Forum Replies Created
-
Posts
-
-
From my understanding, eHealth is to utilize technologies to enhance the efficacy, effectiveness, and efficiency of healthcare to be better. An eHealth project could be classified into or incorporated with three domains, including health monitor, communication, and data sources. The eHealth project is possibly implemented as a health assistant to help users track physical activities and remind them of medicine intake or doctor appointments, to stay healthy and active. Additionally, the eHealth project could be established as a communicator for health follow-up, consultation, and information exchange between patients, doctors, pharmacists, and other healthcare providers remotely. The eHealth project could also be a digital recorder collecting health information, such as medical records, doctor visits, test results, and prescriptions, which could be accessed real-time and remotely by authorized persons to support best practices and guidelines of medical decision-making.
-
The big data that could be an example related to our daily life would be health and fitness data collected by a wearable smart device called Apple watch.
5Vs characteristics
1. Volume
The Apple Watch continuously collects data and tracks physical activities, such as step counts, heart rate measurement, blood oxygen, time asleep, respiratory rate, EKG, and body temperature etc., resulting in a vast volume of data being generated for each user over time.
2. Velocity
The Apple Watch shows real-time data, for instance heart rate monitoring, which is synced continuously to the connected iPhone for immediate health insights and alerts.
3. Variety
The Apple Watch consists of various sensors that capture a diverse range of data types; for example, GPS for location information during workouts, accelerometers for step counts and sleep tracking, optical heart sensor for heart rate, and gyroscopes for standing activity etc.
4. Veracity
Data accuracy and quality collected by Apple Watch could be influenced by some factors, such as proper device fit and usage.
5. Value
Monitoring user’s health and fitness data from Apple Watch could provide health insights for informed decisions about their well-being, including tracking daily activity goals, monitoring heart rate trends, and detecting irregular heart rhythms or falls, which can be life-saving. -
1. Have you ever observed a health informatics project in your (other) organization? Please provide a brief introduction.
Since my work doesn’t related to healthcare or IT directly, I would like to discuss a health informatics project that I have experienced before, called Thailand Digital Health Passport for COVID-19. During the COVID-19 pandemic, Thailand developed digital health passports or health certificates in Mor Prompt mobile application in 2021 to facilitate safe travel and access to various venues based on individuals’ vaccination and health status. The digital health pass (DHP) contains identification information, vaccination records, COVID-19 testing results, and recovery status in the form of QR code certified by the European Union in 2022.
2. How can this health informatics project help to improve the current practices?
The digital health pass facilitates more efficient and safe travel for individuals to provide proof of their COVID-19 vaccination records, negative test results, or recovery from the virus, reducing the risk of transmission during travel. DHP provides contact tracing features in which the passport could assist in identifying and notifying individuals who may have been exposed to COVID-19, helping to control outbreaks. The digital passports also help ensure the accuracy and authenticity of COVID-19-related information, which reduces the risk of fraudulent test results or vaccination records. Lastly, DHP provides privacy control that allows users to control who can access their health data via the application to protect their personal health information, instead of holding paper increasing risks of data breach.
3. Are there any challenges or difficulties in implementing the project?
Due to the urgent development and implementation of the DHP project during the COVID-19 pandemic, a poorly designed application could result in technical issues. In 2021, there were reports of DHP system failure that vastly impacted and slowed down inspection of COVID-19 information proof, leading to temporary travel restrictions or suspensions and border congestion. The system failure was possibly caused by software bugs, server downtime, or network connectivity issues, preventing users from accessing or updating their DHP information. If there was a high demand of accessing DHP simultaneously, this potentially resulted in performance problems, leading to slowdowns, errors, or system crashes.
-
Apart from aforementioned preventive measures by Khun Sirithep and Khun Thitikan, other potential protections against the data breach could be data classification and data encryption. Classifying data based on sensitivity helps apply appropriate security measures to each category to ensure that highly sensitive data is protected with higher security. Encrypting sensitive data at rest and in transit also helps protect the data from being accessed by unauthorized individuals.
-
-
-
The web-based application for patient appointments on cloud server is more cost-effective than purchasing and maintaining physical server hardware. Since the usage of a healthcare application for patient appointments may fluctuate, cloud servers easily scale up or down based on the application’s demand. Some leading cloud providers offer high levels of reliability and uptime for 24/7 available healthcare services. Their security measures for infrastructure are more likely to be more robust than what a small IT department in a hospital can provide. Also, cloud servers allow the IT officer to focus on application development rather than server management.
