Ethical Issues in Health Information Privacy
-
Upload
nawanan-theera-ampornpunt -
Category
Healthcare
-
view
94 -
download
0
Transcript of Ethical Issues in Health Information Privacy
![Page 1: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/1.jpg)
1
Ethical Issues in Health Information PrivacyNawanan Theera-Ampornpunt
September 28, 2016
http://www.slideshare.net/nawanan
![Page 2: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/2.jpg)
2
2003 M.D. (First-Class Honors)
2011 Ph.D. (Health Informatics), Univ. of Minnesota
Lecturer, Department of Community Medicine
Faculty of Medicine Ramathibodi Hospital
Interests: Health IT, Social Media, Security & Privacy
SlideShare.net/Nawanan
Nawanan Theera-Ampornpunt
Line ID: NawananT
Introduction
![Page 3: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/3.jpg)
3
Outline
• Why Care about Security & Privacy?
• Security/Privacy of Patient’s Information
• Security Measures
• Privacy Measures
![Page 4: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/4.jpg)
4
Case Study #1: Privacy & Hoax
http://news.sanook.com/1262964/
![Page 5: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/5.jpg)
5
Privacy & Healthcare
http://usatoday30.usatoday.com/life/people/2007-10-10-clooney_N.htm
![Page 6: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/6.jpg)
6
Malware
Examples of Security Threats
![Page 7: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/7.jpg)
7
Case Study #2: Malware
![Page 8: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/8.jpg)
8
Security Threats in Thailand
https://www.thaicert.or.th/downloads/files/ThaiCERT_Annual_Report_th_2013.pdf
ThaiCERT (2013)
![Page 9: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/9.jpg)
9
Security Threats in Thailand
https://www.thaicert.or.th/downloads/files/ThaiCERT_Annual_Report_th_2013.pdf
ThaiCERT (2013)
![Page 10: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/10.jpg)
10
Security Threats & Thailand
(Top) http://deadline.com/2014/12/sony-hack-timeline-any-pascal-the-interview-north-korea-1201325501/
(Bottom) http://www.bloomberg.com/news/articles/2014-12-07/sony-s-darkseoul-breach-stretched-from-thai-hotel-
to-hollywood
![Page 11: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/11.jpg)
11
Confidentiality Integrity Availability
Objectives of Attacks: CIA Triad
![Page 12: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/12.jpg)
12
Impact
• Disclosure of confidential information
• Impacts on personal lives, health, mental state, financial status, reputation & employment
• Service disruption
• Organization’s public image
![Page 13: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/13.jpg)
13
Sources of Attacks
• Hackers
• Viruses & Malware
• Buggy Systems
• Insiders
• Behaviors of Unaware and Ignorant Users
• Disasters
![Page 14: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/14.jpg)
14
Case Study #3: Privacy
![Page 15: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/15.jpg)
15
Security/Privacy of Patient Information
![Page 16: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/16.jpg)
16
Security & Privacy
http://en.wikipedia.org/wiki/A._S._Bradford_House
![Page 17: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/17.jpg)
17
Case Study #4: Privacy
http://pantip.com/topic/35330409/
![Page 18: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/18.jpg)
18
Ethical Principles Related to Privacy
• Autonomy
• Beneficence
• Non-maleficence (“First, Do No Harm”)
![Page 19: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/19.jpg)
19
Hippocratic Oath...
What I may see or hear in the course of treatment or even outside of the treatment in regard to the life of men, which on no account one must spread abroad, I will keep myself holding such things shameful to be spoken about....
