Abstract
Genome and other data are already being used in areas including cancer and rare diseases. Data-sharing and secondary uses are likely to become much broader and far more extensive; thus, obtaining proper consent for these new uses of data is an important issue. Obtaining consent through online methods may be an option to overcome the problems associated with one-off, paper-based informed consent. When the process of obtaining consent takes place remotely, authentication must be assured. Patients may also choose to store some of their own information online, such as genetic information, and allow healthcare professionals to access this data. In this health information transfer and exchange process, it is vital that anyone accessing this information be correctly authenticated to protect patients' privacy. In this article, we first clarified that authentication has two roles: i.e., not only to prevent impersonation but also to prove intent, which is a vital step to ensure that medical research and health information exchange are conducted ethically. We then set out methods of authentication. As a result, we were able to make suggestions about the requirements for authentication and a possible method of authentication for these purposes. We considered problems of biometrics and recommended two-factor authentication without biometrics as a workable solution. However, three-factor authentication including biometrics seems likely to be used once biometrics become more common.
Highlights
NEW INITIATIVES IN THE MEDICAL TREATMENT AND RESEARCHThe era of big data is coming to medicine
We considered problems of biometrics and recommended two-factor authentication without biometrics as a workable solution
One of the means to utilize genome data effectively is a biobank, which involves an unprecedented number of research participants that includes patients and the normal population depending on the project design
Summary
Different methods are considered necessary for authentication at the time of registration and login (Figure 1). “What you know” authenticates users based on something only they know, such as a password or secret question. If this can be obtained or guessed by other people, they can impersonate the user. An alternative is to use a token that generates a one-off password This type of method can be inconvenient, since users can only use preregistered devices, and loss or theft of the registered device could be a security risk (Ogorman, 2003). If participants use smart devices with biometric authentication systems to authenticate their identity in the research system, the accuracy of the authentication is dependent on the type of smart device used. Another concern is that replication technologies such as three-dimensional printers and sound recording may enable “cheating” of biometric authentication in the future, and systems which can authenticate accidentally, such as a fingerprint sensor, cannot be used to prove intent
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
