Perceived Risk: Human Factors affecting ICT of Critical Infrastructure Peter Croll Fellow, CSIROs National Research Flagship on Preventative Health & Professor of Software Engineering, Faculty of IT, QUT, Brisbane Hasmukh Morarji Faculty of IT, QUT, Brisbane Workshop for the RNSA on The Social Implications of Information Security Measures upon Citizens and Business. 29 May 2006, University of Wollongong Drivers Information Technology - Adoption Safety & Quality Remote Access and Services High Speed Access Efficiency Gains Outsourcing Capabilities Preventative Health Satisfaction & Fulfillment Linked Data
This all demands linking systems together (new and existing) linking data linking technologies linking enterprises linking people across Departmental, Organizational, State and International boundaries This raises further questions What do you need to understand about securing linked systems? What new risks does integration and access to electronic data bring? How can you do an effective risk analysis? Can we realistically look at an organisations service provision as a whole? Do privacy and security guidelines / legislation help or hinder? What role does Trust play? How relevant is the International scene? The necessary trust can be fragile and easily broken through
well publicized incidences! Preventative Health Research Program Preventative Health Research Program Colorectal Cancer Neurodegenerative Diseases Cardiovascular Disease Protective food Protective food Protective food Diagnostics Novel preventative approaches Novel preventative
approaches Policy guidelines Policy guidelines Policy guidelines Gut Health Health Data and Information Age 80 2045 2000 1925 70 60 males females
% 0.0 0.6 1.2 1.21.2 1.2 0.6 % 0.0 0.6 1.2 Outline of P-Health Fellowship The Fellowship is investigating Risks to Health Data Integration with the emphasis on Security and Privacy In particular, establishing that the systems in place are safe enough to prevent trust of the data providers and data custodians from being readily or unintentionally eradicated.
Such a systems-wide assessment includes - not only technical risks - administrative, legal and managerial risks. many stakeholders many viewpoints Clinicians Managers Data Custodians Legal / Policy Officers IT technicians Clients (patients) Medical researcher Security Concerns Websites exist (http://www.sans.org/top20/) that are dedicated to reporting on the most current:
Top 20 Internet Security Vulnerabilities Currently the most venerable issue under cross-platform services is Backup Software. This is a valuable asset for any organization and typically runs across several servers, but the trend has been towards small number or a single large server to ease the administration overheads. Unfortunately much of the commercial software has exploitable vulnerabilities allowing systems to be completely compromised. That is, an attacker can leverage these flaws for an enterprise-wide compromise and obtain access to the sensitive backed-up data. Privacy Concerns The Australian (IT Today) Tuesday March 21, 2006 Karen Dearne, Health correspondent Consent Dispute in Health Project Mounting privacy and consent issues threaten to derail NSW Healths long awaited electronic health records pilot, due to start in the Hunter Region NSW acting privacy commissioner John Dickie met NSW Health yesterday over concerns that some aspects of the trial may be in breach
of the states health record and information privacy laws. A compromise was reached whereby the precedence was set to allow the system to be regarded as an opt-out option. Katherine McGrath, NSW Health deputy director-general for health system performance, stated "We're not trying to do this under the covers; we know lots of people are anxious about the changes, but the opt-in model was found to be too technically difficult to do, for a whole range of reasons." Privacy and Related Legislation in Australia NEHTA states that privacy protection in Australia is a complex patchwork: It is considered possible to navigate the existing privacy environment although this is not without some risk and may require future changes. Bureaucratic Concerns The inability to access medical data could put valuable medical research at risk! "There is no question that research is now at risk. Researchers are finding it increasingly difficult to get past the regulatory interpretation to allow their research to take place" said Robert Souhami, a cancer researcher at University College London.
