Skip to main content

Über dieses Buch

This book aims to highlight the gaps and the transparency issues in the clinical research and trials processes and how there is a lack of information flowing back to researchers and patients involved in those trials.

Lack of data transparency is an underlying theme within the clinical research world and causes issues of corruption, fraud, errors and a problem of reproducibility. Blockchain can prove to be a method to ensure a much more joined up and integrated approach to data sharing and improving patient outcomes. Surveys undertaken by creditable organisations in the healthcare industry are analysed in this book that show strong support for using blockchain technology regarding strengthening data security, interoperability and a range of beneficial use cases where mostly all respondents of the surveys believe blockchain will be important for the future of the healthcare industry.

Another aspect considered in the book is the coming surge of healthcare wearables using Internet of Things (IoT) and the prediction that the current capacity of centralised networks will not cope with the demands of data storage. The benefits are great for clinical research, but will add more pressure to the transparency of clinical trials and how this is managed unless a secure mechanism like, blockchain is used.



Chapter 1. Blockchain and Healthcare

Distributed Ledger Technologies are promised to be genuinely disruptive in a variety of industries and sectors, from the food supply, pharmaceutical, real estate, financial services, academia and healthcare. Blockchain technologies vastly improve the flow of data within and among companies and people and transform the way that the Internet is used to exchange value. The use of distributed applications can revolutionise and simplify complex system tasks and create new substructures in a fully developing distributed economy as part of Industry 4.0. Blockchain technologies have the enormous potential to transform healthcare and existing security, privacy and interoperability issues allowing more flexibility and freedom to patients and their data. New economies of scale are emerging for health information exchange that makes the management of electronic records easier while eliminating fictions and costs associated with current intermediaries. This chapter seeks to explore the idiosyncrasies of Blockchain technology and its adaptation in healthcare with an emphasis to its core features and applications. We expand to the key risks and opportunities of Blockchain and briefly discuss this pilot studies in healthcare.
Gregory Epiphaniou, Herbert Daly, Haider Al-Khateeb

Chapter 2. Digital Transformation of Healthcare

The digital transformation needs to go a lot further to provide a seamless but secure and protected data interchange where a multitude of beneficial impacts can be gained such as longitudinal medical data, interoperability, secure patient centric generated data and its use cases, to name a few. Positioned with the increasing threat of data breaches, the healthcare sector has started to make deeper inroads into the beneficial uses of blockchain as the mechanism to provide immutability, audit trail, security and protect the privacy of data to ensure a better way forwards for healthcare transformation. This chapter aims to discuss the impact of digital transformation on the healthcare industry.
Hamid Jahankhani, Stefan Kendzierskyj

Chapter 3. Healthcare Patient and Clinical Research

Clinical trials and research are a very involved and often lengthy process with formalities and regulations that should be adhered to. There are questions over the transparency of clinical research data from the start of the initial process of registration, informed consent, clinical outcomes and to where approval is given by post marketing and publication. These impacts suggested have manifested itself in the form of fraud, misconduct, selective reporting, bias and consequently had other effects to those taking approved drugs; some resulting in fatalities. Access to research data has also been difficult to obtain from those involved in the clinical trials such as patients and even researchers whom would be interested in the post marketing phase and pharmaceutical analysis. Evidence is presented with data extracted from credible sources that highlight the concerns in registration, informed consent and clinical research outcomes and how they are reported with recent example of how opioids misuse has ended up as a serious issue as a consequence of non-transparency. This Chapter suggests a theoretical model to propose how blockchain could present a more transparent and secure method to tackle the issues mentioned, with utilising blockchain as the mechanism/framework for clinical research institutions, regulation and non-regulation bodies, pharmaceutical organisations, drug manufacturers/suppliers and patients.
Stefan Kendzierskyj, Hamid Jahankhani

Chapter 4. Information Security Governance, Technology, Processes and People: Compliance and Organisational Readiness

