RESUMO
Despite the high creation cost, annotated corpora are indispensable for robust natural language processing systems. In the clinical field, in addition to annotating medical entities, corpus creators must also remove personally identifiable information (PII). This has become increasingly important in the era of large language models where unwanted memorization can occur. This paper presents a corpus annotated to anonymize personally identifiable information in 1,787 anamneses of work-related accidents and diseases in Spanish. Additionally, we applied a previously released model for Named Entity Recognition (NER) trained on referrals from primary care physicians to identify diseases, body parts, and medications in this work-related text. We analyzed the differences between the models and the gold standard curated by a physician in detail. Moreover, we compared the performance of the NER model on the original narratives, in narratives where personal information has been masked, and in texts where the personal data is replaced by another similar surrogate value (pseudonymization). Within this publication, we share the annotation guidelines and the annotated corpus.
Assuntos
Processamento de Linguagem Natural , Humanos , Espanha , Saúde Ocupacional , NarraçãoRESUMO
While the Internet has brought convenience and speed to human life, it has also led to frequent privacy violations. In the context of epidemiological investigations and information disclosure regarding confirmed Covid-19 patients, many individuals have utilized the Internet as a means to disseminate information and engage in cyber manhunts, resulting in breaches of privacy for those involved. This phenomenon is particularly prevalent within the realm of the Internet, where the boundaries of privacy invasion become blurred. Various types of privacy infringements, both active and passive negligence, are evident on social networking platforms. The juxtaposition of the virtual world of the Internet with real-life scenarios presents novel challenges in the realm of privacy violations. The Internet era, coupled with the widespread use and integration of big data, has diminished the absolute right to privacy on the Internet. This paper examines the challenge of safeguarding the identity information of infectious patients through the lens of two theoretical frameworks -Kantianism and Utilitarianism- in an effort to address this ethical dilemma.
Aunque Internet ha aportado comodidad y rapidez a la vida humana, también ha dado lugar a frecuentes violaciones de la intimidad. En el contexto de las investigaciones epidemiológicas y la divulgación de información relativa a pacientes confirmados de covid-19, muchas personas han utilizado Internet como medio para difundir información y participar en cibercacerías, lo que ha dado lugar a violaciones en la intimidad de los implicados. Este fenómeno prevalece en el ámbito de Internet, donde los límites de la invasión de la intimidad se vuelven vagos. En las redes sociales, se manifiestan diversos tipos de violaciones de la intimidad, tanto por negligencia activa como pasiva. La yuxtaposición entre el mundo virtual de Internet con escenarios de la vida real plantea nuevos retos en el ámbito de las violaciones de la intimidad. La era de Internet, junto con el uso generalizado y la integración del bigdata, han mermado el derecho absoluto a la privacidad. Este artículo examina el reto de salvaguardar la información sobre la identidad de los pacientes infecciosos a través de la lente de dos marcos teóricos -el kantianismo y el utilitarismo- en un esfuerzo por abordar este dilema ético.
Enquanto a Internet trouxe conveniência e velocidade à vida humana, ela também levou a frequentes violações da privacidade. No contexto de investigações epidemiológicas e divulgação de informações em relação a pacientes confirmados de Covid-19, muitos indivíduos utilizaram a Internet como um meio para disseminar informação e participar de uma caçada cibernética, resultando em violações da privacidade para aqueles envolvidos. Esse fenômeno é particularmente prevalente no âmbito da Internet, onde os limites de invasão da privacidade se tornaram borrados. Vários tipos de infrações da privacidade, tanto negligências ativa como passiva, são evidentes em plataformas de redes sociais. A justaposição do mundo virtual da Internet com cenários da vida real apresenta novos desafios no âmbito das violações da privacidade. A era da Internet, juntamente com o amplo uso e integração de megadados (big data), diminuiu o direito absoluto à privacidade na Internet. Esse artigo examina o desafio de proteger a informação de identidade de pacientes infectantes através das lentes de dois enquadres teóricos -Kantianismo e Utilitarismo- em um esforço para abordar esse dilema ético.
RESUMO
Data from the Internet of Things (IoT) enables the design of new business models and services that improve user experience and satisfaction. These data serve as important information sources for many domains, including disaster management, biosurveillance, smart cities, and smart health, among others. However, this scenario involves the collection of personal data, raising new challenges related to data privacy protection. Therefore, we aim to provide state-of-the-art information regarding privacy issues in the context of IoT, with a particular focus on findings that utilize the Personal Data Store (PDS) as a viable solution for these concerns. To achieve this, we conduct a systematic mapping review to identify, evaluate, and interpret the relevant literature on privacy issues and PDS-based solutions in the IoT context. Our analysis is guided by three well-defined research questions, and we systematically selected 49 studies published until 2023 from an initial pool of 176 papers. We analyze and discuss the most common privacy issues highlighted by the authors and position the role of PDS technologies as a solution to privacy issues in the IoT context. As a result, our findings reveal that only a small number of works (approximately 20%) were dedicated to presenting solutions for privacy issues. Most works (almost 82%) were published between 2018 and 2023, demonstrating an increased interest in the theme in recent years. Additionally, only two works used PDS-based solutions to deal with privacy issues in the IoT context.
