Secure Automated File Exchange (SAFE) – Enabling More Efficient Transfers of Sensitive Data

IntroductionWith the explosion in data being collected and made available for research, linkage units receive an increasing amount of data. At the same time, researchers also expect access to more current data. This increase in the influx of data can create resource constraints for linkage units, which need to mobilise more staff time for data processing, as well as data custodians, who are required to provide data updates more frequently. Objectives and ApproachSA NT DataLink has designed the Secure Automated File Exchange (SAFE), in collaboration with the University of South Australia. SAFE provides a framework to safely transfer encrypted data from custodians into SA NT DataLink’s systems. A given custodian uses one private key to send personally identifying data via Secure File Transfer Protocol (SFTP). This data flows via the university’s IT infrastructure, where it is checked for encryption, directly into a Demilitarised Zone (DMZ) within SA NT DataLink’s Data Linkage Unit’s (DLU) highly protected environment. The same custodian then uses a separate private key to provide the corresponding encrypted anonymised content data, again via SFTP. Given the less sensitive nature of this data type, it is deposited on secure university on-site storage, from where it is manually transferred by Data Integration Unit (DIU) staff to SA NT DataLink’s Custodian Controlled Data repository (CCDR). ResultsSA NT DataLink considers implementing SAFE with one data provider as a trial project. After successful testing, a rollout to other data custodians is possible. In parallel, alternative technical solutions for automated data transfers are being evaluated. Conclusion / ImplicationsAutomated data transfer solutions will reduce effort by data custodians to send data and for linkage units to receive and process data updates. Moreover, by limiting manual intervention, they will limit vulnerability to data privacy breaches and the risk of introducing errors into the data. However, data workflow automation is dependent on data provider requirements and the availability of resources to process received data.

Download Full-text

Open science: The open clinical trials data journey

Clinical Trials ◽

10.1177/1740774519865512 ◽

2019 ◽

Vol 16 (5) ◽

pp. 539-546 ◽

Cited By ~ 2

Author(s):

Frank Rockhold ◽

Christina Bromley ◽

Erin K Wagner ◽

Marc Buyse

Keyword(s):

Data Sharing ◽

Data Privacy ◽

Resource Constraints ◽

Open Data ◽

Data Access ◽

Open Science ◽

Current Data ◽

Shared Data ◽

Privacy Issues ◽

And Training

Open data sharing and access has the potential to promote transparency and reproducibility in research, contribute to education and training, and prompt innovative secondary research. Yet, there are many reasons why researchers don’t share their data. These include, among others, time and resource constraints, patient data privacy issues, lack of access to appropriate funding, insufficient recognition of the data originators’ contribution, and the concern that commercial or academic competitors may benefit from analyses based on shared data. Nevertheless, there is a positive interest within and across the research and patient communities to create shared data resources. In this perspective, we will try to highlight the spectrum of “openness” and “data access” that exists at present and highlight the strengths and weakness of current data access platforms, present current examples of data sharing platforms, and propose guidelines to revise current data sharing practices going forward.

Download Full-text

Is There a Better Option than the Data Transfer Model to Protect Data Privacy?

University of New South Wales Law Journal ◽

10.53637/mrob8894 ◽

2019 ◽

Vol 42 (2) ◽

Author(s):

Alan Toy ◽

Gehan Gunasekara

Keyword(s):

Privacy Protection ◽

Data Privacy ◽

Data Transfer ◽

Business Environment ◽

Transfer Model ◽

Privacy Rights ◽

Choice Of Law ◽

Privacy Laws ◽

Data Privacy Protection ◽

Extraterritorial Jurisdiction

The data transfer model and the accountability model, which are the dominant models for protecting the data privacy rights of citizens, have begun to present significant difficulties in regulating the online and increasingly transnational business environment. Global organisations take advantage of forum selection clauses and choice of law clauses and attention is diverted toward the data transfer model and the accountability model as a means of data privacy protection but it is impossible to have confidence that the data privacy rights of citizens are adequately protected given well known revelations regarding surveillance and the rise of technologies such as cloud computing. But forum selection and choice of law clauses no longer have the force they once seemed to have and this opens the possibility that extraterritorial jurisdiction may provide a supplementary conceptual basis for championing data privacy in the globalised context of the Internet. This article examines the current basis for extraterritorial application of data privacy laws and suggests a test for increasing their relevance.

