• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

评估移动医疗的访问控制风险:一项德尔菲研究,用于对健康数据的安全性进行分类,并为移动应用提供风险评估。

Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps.

机构信息

CINTESIS-Center for Health Technologies and Services Research, Faculty of Medicine, University of Porto, Porto, Portugal.

Department of Computer Science, Universidade da Beira Interior and Instituto de Telecomunicações, Covilhã, Portugal.

出版信息

J Healthc Eng. 2020 Jan 17;2020:5601068. doi: 10.1155/2020/5601068. eCollection 2020.

DOI:10.1155/2020/5601068
PMID:32015795
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC6988678/
Abstract

BACKGROUND

Smartphones can tackle healthcare stakeholders' diverse needs. Nonetheless, the risk of data disclosure/breach can be higher when using such devices, due to the lack of adequate security and the fact that a medical record has a significant higher financial value when compared with other records. Means to assess those risks are required for every mHealth application interaction, dependent and independent of its goals/content.

OBJECTIVE

To present a risk assessment feature integration into the SoTRAACE (Socio-Technical Risk-Adaptable Access Control) model, as well as the operationalization of the related mobile health decision policies.

METHODS

Since there is still a lack of a definition for health data security categorization, a Delphi study with security experts was performed for this purpose, to reflect the knowledge of security experts and to be closer to real-life situations and their associated risks.

RESULTS

The Delphi study allowed a consensus to be reached on eleven risk factors of information security related to mobile applications that can easily be adapted into the described SoTRAACE prototype. Within those risk factors, the most significant five, as assessed by the experts, and in descending order of risk level, are as follows: (1) security in the communication (e.g., used security protocols), (2) behavioural differences (e.g., different or outlier patterns of behaviour detected for a user), (3) type of wireless connection and respective encryption, (4) resource sensitivity, and (5) device threat level (e.g., known vulnerabilities associated to a device or its operating system).

CONCLUSIONS

Building adaptable, risk-aware resilient access control models into the most generalized technology used nowadays (e.g., smartphones) is crucial to fulfil both the goals of users as well as security and privacy requirements for healthcare data.

摘要

背景

智能手机可以满足医疗保健利益相关者的多样化需求。然而,由于缺乏足够的安全性,并且与其他记录相比,医疗记录具有更高的财务价值,因此在使用此类设备时,数据泄露/被破坏的风险可能更高。需要为每个移动健康应用程序交互评估这些风险,无论其目标/内容如何。

目的

将风险评估功能集成到 SoTRAACE(社会技术风险自适应访问控制)模型中,并实现相关移动健康决策策略的实施。

方法

由于健康数据安全分类仍然缺乏定义,因此为此目的进行了安全专家的 Delphi 研究,以反映安全专家的知识,并更接近现实生活情况及其相关风险。

结果

Delphi 研究达成了共识,即确定了与移动应用程序相关的十一个信息安全风险因素,这些因素可以轻松地适应所描述的 SoTRAACE 原型。在这些风险因素中,专家评估的五个最重要的风险因素,按风险级别降序排列如下:(1)通信安全(例如,使用的安全协议),(2)行为差异(例如,检测到用户的不同或异常行为模式),(3)无线连接类型及其加密方式,(4)资源敏感性,以及(5)设备威胁级别(例如,与设备或其操作系统相关的已知漏洞)。

结论

将自适应、风险感知的弹性访问控制模型构建到当今使用的最通用的技术(例如智能手机)中,对于满足用户的目标以及医疗保健数据的安全和隐私要求至关重要。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/bc18bdd1638d/JHE2020-5601068.010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/98a54f1e7c90/JHE2020-5601068.001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/eafe44b44aea/JHE2020-5601068.002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/debdfe352c5e/JHE2020-5601068.003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/7d73aed74d76/JHE2020-5601068.004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/cdcf7d50efc5/JHE2020-5601068.005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/cd195da23c40/JHE2020-5601068.006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/459de710b891/JHE2020-5601068.007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/c3d0cd4c6f95/JHE2020-5601068.008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/3284b5e247a7/JHE2020-5601068.009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/bc18bdd1638d/JHE2020-5601068.010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/98a54f1e7c90/JHE2020-5601068.001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/eafe44b44aea/JHE2020-5601068.002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/debdfe352c5e/JHE2020-5601068.003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/7d73aed74d76/JHE2020-5601068.004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/cdcf7d50efc5/JHE2020-5601068.005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/cd195da23c40/JHE2020-5601068.006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/459de710b891/JHE2020-5601068.007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/c3d0cd4c6f95/JHE2020-5601068.008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/3284b5e247a7/JHE2020-5601068.009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c03f/6988678/bc18bdd1638d/JHE2020-5601068.010.jpg

