• 한국컴퓨터정보학회논문지
• /
• 제24권9호
• /
• pp.43-49
• /
• 2019

Today, with the development of the internet of things, wearable devices related to personal health care have become widespread. Various global information and communication technology companies are developing various wearable health devices, which can collect personal health information such as heart rate, steps, and calories, using sensors built into the device. However, since individual health data includes sensitive information, the collection of irrelevant health data can lead to personal privacy issue. Therefore, there is a growing need to develop technology for collecting sensitive health data from wearable health devices, while preserving privacy. In recent years, local differential privacy (LDP), which enables sensitive data collection while preserving privacy, has attracted much attention. In this paper, we develop a technology for collecting vast amount of health data from a smartwatch device, which is one of popular wearable health devices, using local difference privacy. Experiment results with real data show that the proposed method is able to effectively collect sensitive health data from smartwatch users, while preserving privacy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권8호
• /
• pp.3852-3864
• /
• 2016

Patients' health data is very sensitive and the access to individual's health data should be strictly restricted. However, many data consumers may need to use the aggregated health data. For example, the insurance companies needs to use this data to setup the premium level for health insurances. Therefore, privacy-preserving data aggregation solutions for health data have both theoretical importance and application potentials. In this paper, we propose a privacy-preserving health data aggregation scheme using differential privacy. In our scheme, patients' health data are aggregated by the local healthcare center before it is used by data comsumers, and this prevents individual's data from being leaked. Moreover, compared with the existing schemes in the literature, our work enjoys two additional benefits: 1) it not only resists many well known attacks in the open wireless networks, but also achieves the resilience against the human-factor-aware differential aggregation attack; 2) no trusted third party is employed in our proposed scheme, hence it achieves the robustness property and it does not suffer the single point failure problem.

• International Journal of Computer Science & Network Security
• /
• 제24권6호
• /
• pp.153-160
• /
• 2024

Information technology plays an important role in healthcare. The cloud has several applications in the fields of education, social media and medicine. But the advantage of the cloud for medical reasons is very appropriate, especially given the large volume of data generated by healthcare organizations. As in increasingly health organizations adopting towards electronic health records in the cloud which can be accessed around the world for various health issues regarding references, healthcare educational research and etc. Cloud computing has many advantages, such as "flexibility, cost and energy savings, resource sharing and rapid deployment". However, despite the significant benefits of using the cloud computing for health IT, data security, privacy, reliability, integration and portability are some of the main challenges and obstacles for its implementation. Health data are highly confidential records that should not be made available to unauthorized persons to protect the security of patient information. In this paper, we discuss the privacy and security requirement of EHS as well as privacy and security issues of EHS and also focus on a comprehensive review of the current and existing literature on Electronic health that uses a variety of approaches and procedures to handle security and privacy issues. The strengths and weaknesses of some of these methods were mentioned. The significance of security issues in the cloud computing environment is a challenge.

• 여성건강간호학회지
• /
• 제18권4호
• /
• pp.268-278
• /
• 2012

Purpose: This study aims to determine obstetric and gynecologic (OBGY) nurses' perception and performance propecting patients' privacy, and to contribute to develop educational program and improve the quality of nursing care. Methods: 206 OBGY nurses in 6 hospitals using an electronic medical record or an order communicating system were chosen by convenience sampling and agreed to participate in the study. The questionnaire, explored 4 domains of privacy: direct nursing, linked business, patient information management, communication with relatives. Results: Perception and performance of protecting patient privacy averaged 4.29 (of 5) and 3.55 (of 5), respectively. Most nurses (94.2%) recognized the importance of protecting patient privacy, 80.1% received patient privacy education. There was a distinct difference between the perception and performance of protecting patient privacy of nurses. Performance of protecting patient privacy had a positive correlation with perception. Conclusion: Proper performance of protecting privacy protection requires improving perception of each nurse on the patient privacy, and various efforts should be made to minimize the affect from external factors such as hospital environment. It is needed to educate nurses for patient privacy. It is also needed for medical organizations to improve their policies and facilities to ease the performance for privacy protection.

• 한국임상보건과학회지
• /
• 제2권1호
• /
• pp.25-34
• /
• 2014

Purpose. The checked of perception for the protection of personal medical information of EMT student and Nursing student. Methods. Nursing students and EMT students 200 questionnaires were collected and Frequency analysis, Chi-square test, one-way ANOVA was performed for using the Windows SPSS(ver. 12.0). Results. Most of the subjects were aware of the protection law of personal information and Infringement of the privacy of personal information will be exposed. also, Education is needed privacy(EMT students $3.84{\pm}0.96$, Nursing students $3.73{\pm}0.99$). EMT($3.99{\pm}1.00$) and Nursing($4.07{\pm}0.94$)students due to exposure to both the patient's personal information privacy was violated would get recognized. Exposure to the computerization of information privacy will be exploited in other agencies(EMT students $3.78{\pm}0.88$, Nursing students $3.95{\pm}0.94$) was called. Conclusions. For the protection of personal health information, education needs to be expanded.