RESUMO
In the era of big data, millions and millions of data are generated every second by different types of devices. Training machine-learning models with these data has become increasingly common. However, the data used for training are often sensitive and may contain information such as medical, banking, or consumer records, for example. These data can cause problems in people's lives if they are leaked and also incur sanctions for companies that leak personal information for any reason. In this context, Federated Learning emerges as a solution to the privacy of personal data. However, even when only the gradients of the local models are shared with the central server, some attacks can reconstruct user data, allowing a malicious server to violate the FL principle, which is to ensure the privacy of local data. We propose a secure aggregation protocol for Decentralized Federated Learning, which does not require a central server to orchestrate the aggregation process. To achieve this, we combined a Multi-Secret-Sharing scheme with a Dining Cryptographers Network. We validate the proposed protocol in simulations using the MNIST handwritten digits dataset. This protocol achieves results comparable to Federated Learning with the FedAvg protocol while adding a layer of privacy to the models. Furthermore, it obtains a timing performance that does not significantly affect the total training time, unlike protocols that use Homomorphic Encryption.
RESUMO
Biometric technology has transformed human biological characteristics into a new form of privacy, and the misuse of this technology poses challenges to protecting this new privacy. This article initially defines biometric technology and biometric characteristics, further demonstrating why biometric characteristics belong to personal privacy and how biometric technology poses challenges to its protection. Through analysis, this article argues that the essence of these challenges is the conflicts between the ethical principle of privacy protection and the ethical principle of maximizing social benefits. In order to address these challenges, it is necessary first to weigh the fundamental ethical principles. The two basic principles of privacy protection and maximizing social benefits are not mutual antagonism but hierarchy, and this hierarchy should be based on the principle of practical feasibility. That is, applying biometric technology should first meet the principle of practical feasibility and, on this premise, realize the principle of maximizing social benefits based on not infringing on the principle of privacy protection.
La tecnología biométrica ha transformado las características biológicas humanas en una nueva forma de privacidad, y el uso indebido de esta tecnología plantea desafíos a su protección. En este artículo se define inicialmente la tecnología biométrica y las características biométricas; se demuestra además por qué las características biométricas pertenecen a la privacidad personal y cómo la tecnología biométrica plantea retos para su protección. Este artículo argumenta que la esencia de estos retos es el conflicto entre el principio ético de protección de la privacidad y el de maximización de los beneficios sociales. Para abordar estos retos es necesario sopesar primero los principios éticos fundamentales. Los dos principios básicos de protección de la privacidad y maximización de los beneficios sociales no son antagónicos, sino jerárquicos, y esta jerarquía debe basarse en el principio de viabilidad práctica. Es decir, la aplicación de la tecnología biométrica debe cumplir primero el principio de viabilidad práctica y, a partir de esta premisa, realizar el principio de maximización de los beneficios sociales sobre la base de no infringir el principio de protección de la intimidad.
A tecnologia biométrica transformou as características biológicas humanas em uma nova forma de privacidade, e o mal uso dessa tecnologia apresenta desafios para proteger essa nova privacidade. Esse artigo inicialmente define tecnologia biométrica e características biométricas, demonstrando posteriormente por que características biométricas pertencem à privacidade pessoal e como tecnologia biométrica coloca desafios à sua proteção. Através de análise, esse artigo discute que a essência desses desafios é o conflito entre o princípio ético da proteção da privacidade e o princípio ético de maximizar benefícios sociais. De forma a visar esses desafios é necessário primeiro ponderar os princípios éticos fundamentais. Os dois princípios básicos de proteção da privacidade e de maximizar benefícios sociais não são mutuamente antagônicos mas hierárquicos, e essa hierarquia deve ser baseada no princípio da viabilidade prática. Isso é, aplicar tecnologia biométrica deve primeiro atender ao princípio da viabilidade prática e, nessa premissa, compreender o princípio de maximizar benefícios sociais com base em não infringir o princípio de proteção da privacidade.