Download Full-text

A streaming multi-class support vector machine classification architecture for embedded systems

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v16.i3.pp1286-1296 ◽

2019 ◽

Vol 16 (3) ◽

pp. 1286

Author(s):

Jeevan Sirkunan ◽

Jia Wei Tang ◽

Nasir Shaikh-Husin ◽

Muhammad Nadzir Marsono

Keyword(s):

Embedded System ◽

Test Data ◽

Data Transfer ◽

Pedestrian Detection ◽

External Memory ◽

Support Vector ◽

Data Input ◽

Maximum Throughput ◽

Process Data ◽

Svm Classification

Pedestrian detection, face detection, speech recognition and object detection are some of the applications that have benefited from hardware-accelerated SVM. SVM classification computational complexity makes it challenging for designing hardware architecture with real-time performance and low power consumption. On an embedded streaming architecture, test data are stored on external memory and transferred in streams to the FPGA device. The hardware implementation for SVM classification needs to be fast enough to keep up with the data transfer speed. Prior implementation throttles data input to avoid overwhelming the computational unit. This results in a bottleneck in overall streaming architecture as maximum throughput could not be obtained. In this work, we propose a streaming architecture multi-class SVM classification for embedded system that is fully pipelined and able to process data continuously with out any need to throttle data stream input. The proposed design is targeted for embedded platform where test data is transferred in streams from an external memory. The architecture was implemented on Altera Cyclone IV platform. Performance analysis on our proposed architecture is done with regards to the number of features and support vectors. For validation, the results obtained is compared with LibSVM. The proposed architecture is able to produce output rate identical to test data input rate.

Download Full-text

Automation of (meta-)data workflows from field to data repository

10.5194/egusphere-egu21-2521 ◽

2021 ◽

Author(s):

Linda Baldewein ◽

Ulrike Kleeberg ◽

Lars Möller

Keyword(s):

Data Center ◽

Data Transfer ◽

Field Analysis ◽

Automated Assignment ◽

Data Repository ◽

Sample Collection ◽

Unique Identifier ◽

Planning Stage ◽

Sampling Campaign ◽

Field Samples

In Earth and environmental sciences data analyzed from field samples are a significant portion of all research data, oftentimes collected under significant costs and non-reproducibly. If important metadata is not immediately secured and stored in the field, the quality and re-usability of the resulting data will be diminished. &#160;At the Helmholtz Coastal Data Center (HCDC) a metadata and data workflow for biogeochemical data has been developed over the last couple of years to ensure the quality and richness of metadata and enable that the final data product will be FAIR. It automates and standardizes the data transfer from the campaign planning stage, through sample collection in the field, analysis and quality control to the storage into databases and the publication in repositories.Prior to any sampling campaign, the scientists are equipped with a customized app on a tablet that enables them to record relevant metadata information, such as the date and time of sampling, the involved scientists and the type of sample collected. Each sample and station already receives a unique identifier at this stage. The location is directly retrieved from a high-accuracy GNSS receiver connected to the tablet. This metadata is transmitted via mobile data transfer to the institution&#8217;s cloud storage.After the campaign, the metadata is quality checked by the field scientists and the data curator and stored in a relational database. Once the samples are analyzed in the lab, the data is imported into the database and connected to the corresponding metadata using a template. Data DOIs are registered for finalized datasets in close collaboration with the World Data Center PANGAEA. The data sets are discoverable through their DOIs as well as through the HCDC data portal and the API of the metadata catalogue service.This workflow is well established within the institute, but is still in the process of being refined and becoming more sophisticated and FAIRer. For example, an automated assignment of International Geo Sample Numbers (IGSN) for all samples is currently being planned.

Download Full-text

Parallel Data Transfer Protocol

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Enabling the New Era of Cloud Computing ◽

10.4018/978-1-4666-4801-2.ch012 ◽

2013 ◽

pp. 238-255 ◽

Cited By ~ 1

Author(s):

Yushi Shen ◽

Yale Li ◽

Ling Wu ◽

Shaofeng Liu ◽

Qian Wen

Keyword(s):

