6. Ethics / Regulations / Governance Flashcards
what is an example of health care record compromise, and what happened
MedStar Health targeted by Ransomware
- delayed radiotherapy
- cancelled appointments
- prolonged drug usage past required dates
- prolonged processing of lab results
what is an example of health identity theft & the results
compare health identity theft with cc theft
- credit card fraud is a common occurence e.g. a new tv charged to someone else
- health identity theft example is undergoing surgery under someone else’s identity
- the difference is the time to notice (e.g. if Medicare is paying the bill, the patient won’t notice)
- costlier repercussions in hc
- hc is harder to identify
- cc is a single purchase, whereas hc can occur for a long time with no notice
what is the value of assuming health identities
- uninsured people don’t need to pay as much for their treatment
- bills are charged to another person
- for countries without medicare, expensive drugs can be purchased for someone else
what is data governance
a framework used to create & enforce policies regarding data
who are some people involved in data governance
- governance council: high level decisions, policy creation
- custodian: responsible for safety of data, implement business rules
- steward: ensure fitness of data content & metadata & administer data policies and regulations
- user: follow policy, inform others when policies are more difficult
what are the benefits of data governance
- data silos
- safe access
- monitoring
- consistency
- compliance e.g. HIPAA
- data protection against threats
what are some other security threats
- manmade (fire, power outages)
- natural disasters
- software dependencies
what is social engineering
tricking someone into revealing personal useful information including hacking one victim to assume identity and trick another victim
what is pretexting
using an invented scenario to persuade victims to release info / perform an action
what is phishing
luring unsuspecting interest with authentic looking emails
what is pharming
hijacking of an official website’s address to lure users into entering information in a different DNS server for the fraudulent site
what are the limitations of blockchain
- can only add, not delete
- mistakes are persisted (no reversal)
- possible to de-anonymise
- high energy consumption
what is an ethical consideration of MHR
while we can do precision medicine, it’s compromise could have significant ramifications by revealing information about the entire population’s health conditions
but should we keep research closed off to this data when it can lead to improvements in clinical practice and personalisation of medicine
what are the 3 pillars of medical devices/tech
- safety: expectation that users will be kept free from harm
- effectiveness: performance under real-world circumstances
- efficacy: performance under ideal & controlled circumstances