Compliance and an increasing level of cyber maturity form crucial part of corporate defence systems and are the basis of any well-functioning cyber security programme. As the scope of compliance widens with the maturity of the organisation, the human element needs to be addressed as well. Cyber maturity assessments, red teaming and capture the flag exercises help simulate the threat vectors tactics, tools and procedures, give defenders an insight into the enemy motives and help mitigate technical exposure. However, most of these exercises are being delivered with an exclusive aim to achieve technical learning and address incidents on a technical vulnerability level. This chapter looks at how can organisations – having achieved the necessary compliance and governance standards – understand and address human behaviour as cyber security threat. These can be team member’s individual blind-spots and glitches in high-risk team dynamics, which are, if ineffective, are considered system vulnerabilities. When these risk behaviours have been identified and addressed with targeted interventions and training, organisations will be able to mitigate the human risk directly, just as they would patch their on-line systems or scan their networks.
Berta Pappenheim da Silva, Alonso Jose da Silva, Josefine Ehlers Davidsen

Chapter 5. Cyber-Physical Attacks and the Value of Healthcare Data: Facing an Era of Cyber Extortion and Organised Crime

Cybercrime has reached to a level that any cyber-attack can cause great levels of extortion. With the support of technology, healthcare organisations have been able to enhance medical treatment assuring better solutions to improve lifestyle of people. Likewise, criminals are attracted to the information allocated within hospital and clinics regardless of physical or digital storage. Electronic Health Records (EHR) are the most important asset in healthcare and criminals are aware of their value in the black market, including the dark web. This paper analyses the impact of cyber-attacks to healthcare organisations including methods used by criminals to enhance their anonymity, and the value of healthcare data nowadays. It studies blockchain, The Onion Router (TOR) and other common tools to ensure security and privacy while navigating through the internet and the reason why cybercriminals take advantage of the dark web to sell stolen information from hospitals in order to get higher financial gain. It also looks at the levels of extortion that is caused to organisations and how people are compromised.
Jaime Ibarra, Hamid Jahankhani, Stefan Kendzierskyj

Chapter 6. The Transparency of Big Data, Data Harvesting and Digital Twins

Computer storage and cloud computing has become more powerful with multiple algorithms running complex data analysis looking at intelligence trends, user behaviour, profiling and ways to make use of these outputs. Added with the artificial intelligence (AI) interaction has meant a new and dynamic method to create models forging analysis to be more clinical, proficient and continually seeking more improvement with the self-learning and intelligent programming of machine learning (ML). In the healthcare sector there is deep interest in collecting, curating the data and making the best use of silo’d data through methods such as blockchain. This can then lead to a multitude of innovations such as precision based medicine, targeting individual variability in genes, their environment, etc. It also means that big data analytics in healthcare is evolving into providing these insights from very large data sets and improving outcomes while reducing costs and inefficiencies. However, there also are some ethical impacts in the process of Digital Twins which can lead to segmentation and discrimination. Or perhaps the data that is automatically collected from healthcare sensors in IoMT and what type of governance are they scrutinized to. It is clear that data is the most important asset of not just an organisation but also to the individual and why the General Data Protection Regulation (GDPR) has taken an important stance in data protection by design and default, that all organisations needs to follow. This chapter aims to highlight some of the concerns.
Stefan Kendzierskyj, Hamid Jahankhani, Arshad Jamal, Jaime Ibarra Jimenez

Chapter 7. Blockchain for Modern Digital Forensics: The Chain-of-Custody as a Distributed Ledger

Blockchain technology can be incorporated into new systems to facilitate modern Digital Forensics and Incident Response (DFIR). For example, it is widely acknowledged that the Internet-of-Things (IoT) has introduced complexity to the cyberspace, however, incident responders should also realise the advantages presented by these new “Digital Witnesses” (DW) to support their investigation. Logs generated by IoT devices can help in the process of event reconstruction, but their integrity -and therefore admissibility- can be achieved only if a Chain-of-Custody (CoC) is maintained within the wider context of an on-going digital investigation. Likewise, the transition to electronic documentation improves data availability, legibility, the utility of notes, and therefore enhances the communication between stakeholders. However, without a proof of validity, these data could be falsified. For example, in an application area such as eHealth, there is a requirement to maintain various existing (and new) rules and regulations concerning authorship, auditing, and the integrity of medical records. Lacking data control could lead to system abuse, fraud and severe compromise of service quality. These concerns can be resolved by implementing an online CoC. In this paper, we discuss the value and means of utilising Blockchain in modern systems to support DFIR. we demonstrate the value of Blockchain to improve the implementation of Digital Forensic Models and discuss why law enforcement and incident responders need to understand Blockchain technology. Furthermore, the admissibility of a Digital Evidence to a Court of Law requires chronological documentation. Hence, we discuss how the CoC can be sustained based on a distributed ledger. Finally, we provide a practical scenario related to eHealth to demonstrate the value of this approach to introduce forensic readiness to computer systems and enable better Police interventions.
Haider Al-Khateeb, Gregory Epiphaniou, Herbert Daly