http://en.wikipedia.org/wiki/Hippocratic_Oath
![Page 20: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/20.jpg)
20
Thai Laws on Health Information Privacy
• National Health Act, B.E. 2550
• มาตรา 7 ข้อมูลด้านสุขภาพของบุคคล เป็นความลับส่วนบุคคล ผู้ใดจะน าไปเปิดเผยในประการที่น่าจะท าให้บุคคลนั้นเสียหายไม่ได้ เว้นแต่การเปิดเผยนั้นเป็นไปตามความประสงค์ของบุคคลนั้นโดยตรง หรือมีกฎหมายเฉพาะบัญญัติให้ต้องเปิดเผย แต่ไม่ว่าในกรณีใด ๆ ผู้ใดจะอาศัยอ านาจหรือสิทธิตามกฎหมายว่าด้วยข้อมูลข่าวสารของราชการหรือกฎหมายอื่นเพื่อขอเอกสารเกี่ยวกับข้อมูลด้านสุขภาพของบุคคลที่ไม่ใช่ของตนไม่ได้
![Page 21: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/21.jpg)
21
Thai Laws on Health Information Privacy• The Penal Code
• มาตรา 323 ผู้ใดล่วงรู้หรือได้มาซึ่งความลับของผู้อื่นโดยเหตุที่เป็นเจ้าพนักงานผู้มีหน้าที่ โดยเหตุที่ประกอบอาชีพเป็นแพทย์ เภสัชกร คนจ าหน่ายยา นางผดุงครรภ์ ผู้พยาบาล...หรือโดยเหตุที่เป็นผู้ช่วยในการประกอบอาชีพนั้น แล้วเปิดเผยความลับนั้นในประการที่น่าจะเกิดความเสียหายแก่ผู้หนึ่งผู้ใด ต้องระวางโทษจ าคุกไม่เกินหกเดือน หรือปรับไม่เกินหนึ่งพันบาท หรือทั้งจ าทั้งปรับ
• ผู้รับการศึกษาอบรมในอาชีพดังกล่าวในวรรคแรก เปิดเผยความลับของผู้อื่น อันตนได้ล่วงรู้หรือได้มาในการศึกษาอบรมนั้น ในประการที่น่าจะเกิดความเสียหายแก่ผู้หนึ่งผู้ใดต้องระวางโทษเช่นเดียวกัน
![Page 22: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/22.jpg)
22
Patients’ Bill of Rights
7. ผู้ป่วยมีสิทธิได้รับการปกปิดข้อมูลของตนเอง เว้นแต่ผู้ป่วยจะให้ความยินยอมหรือเป็นการปฏิบัติตามหน้าที่ของผู้ประกอบวิชาชีพด้านสุขภาพเพื่อประโยชน์โดยตรงของผู้ป่วยหรือตามกฎหมาย
![Page 23: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/23.jpg)
23
ข้อความจริง บน• "อาจารย์ครับ เมื่อวาน ผมออก OPD เจอ คุณ
... คนไข้... ที่อาจารย์ผ่าไปแล้ว มา ฉายรังสีต่อที่... ตอนน้ี Happy ดี ไม่ค่อยปวด เดินได้สบาย คนไข้ฝากขอบคุณอาจารย์อกีครั้ง -- อีกอย่างคนไข้ช่วงนี้ไม่ค่อยสะดวกเลยไม่ได้ไป กทม. บอกว่าถ้าพร้อมจะไป Follow-up กับอาจารย์ครับ"
Real Post on Social Media
![Page 24: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/24.jpg)
24
Privacy Measures
• Informed consent
• Privacy culture
• User awareness building & education
• Organizational policy & regulations
![Page 25: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/25.jpg)
25
How Line Chats Can Violate Patient’s Privacy?
• Multiple viewers in a Line group• Ability to capture screens or forward• Posts in the wrong groups• Cached data• Unencrypted transmission (latest news:
encrypted)• Admin access to data in Line’s server• Password Discovery
![Page 26: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/26.jpg)
26
Case Study #5:
PR NightmareOnline Hoaxes
![Page 27: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/27.jpg)
27
Case Study #5: PR Nightmare & Response
http://new.khaosod.co.th.khaosod.online/dek3/win.html (อันตราย! ไม่ควรเข้าเว็บนี้)
ข่าวนี้ไม่เป็นความจริง
![Page 28: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/28.jpg)
28
Case Study #5: PR Nightmare & Response
![Page 29: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/29.jpg)
29
Case Study #6: Passwords
Keylogger Attack: A story of a
medical student
![Page 30: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/30.jpg)
30
http://c2.likes-media.com/img/c88376b3e79ac46a289879d2178e9b41.600x.jpg
Why We Need to Train Users on Security
![Page 31: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/31.jpg)
31
User Account SecuritySo, two informaticians
walk into a bar...