"and this is a detriment to public health. A UK report published Jan 06 by the Academy of Medical Sciences said that large population-scale medical studies are in jeopardy because of an "undue emphasis on privacy" by regulators. Safety Concerns Thousands of children at risk after computer fault Babies miss injections as privatised NHS monitoring system breaks down Jo Revill, health editor Sunday February 26, 2006 Observer As many as 3,000 babies and toddlers may have gone without crucial vaccinations because a privatised NHS computer system has failed . An Observer investigation has found that the child health information system. has derailed the country's entire vaccination programme leaving health staff resorting to slips of paper Several women whose babies were stillborn have received letters asking them to take their babies for their first vaccinations. Offshoring Concerns
DAVID LAZARUS A tough lesson on medical privacy Pakistani transcriber threatens UCSF over back pay Wednesday, October 22, 2003 "Your patient records are out in the open... so you better track that person and make him pay my dues." A woman in Pakistan doing cut-rate clerical work for UCSF Medical Center threatened to post patients' confidential files on the Internet The violation of medical privacy - apparently the first of its kind - highlights the danger of "offshoring" work that involves sensitive materials Calculated Risks used to determine Calculated Risks needed for required for Experts Estimation OR Knowledge of
Consequences needed for Experts Estimation OR Measurement of Probability Risk Minimization Measures to dictate used by used by Outcomes Work Practices resulting in The Cycle of Calculated Risks and Work Practice Change Risk = Probability of
Occurrence X Consequence My study has identified that the main risks as seen by the data custodians include: Contacting the wrong people, i.e. data records linking to the wrong people or the wrong reasons (Ex) Other data custodians not providing them data for linkage (H) The incorrect use of data or for the wrong project or purpose (including identifying clinicians performance) (MH) Not having sufficient knowledge or control over their own data, i.e. in hands of IT services or third party (MH)
The accidental disclosure of individuals (M) Not following the privacy principles and their local policies, i.e. as determined by ethics committees (M) Whereas, my study has identified that the main risks as perceived by the public include: Abuse of genetic data (e.g. disclosure to insurance companies) Release of sensitive information (e.g. sexual, mental health) Government control of personal data (including concern of national identity cards) Use of data without an individual giving explicit consent (primarily for research purposes) Poor data integrity (information inaccurately recorded or records mismatched) Inadequate safeguards (any access by unauthorised people) Perceived Risks personally
ranked consequence results in Opinion of Consequences influences Perceived Risks estimate of likelihood results in affects Judgment of Probability influences influences Critical Factors occurrence/experience knowledge/media/hearsay
fear/belief/prejudice trust of profession/product Behaviour helps shape Outcomes have some effect on The Cycle of Perceived Risks and Critical Factors Conclusions highly application dependent and dynamic trust in e-Health fragile
increase understanding of interdependencies experts prediction significantly deviates from perceived risks modify methods to accommodate perceived risks survey consumer attitudes international perspective develop technology to support compliance with policy and security policy generation Please feel free to contact me: [email protected] How can we improve things? - Research Needs Prof Souhami said that public concerns on privacy had to be respected, and called for scientists to have: excellent standards of data security, excellent standards of ethical review [and] good practice in terms of anonymisation and acquiring consent Our research is focusing on the use of IT to ascertain:
the end users knowledge check their intended usage map against legislation and local policies check their ethics clearances enforce deadlines, audits and reviews - before permitting access to the data linkage tools. To reassure the public, media and management that: the risks have been assessed the probability of an incident has been estimated and adequate protection mechanisms are in place
Accessing Confidential Health Information for Research, QLD P-health Demonstrator Digital Certificates Users Web Interface Certs containing: - Data Source - Expiry dates Reports / Text files JSP / Java engine - User details - Access Control - Types of usage, e.g. PPA
Certificate Details / Project Spec List of Questions Admin Interface Navigation Rules - Expansion Based on text files - simple to add to and maintain ---Project Default Project #Page1 @Text [Size] 40 Title of Your Research Project QH: @Text [Size] 8
Start Date of Your Project 01/01/06 @Text [Size] 8 End Date of Your Project (2 Years Max.) 31/12/07 @Checkbox [Name] States [On] QLD [page] 2, 3 [On] WA [page] 3, 4 [On] default [page] 2 // [Mandatory] Which states will be involved? WA SA NSW VIC QLD
What is the approval number? 9999-999-99 @Checkbox [On] Other [item] sources Which of the following sources do you wish to access? Cancer Registry Perinatal Statistics Collection Pap Smear Register Breast Screen Registry Hospital Admitted Patient Data Ambulance Electoral roll Other Report and Certification Report can be exported into a standard form to suit Digital Signature
certificate can include end dates to terminate access, etc. Obvious Security Scams User ikxhudimsy [[email protected]]; on behalf of; Commonwealth Bank Customer Support Attention! If you will not activate new security system within one week we will have to temporary lock your account until your personality will be identified.* *Received by email on Monday 15th May 2006 More Sophistication In 2006 Imagine a country without: Vaccinations Water/sanitation Seat belts Fluoride Food safety/nutrition
HIV awareness Crash helmets Diagnostics/early detection Skin protection Preventative therapies Breast cancer screens The Drivers Vaccinations Water/sanitation Seat belts Fluoride