Chapter 8. The Standardised Digital Forensic Investigation Process Model (SDFIPM)

The field of digital forensics still lacks formal process models that courts can employ to determine the reliability of the process followed in a digital investigation. The existing models have often been developed by digital forensic practitioners, based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the institution of the formal processes that are urgently required. Moreover, as digital forensic investigators often operate within different fields of law enforcement, commerce and incident response, the existing models have often tended to focus on one particular field and have failed to consider all the environments. This has hindered the development of a generic model that can be applied in all the three stated fields of digital forensics. To address these shortcomings, this chapter makes a novel contribution by proposing the Advanced Investigative Process Model (the SDFIPM) for Conducting Digital Forensic Investigations, encompassing the ‘middle part’ of the digital investigative process, which is formal in that it synthesizes, harmonises and extends the existing models, and which is generic in that it can be applied in the three fields of law enforcement, commerce and incident response.
Reza Montasari, Richard Hill, Victoria Carpenter, Amin Hosseinian-Far

Chapter 9. Hybrid Cyber Security Framework for the Internet of Medical Things

Despite IoMTs benefits in healthcare, emphasise that attaining robust security and privacy is becoming a huge challenge. The increased flow of information from IoMTs endpoints and applications increases the risk landscape; therefore, their security needs to be addressed. The risk to IoMTs includes potential harm to patient safety, compromise to patient health information and unauthorised access to devices. In 2013, 44% of data breaches occurred in the healthcare and in 2017, the National Health Service (NHS) England reported a ransomware attack which affected an estimated 80 trusts and an additional 603 primary care organisations. It is argued that for a sector (healthcare) under constant attack, the introduction IoMTs may be too big of a security risk. However, when the right security measures are in place, IoMTs can deliver more benefits than risk. With regards to The General Data Protection Regulation (GDPR), IoMTs raises compliance issues in the domain of consent. Cyber security frameworks such as ISO 27000 x series, NIST CSF 2018 or COBIT can be used as a guideline to implement security controls in IoMTs. However, some of them are out of date or lack the required approach to protect IoMTs technology. There is a lack of specific standards tailored to IoMTs security, and the need to safeguard patient safety, maintain the security and privacy of patient information that could all help towards more secure IoMT use cases. What is presented in this Chapter is a method to create a hybrid cyber security framework for IoMT. The framework is an extension of the NIST cyber security framework Version 1.1. This could be very useful to the UK healthcare industry as it is moving towards full adoption of IoMTs for benefits explained earlier.
Danisa Nkomo, Raymond Brown

Chapter 10. BMAR – Blockchain for Medication Administration Records

Medication Administration Records are crucial documents in the care and quality offered to service users. Audits will inspect MAR sheets and these will form a significant impact on the outcome of Medication Management. This impact will be combined with inspections of registered hospitals, care and residential homes across the healthcare profession. The proposal is to build a prototype using blockchain technology to implement MAR sheets, essentially building a blockchain application that stores electronic health records (EHR). The use of permissioned blockchain technology provides confidentiality and trust with the auditors (e.g., CQC). The prototype is tested on two scenarios and results are encouraging. The results indicate that reminders can be sent to healthcare professionals and other consequences of the implementation of EHR and permissioned blockchain.
I. Mitchell, S. Hara

Chapter 11. Recent Cyber Attacks and Vulnerabilities in Medical Devices and Healthcare Institutions

Cyber-attacks are targeting different businesses including medical sectors. From medical devices such as pace makers to medical institutions like hospitals and clinics are all vulnerable targets for cyber criminals. Cyber breaches in medical area not only can risk patients’ life but also can lead to leakage of sensitive and confidential data. Due to the nature of medical targets and their importance and sensitivity, there is a significant need to review and investigate the current and past vulnerabilities and weaknesses within the devices and medical institutions. This research aims to investigate recent and current vulnerabilities of medical devices and institutions and highlight the importance of cyber security issues in this area.
Jake Beavers, Sina Pournouri
Weitere Informationen

Premium Partner