PaaS (Platform as a Service) cloud server would be most suitable for the web-based application for patient appointments with the limited IT resources in the hospital and specific requirements of app features. It provides more ease of infrastructure management with more flexible customization than SaaS and IaaS. Thus, the IT officer requires less learning curve for app development training and is able to focus on building the application rather than maintaining the server.
-
I would like to focus on 3 examples of cyberattack methods that occur in hospitals.
1) Ransomware attacks:
In 2017, the WannaCry ransomware attack targeted hospitals and healthcare organizations worldwide, including the National Health service (NHS). It exploited a vulnerability in Microsoft Windows Systems across networks. WannaCry infected computer systems and encrypted patient records to demand a ransom in cryptocurrency for decryption keys, leading to disruption and potential risks to patient care.
2) Phishing attacks:
In 2020, a phishing campaign targeted healthcare workers with COVID-19 related lures. Hospital staff received phishing emails containing malicious attachments or links that seem to be from a trusted source. Clicking on the provided link led to credential theft, which was a fake login page similar to the hospital’s email system, and unauthorized access to the hospital’s network and potentially compromising patient data.
3) Insider threats:
This cyberattack could be caused by intention or accident. In 2014, a former employee of a Texas hospital gained unauthorized access to sensitive patient information and exposed them to external parties by posting them online. This breach compromised the privacy and security of patients, leading to legal consequences for the hospital. -
Thai-Chana is one of the COVID-19 disease-control tracing mobile applications as an online registration system for people entering public venues. This system aims to determine crowdedness of business and public locations for disease-control measures of physical distancing management. The app allows users or visitors to ‘check-in’ and ‘check-out’ by scanning QR code when visiting places. They are notified and provided trace information of infected visitors to track down visitors with close contact to them based on location and timeline. However, criticisms and concerns of using Thai-Chana app include data privacy, data redundancy, and data integrity and quality.
Data privacy and security:
Thai-Chana application requires real-time location of users by coercing visitors to give their private information before entering some places, which is considered as a privacy violation. For those with no smartphone, writing down their private information is also requisite by using a given pen as the same as others. This measure not only increases a contact of disease but also induces a leakage of personal data to third parties, resulting in problems of scam calls and spam messages have arisen until these days.Data redundancy :
Apart from Thai-Chana, another COVID-19 tracing application with similar functions is MorChana. While visitors check in to the Thai Chana system and MorChana recording the location by GPS, both applications collect the same user’s personal information and location. These systems lead to data redundancy that wastes excessive resources to store the same data in separate databases of these two apps, since the redundant data is eventually transferred to the Disease Control Department (DCD).Data integrity and quality :
As aforementioned, there is a gap of data collection between users who can and cannot access the Thai-Chana system via smart devices. Since the data from visitors with no smartphone results in paper-based records, some collected data with poor handwriting affect the data integrity when digitizing data from paper to database. Moreover, unwillingness to give private information could coerce visitors to provide false information intentionally.Solutions :
To apply knowledge and skills of health informatics to the Thai-Chana system project, well-planned implementation of data privacy regulations and management of information technology security could prevent user’s data violation and leakage, which is crucial to the reliability of the database owner or government to the users. If the users trust in the data privacy and security system of the application, they would be more willing to reveal the real personal information that is advantageous to the data quality for the disease control measure. Using tools and technology, such as tablets, for data collection instead of digitizing paper-based records could encourage data integrity. Furthermore, a health informatics interoperability system designed by enterprise architecture could avoid redundant data entry if there were an organization (or DCD itself) controlling data flow and centralized data from different application databases. The interoperability also prevents the development of duplicated applications/projects, saves the cost of wasted data storage, and utilizes information technology resources more efficiently during pandemics. -
As a biomedical research assistant experienced in cellular/molecular research and vector surveillance, my background knowledge and skills are mainly in biological laboratory and partially in entomological research. Even though my current job isn’t directly correlated with public health/healthcare/IT professionals (as classmates), it is somehow similar to health informaticians. Working on data management of insectary and surveillance data is new and very challenging for me who have limited knowledge and experience related to data and IT. I usually face a problem when trying to design and implement new tools to facilitate the workload of lab staff and increase their productivity, such as digitizing paper-based records, collecting data via electronic application, and automating the request approval process. Apart from that, I spend most of the time on data analysis and data visualization of surveillance data to interpret insights of data. Therefore, to achieve my profession in health informatics and to work with data/information more efficiently and more productively, I need to gain more knowledge and skills in all aspects of public health practice and system, management, social science, and especially information technology (data standards, database, data privacy and security, system design and implementation, and data analysis etc.).
-