RESUMO
The privacy problem of facial recognition technology is that commercial companies obtain people's facial information without the consent of individuals and use facial information to infringe on the privacy of individuals. The importance of human privacy in facial recognition technology is reflected through facial ethics, which requires others to perform corresponding obligations to individuals, such as oral care. Through the analysis of the privacy issues of facial recognition technology, it is found that the two elements of "without personal informed" and "without personal consent" together form the basis for commercial companies to violate personal privacy. The principle of informed consent includes the principle of informed and the principle of consent, which is derived from the principle of informed consent in medical ethics. This paper improves the principles of informed consent in medicine and ethics to better address facial recognition privacy issues.
El problema de la privacidad en la tecnología de reconocimiento facial es que las empresas comerciales obtienen información facial de las personas sin el consentimiento de éstas y utilizan la información facial para vulnerar la privacidad de las personas. La importancia de la privacidad de las personas en la tecnología de reconocimiento facial se refleja a través de la ética facial, que exige que otros cumplan las obligaciones correspondientes con los individuos, como el cuidado bucal. A través del análisis de los problemas de privacidad de la tecnología de reconocimiento facial se descubre que los dos elementos de "sin información personal" y "sin consentimiento personal" juntos forman la base para que las empresas comerciales violen la privacidad personal. El principio de consentimiento informado incluye el de información y el de consentimiento, que se deriva del principio de consentimiento informado de la ética médica. Este artículo mejora los principios del consentimiento informado en medicina y ética para abordar mejor los problemas de privacidad del reconocimiento facial.
A questão da privacidade na tecnologia de reconhecimento facial é que as companhias comerciais obtém informações faciais das pessoas sem seu consentimento e usam informação facial para infringir sua privacidade. A importância da privacidade humana na tecnologia de reconhecimento facial é refletida através da ética facial, que exige que se cumpram obrigações correspondentes para com os indivíduos, da mesma forma como com cuidados orais. Através da análise de aspectos de privacidade na tecnologia de reconhecimento facial, encontrou-se que os dois elementos "sem informação pessoal" e "sem consentimento pessoal" juntos, formam a base para companhias comerciais violarem a privacidade pessoal. O princípio do consentimento informado inclui o princípio de informação e o princípio de consentimento, os quais derivam do princípio do consentimento informado em ética médica. Esse artigo melhora os princípios do consentimento informado em medicina e ética para melhor incluir aspectos de privacidade no reconhecimento facial.
RESUMO
BACKGROUND: Over the past decade, the United States (US) has seen a spike in migration across the US-Mexico border with an increase in hospital admissions of migrants and asylum-seekers under the custody of immigration law enforcement (ILE). This study aimed to determine how the presence of ILE officials affects patient care and provider experience in a teaching hospital setting. METHODS: This cross-sectional online survey solicited quantitative and qualitative feedback from medical students, residents, and attending physicians (n = 1364) at a teaching hospital system with two campuses in Arizona. The survey included participant demographics and addressed participants' experience caring for patients in ILE custody, including the perception of respect, violations of patients' privacy and autonomy, and the comfort level with understanding hospital policies and patient rights. Thematic analyses were also performed based on respondent comments. RESULTS: 332 individuals (24%) responded to the survey. Quantitative analyses revealed that 14% of participants described disrespectful behaviors of ILE officials, mainly toward detained patients. Qualitative thematic analyses of respondent comments revealed details on such disrespectful encounters including ILE officers violating the Health Insurance Portability and Accountability Act (HIPAA) and using intimidation tactics with patients. Nearly half of the respondents did not have knowledge of policies about ILE detainees' medical care, detainees' privacy rights, or ILE's authority in patient care. CONCLUSIONS: This study points out the complexities, challenges, and ethical considerations of caring for patients in ILE custody in the hospital setting and the need to educate healthcare professionals on both patient and provider rights. It describes the lived experiences and difficulties that providers on the border face in trying to achieve equity in the care they provide to detained migrant patients.
Assuntos
Emigração e Imigração , Aplicação da Lei , Humanos , Estados Unidos , México , Estudos Transversais , Arizona , Hospitais de EnsinoRESUMO
The main characteristics of blockchains, such as security and traceability, have enabled their use in many distinct scenarios, such as the rise of new cryptocurrencies and decentralized applications (dApps). However, part of the information exchanged in the typical blockchain is public, which can lead to privacy issues. To avoid or mitigate these issues, some blockchains are applying mechanisms to deal with data privacy. Trusted execution environments, the basis of confidential computing, and secure multi-party computation are two technologies that can be applied in that sense. In this paper, we analyze seven blockchain technologies that apply mechanisms to improve data privacy. We define seven technical questions related to common requirements for decentralized applications and, to answer each question, we review the available documentation and gather information from chat channels. We briefly present each blockchain technology and the answers to each technical question. Finally, we present a table summarizing the information and showing which technologies are more prominent.