Food safety/nutrition HIV awareness Crash helmets Age 80 Diagnostics/early 70 detection 60 males 50 Skin protection 40 30 Preventative therapies 20 10 Breast cancer screens 0 1.2 0.6 % 0.0 Age
males 0.6 % 0.0 0.6 0.6 0.6 1.2 1.2 1.21.2 Standard of living % 0.0 * 2045 Contribution females to the
economy males 1.2 1.21.2 1.2 0.6 % 0.0 * Productivity Commission 2005, Economic Implications of an Ageing Australia, Melbourne, April 0.6 1.2 0.6 % Preventative Health Research Program Colorectal Cancer
Health Data and Information Gut Health Minimising the Privacy & Security Risks of Linked Health Data What are the risks? How can we reduce them? What techniques protect data for: clinical care health administration and secondary usage in research studies? The necessary trust can be fragile and easily broken through well publicized incidences! Information Technology makes extensive use of complex mathematical techniques to protect data. This includes both encryption and statistical analysis (e.g. the probability of back tracking
with de-identified data or the probability of adverse incidences occurring). All the mathematics is pointless if the system is not well managed! Do managers understand the maths? Should they have to? Towards 2045 Reduction in the impact of chronic disorders Use of assistive technologies to enhance the functional capacity of an ageing population HOW
Protective foods Novel biomarkers and diagnostics New preventive strategies including chemoprevention Enabling and assistive technologies Integrated health data Information for the setting of lifestyle guidelines * Productivity Commission 2005, Economic Implications of an Ageing Australia, Melbourne, April * Confidence Fragile with Internet Banking What have others found to be the main risks? UK Council for Science and Technology Personal Information Risks identified: loss of confidence and trust in privacy unauthorised use of personal data exploitation of individual citizens for
commercial gain statistical discrimination (e.g. creating a sub-culture of non-participation by individuals) technical risks such as database failure or incapacitation (e.g. by spam or unmanageable volumes of data) poor data quality cyber-terrorism Consequences (Impact) Data not supplied by patients/custodians Patients offended take legal action Research projects rejected by ethics Screening & prevention programs halted
Loss of reputation and/or income Medical knowledge not advanced Incorrect treatment Collapse of health care provision (particularly in disaster response situations) The QUiPS Risk Assessment Model q.i. (right product) poor functionality inappropriate action wrong functionality p.ii. (confidentiality) u.i. (degree of usage) Attribute Quality Usability
disclosure sensitive data At Risk q.i. Not developing the right product (i.e. not meeting requirements) q.ii. Not developing a robust product (i.e. not well engineered) u.i. Degree of usage (i.e. full or partial use of functions) u.ii. Acceptance by users (e.g. clinicians, patients, administrators) Privacy p.i. System security (i.e. preventing unauthorised access) p.ii. Patient confidentiality (e.g. not revealing personal health data) Safety s.i. Harm to the system (e.g. availability, data corruption) s.ii. Harm to people
(e.g. medical errors, medical data integrity) poor availability security breach u.ii. (user acceptance) s.ii. (human harm) p.i.(unathorised access) insecure trust violated not unsafe dependable hacker operation attack s.i. (system harm)
q.ii. (robust product) system unreliable How can we improve things? - Research Needs Prof Souhami said that public concerns on privacy had to be respected, and called for scientists to have: excellent standards of data security, excellent standards of ethical review [and] good practice in terms of anonymisation and acquiring consent Our research is focusing on the use of IT to ascertain: the end users knowledge check their intended usage
map against legislation and local policies check their ethics clearances enforce deadlines, audits and reviews - before permitting access to the data linkage tools. To reassure the public, media and management that: the risks have been assessed the probability of an incident has been estimated and adequate protection mechanisms are in place The Mathematics for Risk Assessment Risk = Probability (of the Event) X Consequence
Essential Question. How did the Columbian Exchange, Mercantilism and Capitalism affect Global Trade and make Europe wealthy? 14.10.2- Describe how the mercantilist system encouraged exploration, conquest, and colonization.
1905 Binet-Simon Intelligence Scale was translated into English. 1916 Terman revised the test that became the Stanford-Binet Intelligence Scale. Goddard developed a system based on mental age derived from the Binet-Simon Intelligence scale. Wechsler develops the Wechsler-Bellevue Intelligence scale in...
[Chaney et al. (2012)], supply of collateral [Campello & Giambona (2013)], or . definition of collateral [Campello & Larrain (2016)]on firm. leverage ratios. If credit was supplied-constrained by dead capital we could see firms operating more movable assets uniquely affected...
Seismic tomography Tomography attempts to determine anomalous structures within the Earth as revealed by deviations from "average" seismic properties at depth. Average is usually determined by one of the simple "radial" structural models of the Earth. PREM (Anderson and Dziewonski,...
The strength of the cementitious paste binder in concrete depends on the quality and quantity of the reacting paste components and on the degree to which the hydration reaction has progressed. Concrete becomes stronger with time as long as there...
DDQ=Data-Driven Quality. A road-map. is NOT a solution. It enables you to find a solution. A road-map alone cannot get you home… you also need the road and the car and the gas [CLICK] similarly to get to your DDQ...
Designing Information Architecture for Search Tutorial: SIGIR 2001 Marti Hearst ... Participants found more answers using categories Participants took same amount of time with all three interfaces Cha-Cha (intranet search) Cha-Cha (intranet search) How People Search The Standard Model ...
Students that want an education will not cheat. When the professor said that he/she would report us to the dean was only threatening to me personally because I heard that the dean will kick you out of the program if...
Ready to download the document? Go ahead and hit continue!