Optical Networks ◽

Packet Loss ◽

Large Scale ◽

Data Transfer ◽

Current Data ◽

Packet Losses ◽

Multiple Flows ◽

Data Transfer Protocol ◽

Display Walls ◽

Synchronization Mechanisms

Transferring very high quality digital objects over the optical network is critical in many scientific applications, including video streaming/conferencing, remote rendering on tiled display walls, 3D virtual reality, and so on. Current data transfer protocols rely on the User Datagram Protocol (UDP) as well as a variety of compression techniques. However, none of the protocols scale well to the parallel model of transferring large scale graphical data. The existing parallel streaming protocols have limited synchronization mechanisms to synchronize the streams efficiently, and therefore, are prone to slowdowns caused by significant packet loss of just one stream. In this chapter, the authors propose a new parallel streaming protocol that can stream synchronized multiple flows of media content over optical networks through Cross-Stream packet coding, which not only can tolerate random UDP packet losses but can also aim to tolerate unevenly distributed packet loss patterns across multiple streams to achieve a synchronized throughput with reasonable coding overhead. They have simulated the approach, and the results show that the approach can generate steady throughput with fluctuating data streams of different data loss patterns and can transfer data in parallel at a higher speed than multiple independent UDP streams.

Download Full-text

Wireless Sensor Network

Wireless Sensor Networks and Energy Efficiency ◽

10.4018/978-1-4666-0101-7.ch016 ◽

2012 ◽

pp. 339-347

Author(s):

Noor Zaman ◽

Azween Abdullah ◽

Khalid Ragab

Keyword(s):

Wireless Sensor Networks ◽

Resource Constraints ◽

Data Transfer ◽

Sensor Nodes ◽

Wireless Sensor ◽

Future Directions ◽

Maximum Benefit ◽

Routing Techniques ◽

Different Levels

Wireless Sensor Networks (WSNs) are becoming common in use, with a vast diversity of applications. Due to its resource constraints, it is hard to maintain Quality of Service (QoS) with WSNs. Though they contain a vast variety of applications, at the same time they are also required to provide different levels of QoS, for various types of applications. A number of different issues and challenges still persist ahead to maintain the QoS of WSN, especially in critical applications where the accuracy of timely, guaranteed data transfer is required, such as chemical, defense, and healthcare. Hence, QoS is required to ensure the best use of sensor nodes at any time. Researchers are trying to focus on QoS issues and challenges to get maximum benefit from their applications. With this chapter, the authors focus on operational and architectural challenges of handling QoS, requirements of QoS in WSNs, and they discuss a selected survey of QoS aware routing techniques by comparing them in WSNs. Finally, the authors highlight a few open issues and future directions of research for providing QoS in WSNs.

Download Full-text

Making the Pedigree to Your Big Data Repository: Innovative Methods, Solutions, and Algorithms for Supporting Big Data Privacy in Distributed Settings via Data-Driven Paradigms

2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC) ◽

10.1109/compsac.2019.10257 ◽

2019 ◽

Cited By ~ 1

Author(s):

Alfredo Cuzzocrea ◽

Ernesto Damiani

Keyword(s):

Big Data ◽

Data Privacy ◽

Data Driven ◽

Data Repository ◽

Innovative Methods ◽

Big Data Privacy

Download Full-text

Privacy-Preserving Process Mining in Healthcare

International Journal of Environmental Research and Public Health ◽

10.3390/ijerph17051612 ◽

2020 ◽

Vol 17 (5) ◽

pp. 1612 ◽

Cited By ~ 4

Author(s):

Anastasiia Pika ◽

Moe T. Wynn ◽

Stephanus Budiono ◽

Arthur H.M. ter Hofstede ◽

Wil M.P. van der Aalst ◽

...

Keyword(s):

Data Mining ◽

Data Privacy ◽

Process Mining ◽

Personal Data ◽

Data Transformation ◽

Privacy Preserving ◽

Sensitive Information ◽

Process Data ◽

Mining Community ◽

Healthcare Process

Process mining has been successfully applied in the healthcare domain and has helped to uncover various insights for improving healthcare processes. While the benefits of process mining are widely acknowledged, many people rightfully have concerns about irresponsible uses of personal data. Healthcare information systems contain highly sensitive information and healthcare regulations often require protection of data privacy. The need to comply with strict privacy requirements may result in a decreased data utility for analysis. Until recently, data privacy issues did not get much attention in the process mining community; however, several privacy-preserving data transformation techniques have been proposed in the data mining community. Many similarities between data mining and process mining exist, but there are key differences that make privacy-preserving data mining techniques unsuitable to anonymise process data (without adaptations). In this article, we analyse data privacy and utility requirements for healthcare process data and assess the suitability of privacy-preserving data transformation methods to anonymise healthcare data. We demonstrate how some of these anonymisation methods affect various process mining results using three publicly available healthcare event logs. We describe a framework for privacy-preserving process mining that can support healthcare process mining analyses. We also advocate the recording of privacy metadata to capture information about privacy-preserving transformations performed on an event log.