RESUMO
La forma como el clínico percibe al paciente y sus conocimientos sobre el consentimiento informado (CI) se reflejan en prácticas de respeto hacia el paciente, con relación a su autonomía y privacidad, desde un marco ético, deontológico y legal. El objetivo fue analizar las percepciones y prácticas de cirujanos en relación con el respeto de la autonomía del paciente durante el proceso de toma del CI en un hospital de la ciudad de Santo Domingo de los Tsáchilas, Ecuador. Metodología Cualitativa. La muestra fue por saturación, aplicando una entrevista semiestructurada. Los datos se analizaron por medio del programa Atlas Ti 8.0®, utilizando rastreo de categorías estructuradas. La mayoría de los médicos asume el consentimiento como un documento legal y obligatorio, por el miedo a procesos sancionatorios. Además, suele delegar su responsabilidad a otros profesionales, desconociendo componentes estructurales y éticos de la toma del consentimiento informado. Concluimos que la falta de conocimiento sobre CI lleva a percepciones y, por ende, a prácticas que vulneran la autonomía y la confidencialidad, además del respeto de recibir la información por parte del clínico que realiza la intervención.
The way in which the clinician perceives the patient and his knowledge about informed consent (IC) are reflected in practices of respect for the patient, in relation to their autonomy and privacy from an ethical, deontological and legal framework. Objective. Analyze the perceptions and practices by surgeons in relation to the respect of the autonomy of the patient during the process of taking the IC in a hospital in the city of de Santo Domingo de los Tsáchilas / Ecuador. Methodology. Cualitattivo. The sample was by saturation applying a semi-structured interview. The data were analyzed using the Atlas Ti 8.0 ® program using structured category tracking. Result. Most doctors take consent as a legal and mandatory document, for fear of sanctioning processes. In addition, they usually delegate their responsibility to other professionals ignoring structural and ethical components of taking informed consent. Conclusion. It is evident that the lack of knowledge about IQ leads to perceptions, and therefore, to practices that violate autonomy and confidentiality, in addition to the respect of receiving information from the clinician who performed the intervention.
A forma como o médico percebe o paciente e seus conhecimentos sobre o consentimento informado (IC) se refletem nas práticas de respeito ao paciente, em relação à sua autonomia e privacidade a partir de um arcabouço ético, deontológico e jurídico. Objetivo. Analise as percepções e práticas dos cirurgiões em relação ao respeito à autonomia do paciente durante o processo de tomada do IC em um hospital na cidade de Santo Domingo de los Tsáchilas/Equador. Metodologia. Qualitativo. A amostra foi por saturação aplicando uma entrevista semiestruturada. Os dados foram analisados utilizandose o programa Atlas Ti 8.0 ® utilizando rastreamento estruturado de categorias. Resultado. A maioria dos médicos toma o consentimento como documento legal e obrigatório, por medo de sancionar processos. Além disso, eles geralmente delegem sua responsabilidade a outros profissionais ignorando componentes estruturais e éticos de obter consentimento informado. Conclusão. É evidente que a falta de conhecimento sobre o QI leva a percepções e, portanto, a práticas que violam autonomia e confidencialidade, além do respeito ao recebimento de informações do médico que realizou a intervenção.
Assuntos
Humanos , Masculino , Feminino , EquadorRESUMO
RESUMEN La protección de datos personales en los sistemas de salud requiere de medidas y procedimientos especiales para asegurar que la privacidad de la información no sea vulnerada. Los avances en la tecnología digital y el acceso a la transmisión en tiempo real de datos personales, familiares, clínicos y de laboratorio de los pacientes y/o sujetos de estudio, puede comprometer la protección de esta información. La privacidad de los datos personales en salud en tiempos de pandemia ha significado un reto mayor, es por ello que se presenta esta contribución especial que tiene por objetivo, identificar los resguardos éticos y normativos en materia de protección de datos, para garantizar el pleno respeto de los derechos de privacidad de las personas y la confidencialidad de sus datos, bajo el contexto de la atención en salud, sobre todo en condiciones de crisis sanitaria; como la vivida durante la pandemia de SARS-CoV-2. Se propone además una armonización legislativa en América Latina, sobre la privacidad y la protección de datos personales.
ABSTRACT The protection of personal data in health systems requires special measures and procedures to ensure that the privacy of the information is not violated. Advances in digital technology and access to real-time transmission of personal, family, clinical, and laboratory data of patients and/or study subjects may compromise the protection of this information. The privacy of personal data in health in times of pandemic has meant a greater challenge, that is why this unique contribution is presented, whose objective is to identify the ethical and regulatory safeguards in terms of data protection to guarantee full respect for the privacy rights of people and the confidentiality of their data, under the context of health care, especially in conditions of health crisis, such as the one experienced during the SARS-CoV-2 pandemic. It also proposes a legislative harmonization in Latin America, on privacy and protection of personal data.
