healthcare organizations, there is only a modest amount of empirical inquiries which have specifically focused on the tools and initiatives to share knowledge. Hence, the main purpose of this paper is to investigate the way healthcare organizations, particularly public sector ones, utilize knowledge sharing tools and initiatives for the benefit of patient-care. Employing a qualitative method, 13 (thirteen) Community Health Centers (CHCs) from a high-performing district health setting in Indonesia were observed. Data collection and analysis involved a repetition of document retrievals and interviews (n=41) with multidisciplinary health professionals who work in these CHCs. A single case study was cultivated reflecting on the means that were used to share knowledge, along with the factors that inhibited the exchange of knowledge among those health professionals. The study discovers that all of the thirteen CHCs exhibited and applied knowledge sharing means which included knowledge documents, virtual communication channels (i.e. emails and chatting applications), and social learning forums such as staff meetings, morning briefings, and communities of practices. However, the intensity of utilization was different among these CHCs, in which organizational culture, leadership, professional boundaries, and employees’ technological aptitude were presumed to be the factors that inhibit knowledge sharing processes. Making a distance with the KM literature of other sectors, this study denounces the primacy of technology-based tools, suggesting that socially-based initiatives could be more reliable for sharing knowledge. This suggestion is largely due to the nature of healthcare work which is still predominantly based on the tacit form of knowledge.

Keywords: knowledge management, knowledge sharing, knowledge sharing tools and initiatives, knowledge sharing inhibitors, primary health care organizations

Procedia PDF Downloads 244

Authors: Shehu S. Janguza

Abstract:

The need for national security cannot be over Emphasis, which should be pursued by any means. Thus the need for effective management of education through effective school community Relationship/participation. In preparing and implementing only effort to promote community involvement in manning Education, it is importance to understand the whole picture of community participation, how it works, what forms are used, what benefit it can yield and what we should expect in the process of carrying out the efforts finally emphasis will be made on how effective school community relationship/participation and lead to national security.

Keywords: community participation, managing, school community, national security

Procedia PDF Downloads 596

Authors: Laura Niño Cáceres, Daisy Yoo, Caroline Hummels

Abstract:

COVID-19 accelerated digital healthcare technology usage in many countries, such as Colombia, whose digital healthcare vision and projects are proof of this. However, with a significant cultural indigenous and Afro-Colombian heritage, only some parts of the country are willing to follow the proposed digital Western approach to health. Our paper presents the national healthcare system’s digital narrative, which we contrast with the micro-narrative of an Afro-Colombian ethnomedicine unit in Bogota called Kilombo Yumma. This ethnomedical unit is building its mobile app to safeguard and represent its ancestral medicine practices in local and national healthcare information systems. Kilombo Yumma is keen on promoting their beliefs and practices, which have been passed on through oral traditions and currently exist in the hands of a few older women. We unraveled their ambition, core beliefs, and practices through asset-based design. These assets outlined pluriversal and decolonizing forms of digital healthcare to increase social justice and connect Western and ancestral medicine digital opportunities through HCI.

Keywords: asset-based design, mobile app, decolonizing HCI, Afro-Colombian ancestral medicine

Procedia PDF Downloads 80

Authors: Qing Wu, Xuchun Ye, Qiuchen Wang, Kirsten Corazzini

Abstract:

Objective: It’s increasing acknowledged that patient engagement in healthcare and health literacy both have positive impact on patient outcome. Health literacy emphasizes the ability of individuals to understand and apply health information and manage health. Patients' health literacy affected their willingness to participate in decision-making, but its impact on the behavior and willingness of patient engagement in healthcare is not clear, especially in China. Therefore, this study aimed to explore the correlation between the behavior and willingness of patient engagement and health literacy. Methods: A cross-sectional survey was employed using the behavior and willingness of patient engagement in healthcare questionnaire, Chinese version All Aspects of Health Literacy Scale (AAHLS). A convenient sample of 443 patients was recruited from 8 general hospitals in Shanghai, Jiangsu Province and Zhejiang Province, from September 2016 to January 2017. Results: The mean score for the willingness was (4.41±0.45), and the mean score for the patient engagement behavior was (4.17±0.49); the mean score for the patient's health literacy was (2.36±0.29)，the average score of its three dimensions- the functional literacy, the Communicative/interactive literacy and the Critical literacy, was (2.26±0.38), (2.28±0.42), and (2.61±0.43), respectively. Patients' health literacy was positively correlated with their willingness of engagement (r = 0.367, P < 0.01), and positively correlated with patient engagement behavior (r = 0.357, P < 0.01). All dimensions of health literacy were positively correlated with the behavior and willingness of patient engagement in healthcare; the dimension of Communicative/interactive literacy (r = 0.312, P < 0.01; r = 0.357, P < 0.01) and the Critical literacy (r = 0.357, P < 0.01; r = 0.357, P < 0.01) are more relevant to the behavior and willingness than the dimension of basic/functional literacy (r=0.150, P < 0.01; r = 0.150, P < 0.01). Conclusions: The behavior and willingness of patient engagement in healthcare are positively correlated with health literacy and its dimensions. In clinical work, medical staff should pay attention to patients’ health literacy, especially the situation that low literacy leads to low participation and provide health information to patients through health education or communication to improve their health literacy as well as guide them to actively and rationally participate in their own health care.

