Search results

Data breaches in the US healthcare sector have more than tripled in the last decade across all states. However, to this day, no established framework ranks all states from most to least at risk for healthcare data breaches. This gap has led to a lack of proper risk identification and understanding of cyber environments at state levels.

Based on the security action cycle, the National Institute of Standards and Technology (NIST) cybersecurity framework, the risk-planning model, and the multicriteria decision-making (MCDM) literature, the paper offers an integrated multicriteria framework for prioritization in cybersecurity to address this lack and other prioritization issues in risk management in the field. The study used historical breach data between 2015 and 2021.

The findings showed that California, Texas, New York, Florida, Indiana, Pennsylvania, Massachusetts, Minnesota, Ohio, and Georgia are the states most at risk for healthcare data breaches.

The findings highlight each US state faces a different level of healthcare risk. The findings are informative for patients, crucial for privacy officers in understanding the nuances of their risk environment, and important for policy-makers who must grasp the grave disconnect between existing issues and legislative practices. Furthermore, the study suggests an association between positioning state risk and such factors as population and wealth, both avenues for future research.

Theoretically, the paper offers an integrated framework, whose basis in established security models in both academia and industry practice enables utilizing it in various prioritization scenarios in the field of cybersecurity. It further emphasizes the importance of risk identification and brings attention to different healthcare cybersecurity environments among the different US states.

This study aims to build a better understanding of researcher needs regarding support for data that you create, store, and/or manage using an electronic lab notebook (ELN), also referred to as electronic research notebook (ERN). The study also articulates the need for risk assessment for ELN products used by researchers for both open data and sensitive data that require standards.

The author used a participatory action research mixed-methods approach. A working group was formed from an ELN initial meeting. The working group team investigated several institutional ERN solutions by setting up trials, speaking with representatives from other research universities with ERN solutions and conducting internal and external research. This culminated in a broader-scale survey exploration.

Findings reveal there is no single institutional ELN license solution to satisfy all scientific disciplines. There is a need to develop foundational tools needed by all, provide additional tools and uses cases with best practices that can be tailored to various labs and research processes and develop a how-to guide on how to assemble the parts to create a useful ELN solution.

The research implications include providing support for researchers selecting an ERN solution through a combination of online guides, short tutorials and training. There is a need to develop foundational tools, uses cases with best practices that can be tailored to various labs and research processes and how-to guide on how to assemble the parts to create a useful hybrid-ELN solution.

Practical implications include aligning available ERN solutions with other institution provided technologies across the research life cycle to provide researchers a suite of tools to conduct and manage their research. Further investigating educational license discounts for courses using eLabJournal, RSpace, Protocols.io, Open Science Framework, LabArchives or other ERNs currently funded by student course fees via grant funded projects are key implications.

Social implications include the research computing environments of researchers that use ELN solutions approved through institutional risk assessment for open data are in compliance with university regulatory frameworks for use of the software in research.

The originality of this study includes risk assessments of ELNs solutions to better guide researchers in the selection process. To the best of the author’s knowledge, this survey was the first exploration of ELN on campus resulting in a final report to senior stakeholders. This study also highlights a developing grant proposal to further develop support across labs and campus.

The purpose of this paper is to explore different health care professionals’ discourse about privacy – its definition and importance in health care, and its role in their day-to-day work. Professionals’ discourse about privacy reveals how new technologies and laws challenge existing practices of information control within and between professional groups in health care, with implications not only for patient privacy, but also for the role of information control in professions more generally.

The authors conducted in-depth, semi-structured interviews with n=83 doctors, nurses, and health information professionals in two academic medical centers and one veteran’s administration hospital/clinic in the Northeastern USA. Interview responses were qualitatively coded for themes and patterns across groups were identified.

The health care providers and the authors studied actively sought to uphold the protection (and control) of patient information through professional ethics and practices, as well as through the use of technologies and compliance with legal regulations. They used discourses of professionalism, as well as of law and technology, to sometimes accept and sometimes resist changes to practice required in the changing technological and legal context of health care. The authors found differences across professional groups; for some, protection of patient information is part of core professional ethics, while for others it is simply part of their occupational work, aligned with organizational interests.

This qualitative study of physicians, nurses, and health information professionals revealed some differences in views and practices for protecting patient information in the changing technological and legal context of health care that suggest some professional groups (doctors) may be more likely to resist such changes and others (health information professionals) will actively adopt them.

New technologies and regulations are changing how information is used in health care delivery, challenging professional practices for the control of patient information that may change the value or meaning of medical records for different professional groups.

Qualitative findings suggest that professional groups in health care vary in the extent of information control they have, as well in how they view such control. Some groups may be more likely to (be able to) resist changes in the professional control of information that stem from new technologies or regulatory policies. Some professionals recognize that new IT systems and regulations challenge existing social control of information in health care, with the potential to undermine (or possibly bolster) professional self-control for some but not necessarily all occupational groups.

Data breaches are an increasing phenomenon in today's digital society. Despite the preparations an organization must take to prevent a data breach, it is still necessary to develop strategies in the event of a data breach. This paper explores the key recovery areas necessary for data breach recovery.

Stakeholder theory and three recovery areas (customer, employee and process recovery) are proposed as necessary theoretical lens to study data breach recovery. Three data breach cases (Anthem, Equifax, and Citrix) were presented to provide merit to the argument of the proposed theoretical foundations of stakeholder theory and recovery areas for data breach recovery research.

Insights from these cases reveal four areas of recovery are necessary for data breach recovery – customer recovery, employee recovery, process recovery and regulatory recovery.

These areas are presented in the data recovery areas model and are necessary for: (1) organizations to focus on these areas when resolving data breaches and (2) future data breach recovery researchers in developing their research in the field.

The purpose of this paper is to highlight current utilizations of advanced technology within the digital mental health platform Keel Mind.

Keel Mind, based out of Ontario, Canada is a therapeutic delivery platform that dually functions to train clinicians and deliver virtual therapy to clients.

From personalizing client and therapist matching to using natural language processing (NLP) and artificial intelligence (AI)-driven features Keel Mind supports clinician decision-making to meet the growing mental health needs of the population. Keel Mind functions to provide accessible service, efficiently train high-quality clinicians and enhance clinical outcomes for clients. In a preliminary study within post-secondary students from Ontario, Canada, 90.1% of clients reported liking the platform, and 83.4% reported that they experienced positive mental health outcomes as a result of using Keel Mind.

Keel Mind is a leader within the rapidly developing field of telepsychology and aims to promote positive mental health outcomes worldwide.

This digital showcase is the first published piece of work highlighting the technological capabilities of Keel Mind as a digital therapeutic platform. The intention of this work is to highlight current uses of digital technology within the field of therapeutic practice and to promote technological growth within the field.