RESUMO
Resumo Este estudo revisa a caracterização dos princípios da privacidade e da confidencialidade em conexão com áreas da medicina em geral e da saúde mental em especial, propondo que a prática dos direitos e deveres envolvidos com os dois princípios deve ser preservada nos moldes ditados pela bioética. Privilegia-se a abordagem do saber psíquico, a fim de ampliar a compreensão da particular importância da confidencialidade nos processos terapêuticos. Salienta-se a conexão entre as mudanças tecnológicas e midiáticas ocorridas nas últimas décadas e o risco de comprometimento do sigilo médico, cuja quebra afetaria em definitivo a confiança do paciente quanto ao resguardo da privacidade de suas informações. Ao final, são feitas reflexões sobre o valor do suporte ético ao profissional de saúde, principalmente nos casos excepcionais em que lhe cabe tomar decisões sobre quebra de confidencialidade.
Abstract This study discusses privacy and confidentiality in the areas of medicine and, particularly, mental health, arguing that the rights and duties encompassed by the two principles should be practiced in compliance to bioethics. Psychic knowledge was adopted to broaden our understanding regarding the importance of confidentiality in the therapeutic process. It emphasizes the connection between the technological and media changes of the last decades and the risk of compromising medical confidentiality, which would definitely affect the patient's trust concerning information privacy. Finally, the text reflects on the relevancy of ethical support for health professionals, especially in cases where they must decide on whether or not to breach confidentiality.
Resumen Este estudio analiza la caracterización de los principios de privacidad y confidencialidad relacionados con los campos de la medicina en general y la salud mental en particular, proponiendo que la práctica de los derechos y deberes respecto a estos dos principios debe preservarse de la manera defendida por la bioética. El enfoque del conocimiento psíquico se privilegia con el fin de ampliar la comprensión de que la confidencialidad es importante en los procesos terapéuticos. Se destaca la relación entre los cambios tecnológicos y mediáticos que se han producido en las últimas décadas y el riesgo de comprometer el secreto médico, cuya violación afectaría definitivamente la confianza del paciente respecto a la privacidad de su información. Por último, se reflexiona sobre el valor del apoyo ético a los profesionales de la salud, sobre todo en los casos excepcionales que involucran su toma de decisión respecto a la violación de confidencialidad.
Assuntos
Humanos , Masculino , FemininoRESUMO
Introduction: The epidemiological pattern of prediabetes in adolescents is understudied. In Mexico, adolescents are exposed to social adversity conditions, including poverty and violence. Therefore, understanding their clinical profiles and how the social determinants of health impose barriers to access to health services is important to address detection, in those who, by their vulnerability, remain a hidden population. Aim: This study aimed to describe undiagnosed prediabetes in Mexican adolescents under poverty in violent contexts and to compare the clinical features among health services users and hidden population. Methods: This cross-sectional study included 371 adolescents from difficult access locations in violent contexts. Poverty, lack of health services access, and perceived vulnerability were determined in all samples. Endocrine markers (BMI, HOMA-IR, HbA1c, and cortisol) were measured in those with high violence perception. Results: A total of 61.7% of the adolescents had a suburban grid and urban cluster residence, and 77.7-85.7% of them belonged to locations where 35-50% of their population lived below the poverty line. In total, 40-75% had a lack of 10-20% access to health services, and 18.8% had a high perceived vulnerability due to collective violence and were screened. Overall, 61.9% of respondents were newly diagnosed with prediabetes and showed the worst HbA1c (p = 0.001) compared to the health services subsample, which showed the highest BMI (p = 0.031) and insulin resistance (p = 0.025). Conclusion: There is a prediabetes hidden population living in violent contexts under poverty. These social determinants promote poor outcomes in perceived vulnerability and endocrine response and represent barriers to access to health services.