Keywords: patient engagement, health literacy, healthcare, correlation

Procedia PDF Downloads 167

Authors: Rose Mwanza

Abstract:

This paper investigates security factors influencing primary school pupils’ school participation in Kenya. Schools, communities and the Government all have roles to play in enhancing primary school pupil’s school participation. The effective security system of a country provides the necessary avenues to facilitate improved health services protection of children and allows free movement of the country’s citizens which leads to a conducive atmosphere for school participation. Kenya is a signatory to international commitments and conventions related to security such as the National Policy on Peace Building and Conflict Management, United Nations Development Assistance Framework and Key Security Unity, which enable primary school pupils to participate in education. The paper also looks at the strategies the Government of Kenya has put in place to ensure effective pupil school participation.

Keywords: ethnicity, social media, participation in school, poverty, terrorism

Procedia PDF Downloads 61

Authors: Antwi Kwaku Dei, Lyford Conrad Power

Abstract:

This paper investigates the outcome of participating in the government of Ghana block farm program on rural households’ farm productivity, income, food security and nutritional status in Northern Ghana using cross-sectional data. Data analysis was done using the Instrumental Variable and the Heckman Selection Bias procedures. Our analysis indicates that participation in the block farm program significantly increased directly the productivity of maize, rice, and soybean by 21.3 percent, 15.8 percent, and 12.3 percent respectively. Also, the program participation was found to increase households’ farm income by 20 percent in northern Ghana. Furthermore, program participation was found to improve household food security and nutrition by 19 percent and 14 percent respectively through income effect. Based on the benefit-cost ratio of 1.59 the results from the study recommends that the program is expanded to other communities in the northern region. Further analysis indicates that rural households’ decision to participate in food security intervention programs is significantly influenced by factors including the gender of the household head, the age of the household head, and household size. Results of the study further show that gender of household head, household size, household monthly income, household assets, women educational status, the age of women, marital status of women, are significant determinants of food security and nutrition status in Northern Ghana.

Keywords: block farm program, farm productivity, , household food security, Northern Ghana

Procedia PDF Downloads 281

Authors: Kim Lytle, Tim Talty, Alan Michaels, Jeff Reed

Abstract:

Implantable medical devices (IMDs) are medically necessary devices embedded in the human body that monitor chronic disorders or automatically deliver therapies. Most IMDs have wireless capabilities that allow them to share data with an offboard programming device to help medical providers monitor the patient’s health while giving the patient more insight into their condition. However, serious security concerns have arisen as researchers demonstrated these devices could be hacked to obtain sensitive information or harm the patient. Cooperative jamming can be used to prevent privileged information leaks by maintaining an adequate signal-to-noise ratio at the intended receiver while minimizing signal power elsewhere. This paper uses ray tracing to demonstrate how a low number of friendly nodes abiding by Bluetooth Low Energy (BLE) transmission regulations can enhance IMD communication security in an office environment, which in turn may inform how companies and individuals can protect their proprietary and personal information.

Keywords: implantable biomedical devices, communication system security, array signal processing, ray tracing

Procedia PDF Downloads 114

Authors: Ralph Adaimy, Wassim El-Hajj, Ghassen Ben Brahim, Hazem Hajj, Haidar Safa

Abstract:

Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company’s financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data’s confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.

Keywords: web applications security, secure information flow, program dependence graph, database annotation

Procedia PDF Downloads 471

Authors: T. Arudchelvam, W. W. E. N. Fernando

Abstract:

Mobile phone has become as an essential thing in our life. Therefore, security is the most important thing to be considered in mobile communication. Short message service is the cheapest way of communication via the mobile phones. Therefore, security is very important in the short message service as well. This paper presents a method to maintain the security at user level. Different types of encryption methods are used to implement the user level security in mobile phones. Caesar cipher, Rail Fence, Vigenere cipher and RSA are used as encryption methods in this work. Caesar cipher and the Rail Fence methods are enhanced and implemented. The beauty in this work is that the user can select the encryption method and the key. Therefore, by changing the encryption method and the key time to time, the user can ensure the security of messages. By this work, while users can safely send/receive messages, they can save their information from unauthorised and unwanted people in their own mobile phone as well.

Keywords: SMS, user level security, encryption, decryption, short message service, mobile communication

Procedia PDF Downloads 397