Why you do not want to unify data in your clinical trial
Unified clinical data sets – good or bad? Unification of data from patient medical records, hospital reports and clinical trial protocols is a tempting yet extremely dangerous idea. In this outstanding guest post, security and privacy expert, Veronika Valdova from Arete-Zoe explains why merging medical records, hospital reports, and clinical trial data is a very bad idea. How data breaches […]
How understanding culture reduces risk in your clinical trials
It’s during the war the Russians are waging on Ukraine and I got on a thread on a blog about why Putin is so violent. I replied that from Putin’s perspective – the US and Europeans represented an existential threat to him when they pull Ukraine into NATO and when the US pushes democracy eastwards. […]
Procedures are not a substitute for ethical behavior
Are procedures a substitute for responsible and ethical behavior? The behavior of former secretary of State (and Presidential race loser) Hilary Clinton is an important example of how feeling entitled is not the exclusive domain of under 20-somethings. When we do a threat analysis of medical devices, we try to look beyond the technical security […]
Kick start your European privacy compliance
The CNIL’s Sanctions Committee issues a 150 000 € monetary penalty to GOOGLE Inc. On 3 January 2014, the CNIL’s Sanctions Committee issued a 150 000 € monetary penalty to GOOGLE Inc. upon considering that the privacy policy implemented since 1 March 2012 does not comply with the French Data Protection Act. It ordered the company […]
The dangers of default passwords – 37% of Data Breaches Found to be Malicious Attacks
A malicious attack by malware or spear phishing on valuable data assets like PHI (protected health information) exploits known vulnerabilities and one of the most common vulnerabilities in medical devices and healthcare IT systems is default passwords. “Researchers Billy Rios and Terry McCorkle of Cylance have reported a hard-coded password vulnerability affecting a wide variety of […]
The Private Social Network for healthcare
In his post on the Pathcare blog, I trust you to keep this private, Danny Lieberman talked about the roles that trust, security and privacy play in online healthcare interactions. In this post, Danny talks about healthcare privacy challenges in social networks and describes how to implement a private social network for healthcare without government privacy […]
Can I use Dropbox for storing healthcare data?
First of all, I’m a great fan of Dropbox. It’s easy to use, fast, runs on Windows, Mac and Linux and that means you can share files with colleagues and patients for consultations because that old assumption (that a lot of vendors still make by the way) that everyone is on Windows just isn’t true these […]
How to keep secrets in healthcare online
The roles of trust, security and privacy in healthcare. If President Obama had told his psychiatrist he was gay, you can bet that it would be on Facebook in 5′. So much for privacy. pri·va·cy/ˈprīvəsē/ Noun: The state or condition of being free from being observed or disturbed by other people. The state of being […]
Insecurity by compliance
If a little compliance creates a false sense of security then a lot of compliance regulation creates an atmosphere of feeling secure, while in fact most businesses and Web services are in fact very insecure. Is a free market democracy doomed to suffer from privacy breaches – by definition? My father is a retired PhD […]
Monica Belluci and Security
Trends – security and movie stars, Manuela Arcuri and Monica Bellucci, Verisign and Mcafee. Information security and risk analysis is complex stuff, with multiple dimensions of people, software, performance, management, technology, assets, threats, vulnerabilities and control relationships. This is why it’s hard to sell security to organizations. But, information security is also a lot like fashion with cyclical […]