RESUMO
Recently, the number of vehicles equipped with wireless connections has increased considerably. The impact of that growth in areas such as telecommunications, infotainment, and automatic driving is enormous. More and more drivers want to be part of a vehicular network, despite the implications or risks that, for instance, the openness of wireless communications, its dynamic topology, and its considerable size may bring. Undoubtedly, this trend is because of the benefits the vehicular network can offer. Generally, a vehicular network has two modes of communication (V2I and V2V). The advantage of V2I over V2V is roadside units' high computational and transmission power, which assures the functioning of early warning and driving guidance services. This paper aims to discover the principal vulnerabilities and challenges in V2I communications, the tools and methods to mitigate those vulnerabilities, the evaluation metrics to measure the effectiveness of those tools and methods, and based on those metrics, the methods or tools that provide the best results. Researchers have identified the non-resistance to attacks, the regular updating and exposure of keys, and the high dependence on certification authorities as main vulnerabilities. Thus, the authors found schemes resistant to attacks, authentication schemes, privacy protection models, and intrusion detection and prevention systems. Of the solutions for providing security analyzed in this review, the authors determined that most of them use metrics such as computational cost and communication overhead to measure their performance. Additionally, they determined that the solutions that use emerging technologies such as fog/edge/cloud computing present better results than the rest. Finally, they established that the principal challenge in V2I communication is to protect and dispose of a safe and reliable communication channel to avoid adversaries taking control of the medium.
Assuntos
Segurança Computacional , Confidencialidade , Computação em Nuvem , Redes de Comunicação de Computadores , ComunicaçãoRESUMO
Objetivo: analisar a legislação e as principais questões pertinentes ao armazenamento das informações relativas à saúde do paciente em bancos de dados, bem como as exceções ao dever de sigilo, à luz do Regulamento (UE) 2016/679 (novo Regulamento Geral de Proteção de Dados) e da Lei n.º 58/2019. Metodologia: por meio de uma revisão legislativa e doutrinária, confrontamos os dispositivos que abordam o direito à privacidade do paciente, a proteção do sigilo médico e o acesso de dados, analisando as exceções ao dever de sigilo que decorrem da lei e dos estatutos das ordens profissionais que tutelam o exercício das profissões. Resultados: a dispersão das normas que tratam a proteção de dados pode criar obstáculos à efetivação do direito e dúvidas acerca da interpretação do novo Regulamento Geral de Proteção de Dados. Conclusão: o novo Regulamento e a Lei n.º 58/2019 têm o escopo de sistematizar a matéria concernente à proteção dos dados, mas deverão ser confrontadas com a legislação interna portuguesa que aborde outras questões transversais, a exemplo das tratadas na Lei de Bases da Saúde em Portugal, no Regime Geral dos Arquivos e do Património Arquivístico, dentre outros, o que implica uma dificuldade acrescida ao utilizador do direito.
Objective: to analyze legislation and key issues related to the storage of patient data in databases and exceptions to confidentiality under Regulation (EU) 2016/679 (new General Data Protection Regulation) and Law No. 58/2019.Methods: through a review of legislation and doctrine, we contrast the provisions that address the patient's right to privacy, the protection of medical secrecy, and access to data, and analyze the exceptions to confidentiality arising from the law and the statutes of the professional codes that protect the practice of the professions. Results: the scattering of norms dealing with data protection may lead to obstacles in the realization of the right to data protection and to doubts in the interpretation of the new Regulation. Conclusion: the new Regulation and Law No. 58/2019 are suitable to systematize data protection. However, they must be confronted with Portuguese legislation that deals with other cross-cutting issues, such as the Portuguese Basic Health Law, the General Archives Law and others, which creates additional difficulties for the user of the law.
Objetivo: analizar la legislación y las principales cuestiones relevantes para el almacenamiento de información relacionada con la salud del paciente en bases de datos, así como las excepciones a la obligación de secreto, de acuerdo con el Reglamento (UE) 2016/679 (nuevo Reglamento General de Protección de Datos) y la Ley n.° 58/2019. Metodología: a través de una revisión legislativa y doctrinaria, confrontamos las disposiciones que atienden el derecho a la intimidad del paciente, la protección del secreto médico y el acceso a los datos, analizando las excepciones al deber de secreto, que se derivande la ley y los estatutos que protegen el ejercicio de las profesiones. Resultados: la dispersión de normas que tratan de la protección de datos puede generar obstáculos para la realización del derecho a la protección de datos y dudas sobre la interpretación del Reglamento. Conclusión: el Nuevo Reglamento y la Ley n.º 58/2019 tienen el alcance de sistematizar la materia relativa a la protección de datos, pero deben confrontarse con la legislación interna portuguesa que aborda otras cuestiones transversales, como las tratadas en el Ley de Salud en Portugal, en el Régimen General de Archivos, entre otros, lo que implica una dificultad añadida para el usuario del derecho.
RESUMO
With the fast development of blockchain technology in the latest years, its application in scenarios that require privacy, such as health area, have become encouraged and widely discussed. This paper presents an architecture to ensure the privacy of health-related data, which are stored and shared within a blockchain network in a decentralized manner, through the use of encryption with the RSA, ECC, and AES algorithms. Evaluation tests were performed to verify the impact of cryptography on the proposed architecture in terms of computational effort, memory usage, and execution time. The results demonstrate an impact mainly on the execution time and on the increase in the computational effort for sending data to the blockchain, which is justifiable considering the privacy and security provided with the architecture and encryption.