Download Full-text

Implementation of eHealth and AI integrated diagnostics with multidisciplinary digitized data: are we ready from an international perspective?

European Radiology ◽

10.1007/s00330-020-06874-x ◽

2020 ◽

Vol 30 (10) ◽

pp. 5510-5524 ◽

Cited By ~ 3

Author(s):

Mark Bukowski ◽

Robert Farkas ◽

Oya Beyan ◽

Lorna Moll ◽

Horst Hahn ◽

...

Keyword(s):

Data Integration ◽

Data Privacy ◽

Clinical Chemistry ◽

International Perspective ◽

Current Data ◽

Security And Privacy ◽

Ethical Challenges ◽

Medical Environment ◽

Key Points ◽

Integrated Diagnostics

Abstract Digitization of medicine requires systematic handling of the increasing amount of health data to improve medical diagnosis. In this context, the integration of the versatile diagnostic information, e.g., from anamnesis, imaging, histopathology, and clinical chemistry, and its comprehensive analysis by artificial intelligence (AI)–based tools is expected to improve diagnostic precision and the therapeutic conduct. However, the complex medical environment poses a major obstacle to the translation of integrated diagnostics into clinical research and routine. There is a high need to address aspects like data privacy, data integration, interoperability standards, appropriate IT infrastructure, and education of staff. Besides this, a plethora of technical, political, and ethical challenges exists. This is complicated by the high diversity of approaches across Europe. Thus, we here provide insights into current international activities on the way to digital comprehensive diagnostics. This includes a technical view on challenges and solutions for comprehensive diagnostics in terms of data integration and analysis. Current data communications standards and common IT solutions that are in place in hospitals are reported. Furthermore, the international hospital digitalization scoring and the European funding situation were analyzed. In addition, the regional activities in radiomics and the related publication trends are discussed. Our findings show that prerequisites for comprehensive diagnostics have not yet been sufficiently established throughout Europe. The manifold activities are characterized by a heterogeneous digitization progress and they are driven by national efforts. This emphasizes the importance of clear governance, concerted investments, and cooperation at various levels in the health systems. Key Points • Europe is characterized by heterogeneity in its digitization progress with predominantly national efforts. Infrastructural prerequisites for comprehensive diagnostics are not given and not sufficiently funded throughout Europe, which is particularly true for data integration. • The clinical establishment of comprehensive diagnostics demands for a clear governance, significant investments, and cooperation at various levels in the healthcare systems. • While comprehensive diagnostics is on its way, concerted efforts should be taken in Europe to get consensus concerning interoperability and standards, security, and privacy as well as ethical and legal concerns.

Download Full-text

A practical process mining approach for compliance management

Journal of Financial Regulation and Compliance ◽

10.1108/jfrc-12-2018-0163 ◽

2019 ◽

Vol 27 (4) ◽

pp. 464-478

Author(s):

Michael Becker ◽

Rüdiger Buchkremer

Keyword(s):

Risk Management ◽

Financial Institutions ◽

Data Privacy ◽

Process Mining ◽

Financial Institution ◽

Real Life ◽

Practical Implementation ◽

Process Data ◽

Content Type ◽

Compliance Management

Purpose The purpose of this study is to examine whether the compliance management activities in the risk management environment of financial institutions can be enhanced using a Process Mining application. Design/methodology/approach In this research, an implementation procedure for a selected Process Mining application is developed and evaluated at a financial institution in Germany. Findings The evaluation of the process data with the Process Mining application Disco shows that the compliance of the real-life execution of business processes can be monitored in real-time. Moreover, potential non-compliant activities and durations can be analysed in a detailed manner. Research limitations/implications When the research results are regarded, it must be considered that a general condition for the usage of a Process Mining application is that the process data is available and exportable in the required format and that data privacy regulations are fulfilled. Originality/value This research presents a practical use case for the implementation of a Process Mining application at the risk management department of financial institutions. It shows the value of using a technical application to carry out tedious tasks that are usually executed manually. This value is discussed and compared with the aim to help financial institutions in determining how the effectiveness and efficiencies of compliance management activities can be improved. Therefore, this research can be taken as a foundation for the practical implementation of a Process Mining application at financial institutions.

Download Full-text