The bouncer says,
"What's the password."
One says, "Password?"
The bouncer lets them
in.
Credits: @RossMartin & AMIA (2012)
![Page 32: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/32.jpg)
32
What’s the Password?
Unknown Internet sources, via
http://pikabu.ru/story/interesno_kakoy_zhe_u_nikh_parol_4274737,
via Facebook page “สอนแฮกเวบ็แบบแมวๆ”
![Page 33: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/33.jpg)
33
User Account Security
https://www.thaicert.or.th/downloads/files/BROCHURE_security_awareness.png
![Page 34: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/34.jpg)
34
Case Study #6: Easy-to-Remember Passwords
Dictionary Attack: A story from taking
a Computer Security course
![Page 35: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/35.jpg)
35
Clear Desk, Clear Screen Policy
http://pixabay.com/en/post-it-sticky-note-note-corner-148282/
![Page 36: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/36.jpg)
36
How to Remember Passwords Then?
Think of an English sentenceThe sentence should have at least 8
words, with numbers and symbols.Use each word’s first letter as password
![Page 37: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/37.jpg)
37
Example of Creating Passwords
http://www.thedigitalshift.com/2012/05/ebooks/amazon-offers-harry-potter-for-free-through-lending-library/
![Page 38: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/38.jpg)
38
Example of Creating PasswordsSentence:
I love reading all 7 Harry Potter books!
Password:Ilra7HPb!
![Page 39: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/39.jpg)
39
Password Sharing
Don’t share passwords with anyone
![Page 40: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/40.jpg)
40
Password Expiration
Change passwords every 3-6 months
![Page 41: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/41.jpg)
41
Case Study #7: Wi-Fi
Rogue Wi-Fi Router:
![Page 42: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/42.jpg)
42
Logout After Use
Logout after use, especially when using public
computers
![Page 43: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/43.jpg)
43
Case Study #8: E-mail หลอกลวง
Phishing
![Page 44: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/44.jpg)
44
Phishing E-mail
![Page 45: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/45.jpg)
45
Phishing E-mail
![Page 46: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/46.jpg)
46
Phishing E-mail
![Page 47: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/47.jpg)
47
How To Detect Phishing E-mails?Bad grammarWrong spellingsEncouraging or pressuring you to open
attachments or click on links
![Page 48: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/48.jpg)
48
Case Study #9: Scam E-mailsPhishing Attack:
A story of a former president of the Thai Student Association
of Minnesota
![Page 49: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/49.jpg)
49
Case Study #10: Ransomware
Ransomware
![Page 50: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/50.jpg)
50
Ransomware
https://www.thaicert.or.th/downloads/files/info_ThaiCERT_Ransomware.jpg
![Page 51: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/51.jpg)
51
Ransomware
https://www.thaicert.or.th/downloads/files/info_ThaiCERT_Ransomware.jpg
![Page 52: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/52.jpg)
52
Case Study #11: File Sharing
File Sharing: A story of a curious
medical student
![Page 53: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/53.jpg)
53
Case Study #12: Virus & Patch Updates
Virus/Malware Attack & Windows Update:
A story of a Chief IT Admin at Ramathibodi Hospital
![Page 54: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/54.jpg)
54
Case Study #13:
Back-up Your Data: A story from a busy guy
![Page 55: Ethical Issues in Health Information Privacy](https://reader031.fdocuments.us/reader031/viewer/2022030316/5871d2741a28ab423c8b5eb7/html5/thumbnails/55.jpg)
55
World Backup Day:March 31 of every year