Assuntos
Blockchain , Privacidade , Atenção à Saúde , Algoritmos , Tecnologia , Segurança ComputacionalRESUMO
The Brazilian General Data Protection Law (LGPD) implementation has impacted activities carried out by the software development teams. Due to it, developers had to become aware of the existing techniques and tools to carry out privacy requirements elicitation. Extending our previous work, we have investigated the actions taken by organizations regarding the LGPD, specifically in software development, considering the perception of agile development teams after two years of the LGPD implementation. In addition, we also investigated the perception of an agile team regarding the practices, techniques, and tools previously cited by practitioners as potential solutions for use in this context, along with techniques already in use in the current context. We have conducted a systematic literature review (SLR) and selected 36 primary studies. Furthermore, we have conducted a survey with 53 IT practitioners and semi-structured interviews with ten practitioners. The LGPD principles are known by most agile teams and are being implemented by the organizations, although the existing tools to support privacy requirements elicitation are still underused by agile teams. Moreover, agile teams consider that software requirements and software construction are the most impacted areas of knowledge by the LGPD, and most of them use user stories in privacy requirements elicitation. Our findings reveal that agile teams and Brazilian organizations are more concerned with user data privacy issues after the LGPD became effective. However, agile teams still face challenges in privacy requirements elicitation.
RESUMO
Resumo A "esfera de intimidade" se apresenta cada vez mais mediada por uma rede sociotécnica, revestida de novos significados e leituras nos jogos amorosos e de sedução. Nessas trocas afetivo-digitais os nudes desempenham importante papel na vinculação de interesse entre parceiros, constituindo também espaços de disputas de poder e violência. O trabalho objetiva analisar as moralidades vigentes, os modos de gestão das emoções e os enquadramentos do corpo na afirmação de autonomia e diversidade presentes nos discursos de jovens que tiveram seus conteúdos íntimos disseminados sem consentimento pela internet. Foram analisados 20 vídeos de jovens youtubers que vivenciaram tal experiência. Os vídeos foram analisados segundo a perspectiva da Análise de Discurso Crítica. Os depoimentos carregam forças discursivas de "desabafo", "testemunho" e, sobretudo, "aconselhamento". Nas experiências narradas, destacamos as dinâmicas da disseminação desses conteúdos íntimos e como afetam diferentemente as representações de face e de reconhecimento social de rapazes e moças. As formas de manejo do sofrimento variam entre a resignação diante de uma ordem patriarcal e de discursos de superação e autonomia. Destaca-se ainda o protagonismo desses jovens diante da gestão das imagens íntimas e um posicionamento político sobre o uso e expressão dos seus corpos.
Abstract The "sphere of intimacy" is increasingly mediated by a socio-technical network inlaid with new meanings and readings in love and seduction games. In these affective-digital exchanges, nudes are essential in linking interest between partners, also setting spaces for power struggles and violence. This work aims to analyze the prevailing moralities, the emotional management, and the inclusion of the body in affirming autonomy and diversity identified in the statements of young people whose intimate contents were disseminated on the internet without their consent. We analyzed 20 videos of young YouTubers who had such an experience from the Critical Discourse Analysis perspective. The statements carry discursive forces of "venting", "testimony", and, above all, "counseling". The narrated experiences highlight the dynamics of disseminating these intimate contents and how they differently affect the representations of face and social recognition of boys and girls. Handling suffering techniques vary between resignation in the face of patriarchal order and overcoming and autonomy discourses. We also highlight the initiatives of these young people in managing intimate images and a political stance on the use and expression of their bodies.
RESUMO
Resumen: Este texto aborda el problema de la privacidad de la información en la investigación social de tipo cualitativa que se desarrolla en el contexto del mundo digital. Para ello, se revisa el concepto de privacidad desde una mirada analógica hacia su incorporación en el plano digital con la figura de la privacidad de la información y algunos elementos de la hermenéutica de Gadamer. Primero, se revisa el plano analógico y ético de la privacidad. Luego, se revisa el potencial de la información, la distinción entre información privada y sensible y su aplicabilidad a la investigación social mediante los conceptos de confianza y seguridad. Finalmente se esboza una propuesta para una privacidad renovada que propone rescatar la intersubjetividad que se construye en la relación del participante de la investigación con el investigador.