• 의료법학
• /
• 제11권1호
• /
• pp.117-143
• /
• 2010

Along with the development of digital technologies, the information obtained during the medical procedures was working as a source of valuable assets. Especially, the secondary use of personal health information gives the ordeal to privacy protection problems. In korea, the usage of personal medical information is basically regulated by the several laws in view of general and administrative Act like Medicine Act, Public institutions' personal information protection Act, Information-Network Act etc. There is no specific health information protection Act. Health information exchange program for the blood donor referral related with teratogenic drugs and contagious disease and medical treatment reporting system for income tax convenience are the two examples of recently occurred secondary use of health information in Korea. Basically the secondary use of protected health information is depend on the risk-benefit analysis. But to accomplish the minimal invasion to privacy, we need to consider collection limitation principle first. If the expected results were attained with alternative method which is less privacy invasive, we could consider the present method is unconstitutional due to the violation of proportionality rule.

• 한국컴퓨터정보학회논문지
• /
• 제25권4호
• /
• pp.113-121
• /
• 2020

센서 기술의 발전과 스마트 워치, 스마트 밴드와 같은 웨어러블 기기의 보편화로 개인의 건강데이터를 실시간으로 수집하는 일이 가능해졌다. 웨어러블 기기에서 파생된 걸음 수, 심박 수와 같은 건강 데이터들은 모바일 환경의 위치, 날씨 데이터 등의 외부 데이터와 결합하여, 개인의 라이프 스타일 및 건강 상태를 분석하는 방식으로 활용되고 있다. 이처럼 웨어러블 기기에서 파생된 건강 데이터는 편리하고 유용한 기능을 제공하지만 개인의 생활과 밀접한 연관이 있기 때문에 외부에 노출될 경우 심각한 프라이버시 침해 문제가 발생한다. 이에 본 연구는 지역차분프라이버시와 특징점 추출 알고리즘을 사용하여, 웨어러블 기기에서 추출한 건강 데이터를 데이터 소유자의 프라이버시 침해 없이 데이터 수집가에게 전송할 수 있는 기법을 소개한다. 지역차분프라이버시를 통해 데이터 소유자의 프라이버시를 보호하였으며 특징점 알고리즘으로 프라이버시 보호 수준과 데이터 유용성간의 상충 관계를 조절하였다. 실험 결과는 제안하는 기법이 단순 방법에 비해 최대 77% 정도의 오차율 개선이 있음을 보여준다. 수집된 데이터는 데이터 사용자의 요구에 따라 헬스 케어 및 맞춤형 서비스 산업에서 유의미하게 활용될 수 있다.

• 보건의료산업학회지
• /
• 제9권2호
• /
• pp.23-32
• /
• 2015

In this paper, we evaluated web security vulnerability and privacy information management of hospital web sites which are registered at the Korea Hospital Association. Vulnerability Scanner (WVS) based on the OWASP Top 10 was used to evaluate the web security vulnerability of the web sites. And to evaluate the privacy information management, we used ten rules which were based on guidelines for protecting privacy information on web sites. From the results of the evaluation, we discovered tertiary hospitals had relatively excellent web security compared to other type of hospitals. But all the hospital types had not only high level vulnerabilities but also the other level of vulnerabilities. Additionally, 97% of the hospital web sites had a certain level of vulnerability, so a security inspection is needed to secure the web sites. We discovered a few SQL Injection and XSS vulnerabilities in the web sites of tertiary hospitals. However, these are very critical vulnerabilities, so all hospital types have to be inspected to protect their web sites against attacks from hacker. On the other hand, the inspection results of the tertiary hospitals for privacy information management had a better compliance rate than that of the other hospital types.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권7호
• /
• pp.3356-3374
• /
• 2018

The healthcare and fitness wearable-device market is considered as the driving force of the entire wearable device market. However, there are concerns with respect to information privacy because wearable devices constantly collect sensitive data such as individuals' health information. Thus, there is a need for a comprehensive understanding from the perspective of information privacy concerns and related behavior. This study investigates factors considered in the privacy calculus of wearable fitness devices, and verifies differences obtained by the privacy calculus process according to the frequency of exercise. The results obtained from a survey of 248 undergraduate students in Korea revealed that service providers should consider users' interests and exercise characteristics in order to mitigate their privacy concerns and encourage continuous use of wearable devices. This study provides useful insights pertaining to users of wearable fitness devices, and targets researchers and practitioners.

• 보건의료산업학회지
• /
• 제14권1호
• /
• pp.103-110
• /
• 2020

Objectives: In this paper, we propose the ethical education direction by analyzing the personal information recognition and practice of music therapists. Methods: For the analyses, we selected 60 music therapists who answered a questionnaire from members of K Music Therapy Association, and analyzed task recognition and practice ask performance using IPA method. Results: In the IPA table, the areas of high recognition and practice (1) are the areas of personal information protection information management. In the IPA table, the areas of low awareness and high practice (2) are areas of privacy communication for those who have completed ethics education. In the IPA table, the areas of low awareness and low practice (3) are areas of privacy communication when ethics education is not completed. In the IPA table, areas of high awareness and low levels of practice (4) are areas of privacy protection. Conclusions: Continuing education should be provided to improve the curriculum on the protection of personal information for music therapists, thereby raising the awareness and practice of privacy.