相似文献

1
Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps.评估移动医疗的访问控制风险:一项德尔菲研究,用于对健康数据的安全性进行分类,并为移动应用提供风险评估。
J Healthc Eng. 2020 Jan 17;2020:5601068. doi: 10.1155/2020/5601068. eCollection 2020.
2
Patients and Stakeholders' Perspectives Regarding the Privacy, Security, and Confidentiality of Data Collected via Mobile Health Apps in Saudi Arabia: Protocol for a Mixed Method Study.患者和利益相关者对沙特阿拉伯通过移动健康应用程序收集的数据的隐私、安全和保密性的看法:一项混合方法研究的方案。
JMIR Res Protoc. 2024 May 22;13:e54933. doi: 10.2196/54933.
3
A data encryption solution for mobile health apps in cooperation environments.合作环境下移动健康应用的数据加密解决方案。
J Med Internet Res. 2013 Apr 25;15(4):e66. doi: 10.2196/jmir.2498.
4
Critical Criteria and Countermeasures for Mobile Health Developers to Ensure Mobile Health Privacy and Security: Mixed Methods Study.移动健康开发者确保移动健康隐私和安全的关键标准和对策:混合方法研究。
JMIR Mhealth Uhealth. 2023 Mar 2;11:e39055. doi: 10.2196/39055.
5
Sensor-Based mHealth Authentication for Real-Time Remote Healthcare Monitoring System: A Multilayer Systematic Review.基于传感器的移动健康认证在实时远程医疗监测系统中的应用:一项多层次系统综述。
J Med Syst. 2019 Jan 6;43(2):33. doi: 10.1007/s10916-018-1149-5.
6
Privacy, Data Sharing, and Data Security Policies of Women's mHealth Apps: Scoping Review and Content Analysis.女性移动健康应用程序的隐私、数据共享和数据安全政策:范围综述和内容分析。
JMIR Mhealth Uhealth. 2022 May 6;10(5):e33735. doi: 10.2196/33735.
7
Analysis of Security Protocols for Mobile Healthcare.移动医疗安全协议分析
J Med Syst. 2016 Nov;40(11):229. doi: 10.1007/s10916-016-0596-0. Epub 2016 Sep 17.
8
Barriers to and Facilitators of the Use of Mobile Health Apps From a Security Perspective: Mixed-Methods Study.从安全角度看移动健康应用的使用障碍和促进因素:混合方法研究。
JMIR Mhealth Uhealth. 2019 Apr 16;7(4):e11223. doi: 10.2196/11223.
9
Server-Focused Security Assessment of Mobile Health Apps for Popular Mobile Platforms.针对流行移动平台的移动健康应用程序的服务器端安全评估
J Med Internet Res. 2019 Jan 23;21(1):e9818. doi: 10.2196/jmir.9818.
10
Security Issues for Mobile Medical Imaging: A Primer.移动医学成像的安全问题:入门指南。
Radiographics. 2015 Oct;35(6):1814-24. doi: 10.1148/rg.2015140039.

引用本文的文献

1
The World Health Organization Collaborating Center for Emergency and Trauma (WHO-CCET) in South East Asia, The World Academic Council of Emergency Medicine (WACEM), and The American College of Academic International Medicine (ACAIM) 2021 Framework for using Telemedicine Technology at Healthcare Institutions.世界卫生组织东南亚紧急与创伤合作中心(WHO-CCET)、世界急诊医学学术理事会(WACEM)和美国学术国际医学学院(ACAIM)2021年医疗机构使用远程医疗技术框架。
J Emerg Trauma Shock. 2021 Jul-Sep;14(3):173-179. doi: 10.4103/jets.jets_105_21. Epub 2021 Sep 30.

本文引用的文献

1
mHealth App for Risk Assessment of Pigmented and Nonpigmented Skin Lesions-A Study on Sensitivity and Specificity in Detecting Malignancy.移动医疗应用程序用于评估色素性和非色素性皮肤病变的风险——一项关于检测恶性肿瘤的敏感性和特异性的研究。
Telemed J E Health. 2017 Dec;23(12):948-954. doi: 10.1089/tmj.2016.0259. Epub 2017 May 31.
2
The use of a smartphone application for fast lung cancer risk assessment†.使用智能手机应用程序进行快速肺癌风险评估†
Eur J Cardiothorac Surg. 2017 Jun 1;51(6):1171-1176. doi: 10.1093/ejcts/ezw444.
3
Validation of a Melanoma Risk Assessment Smartphone Application.
一款黑色素瘤风险评估智能手机应用程序的验证
Dermatol Surg. 2017 Feb;43(2):299-302. doi: 10.1097/DSS.0000000000000916.
4
Cybersecurity in healthcare: A systematic review of modern threats and trends.医疗保健领域的网络安全:对现代威胁与趋势的系统综述
Technol Health Care. 2017;25(1):1-10. doi: 10.3233/THC-161263.
5
Privacy and Security in Mobile Health (mHealth) Research.移动健康(mHealth)研究中的隐私与安全
Alcohol Res. 2014;36(1):143-52.
6
mHealth and mobile medical Apps: a framework to assess risk and promote safer use.移动健康与移动医疗应用程序:评估风险并促进安全使用的框架
J Med Internet Res. 2014 Sep 15;16(9):e210. doi: 10.2196/jmir.3133.
7
Radiology smartphone applications; current provision and cautions.放射科智能手机应用程序;当前的提供情况和注意事项。
Insights Imaging. 2013 Oct;4(5):555-62. doi: 10.1007/s13244-013-0274-4. Epub 2013 Aug 4.
8
Mobile devices: technology aid--security risk.移动设备:技术助力——安全风险。
Geriatr Nurs. 2013 Mar-Apr;34(2):149-50. doi: 10.1016/j.gerinurse.2013.02.005. Epub 2013 Mar 7.
9
Why mobile health app overload drives us crazy, and how to restore the sanity.为什么移动健康应用程序过载会让我们发疯,以及如何恢复理智。
BMC Med Inform Decis Mak. 2013 Feb 11;13:23. doi: 10.1186/1472-6947-13-23.
10
Skin scan: a demonstration of the need for FDA regulation of medical apps on iPhone.皮肤扫描:证明美国食品药品监督管理局(FDA)对iPhone上医疗应用程序进行监管的必要性。
J Am Acad Dermatol. 2013 Mar;68(3):515-6. doi: 10.1016/j.jaad.2012.10.045.