Abstract: This text addresses the problem of information privacy in qualitative social research developed in the context of the digital world. For this purpose, the concept of privacy is reviewed from an analogical view towards its incorporation in the digital plane with the figure of information privacy and some elements of Gadamer's hermeneutics. First, the analogical and ethical plane of privacy is reviewed. Then, the potential of information, the distinction between private and sensitive information and its applicability to social research through the concepts of trust and security are reviewed. Finally, we outline a proposal for a renewed privacy that proposes to rescue the intersubjectivity that is built in the relationship between the research participant and the researcher.
Resumo: Este texto aborda o problema da privacidade da informação na investigação social qualitativa no contexto do mundo digital. Para o fazer, revê o conceito de privacidade de um ponto de vista analógico para a sua incorporação no plano digital com a figura da privacidade da informação e alguns elementos da hermenêutica de Gadamer. Primeiro, o plano analógico e ético da privacidade é revisto. Em seguida, o potencial da informação, a distinção entre informação privada e informação sensível e a sua aplicabilidade à investigação social através dos conceitos de confiança e segurança são revistos. Finalmente, esboça uma proposta para uma privacidade renovada que se propõe resgatar a intersubjetividade que é construída na relação entre o participante da pesquisa e o pesquisador.
Assuntos
Humanos , Ciências Sociais/ética , Pesquisa Qualitativa , Ética em Pesquisa , Informações Pessoalmente Identificáveis/ética , HermenêuticaRESUMO
Este artículo revisa los principales desafíos éticos que plantea la investigación vinculada al genoma humano a la luz de la bibliografía internacional y entrega recomendaciones sobre su abordaje basada en nuestra experiencia en el Comité de Ética para la Investigación en Seres Humanos de la Facultad de Medicina, Universidad de Chile, incluyendo las regulaciones legales nacionales. Los estándares éticos de la investigación en seres humanos deben extremarse para proteger adecuadamente a los participantes en estudios involucrados con la genómica. Especialmente relevantes en este contexto son: la protección de la confidencialidad y anonimato; la política de entrega de resultados y la posibilidad de retirarse del estudio. Compartir datos resultantes de investigaciones genéticas permite optimizar recursos, otorga mayor transparencia y replicabilidad de los análisis y permite descubrir alteraciones genéticas responsables de enfermedades raras y genes involucrados en enfermedades hereditarias multifactoriales, además de contribuir al diseño de medicina de precisión y de nuevas estrategias terapéuticas. Sin embargo, plantea grandes desafíos: proteger la privacidad y evitar la re-identificación de los voluntarios, la entrega de resultados con asesoría pre y post estudio. Estos aspectos requieren la elaboración de un cuidadoso proceso de consentimiento informado para investigaciones genómicas cuyos componentes principales se analizan en este artículo.
This article reviews the main ethical challenges posed by human genome research in the light of the international literature and provides recommendations on how to approach them based on our experience in the Ethics Committee for Research on Human Subjects of the Faculty of Medicine, University of Chile, including national legal regulations. Ethical standards in human research must be extreme, in order to adequately protect participants in studies involving genomics. Particularly relevant in this context are the protection of confidentiality and anonymity; the policy of delivery of results and the possibility of withdrawing from the study. Sharing data resulting from genetic research optimizes resources, provides greater transparency, and replicability of the analyses and makes it possible to discover genetic alterations responsible for rare diseases and genes involved in multi-factorial hereditary diseases, as well as contributing to the design of precision medicine and new therapeutic strategies. However, it poses great challenges: protecting privacy and avoiding re-identification of volunteers, delivery of results with pre- and post-study counseling. These aspects require the elaboration of a careful informed consent process for genomic research, the main components of which are discussed in this article.
Assuntos
Humanos , Pesquisa em Genética/ética , Experimentação Humana/ética , Genoma Humano , Confidencialidade , Privacidade Genética , Comitês de Ética em Pesquisa , Consentimento Livre e EsclarecidoRESUMO
Self-Sovereign Identity (SSI) is an identity model centered on the user. The user maintains and controls their data in this model. When a service provider requests data from the user, the user sends it directly to the service provider, bypassing third-party intermediaries. Thus, SSI reduces identity providers' involvement in the identification, authentication, and authorization, thereby increasing user privacy. Additionally, users can share portions of their personal information with service providers, significantly improving user privacy. This identity model has drawn the attention of researchers and organizations worldwide, resulting in an increase in both scientific and non-scientific literature on the subject. This study conducts a comprehensive and rigorous systematic review of the literature and a systematic mapping of theoretical and practical advances in SSI. We identified and analyzed evidence from reviewed materials to address four research questions, resulting in a novel SSI taxonomy used to categorize and review publications. Additionally, open challenges are discussed along with recommendations for future work.