Unlocking the potential of data: Toward a secure and privacy-preserving blockchain-based health data governance framework

Public health decision-making increasingly relies on timely access to large, heterogeneous datasets, including electronic health records, laboratory results, syndromic surveillance, environmental monitoring, and social determinants of health. Traditional relational databases often struggle to handle the volume, velocity, and variety of modern public health data, limiting the ability to perform real-time analytics for outbreak detection, resource allocation, and policy planning. Data lakes have emerged as a scalable solution, providing centralized repositories capable of storing structured, semi-structured, and unstructured data while supporting advanced analytics and machine learning applications. This systematic review examines the current state of public health data lake architectures, focusing on their design, operational features, and capacity to support real-time analytics and evidence-based decision-making. A comprehensive literature search was conducted across scientific databases and grey literature to identify studies reporting on public health data lake implementations, integration frameworks, and analytic capabilities. Key dimensions analyzed include data ingestion mechanisms, storage models, interoperability standards, metadata management, governance frameworks, security and privacy measures, and analytic tools. Findings indicate that successful public health data lakes integrate multi-source datasets using standardized schemas and ontologies, enabling seamless data harmonization and real-time access. Advanced processing pipelines, including stream processing and event-driven architectures, facilitate continuous data updates and near real-time insights. Governance and security frameworks are critical for ensuring data quality, interoperability, and compliance with privacy regulations, particularly in sensitive domains such as patient-level health records. Additionally, the integration of machine learning and visualization tools enhances predictive modeling, anomaly detection, and operational decision support. This review highlights best practices in the design and deployment of public health data lakes, emphasizing the importance of scalability, flexibility, and governance. By consolidating diverse datasets into a unified, analyzable repository, public health data lakes enable timely, evidence-based decision-making, strengthen outbreak detection and response capabilities, and support resource optimization. The findings underscore the potential of data lake architectures as foundational infrastructure for modern, data-driven public health systems.

The key functional operability in the pre-Lisbon PJCCM pillar of the EU is the exchange of intelligence and information amongst the law enforcement bodies of the EU. The twin issues of data protection and data security within what was the EU’s third pillar legal framework therefore come to the fore. With the Lisbon Treaty reform of the EU, and the increased role of the Commission in PJCCM policy areas, and the integration of the PJCCM provisions with what have traditionally been the pillar I activities of Frontex, the opportunity for streamlining the data protection and data security provisions of the law enforcement bodies of the post-Lisbon EU arises. This is recognised by the Commission in their drafting of an amending regulation for Frontex , when they say that they would prefer “to return to the question of personal data in the context of the overall strategy for information exchange to be presented later this year and also taking into account the reflection to be carried out on how to further develop cooperation between agencies in the justice and home affairs field as requested by the Stockholm programme.” The focus of the literature published on this topic, has for the most part, been on the data protection provisions in Pillar I, EC. While the focus of research has recently sifted to the previously Pillar III PJCCM provisions on data protection, a more focused analysis of the interlocking issues of data protection and data security needs to be made in the context of the law enforcement bodies, particularly with regard to those which were based in the pre-Lisbon third pillar. This paper will make a contribution to that debate, arguing that a review of both the data protection and security provision post-Lisbon is required, not only in order to reinforce individual rights, but also inter-agency operability in combating cross-border EU crime. The EC’s provisions on data protection, as enshrined by Directive 95/46/EC, do not apply to the legal frameworks covering developments within the third pillar of the EU. Even Council Framework Decision 2008/977/JHA, which is supposed to cover data protection provisions within PJCCM expressly states that its provisions do not apply to “Europol, Eurojust, the Schengen Information System (SIS)” or to the Customs Information System (CIS). In addition, the post Treaty of Prüm provisions covering the sharing of DNA profiles, dactyloscopic data and vehicle registration data pursuant to Council Decision 2008/615/JHA, are not to be covered by the provisions of the 2008 Framework Decision. As stated by Hijmans and Scirocco, the regime is “best defined as a patchwork of data protection regimes”, with “no legal framework which is stable and unequivocal, like Directive 95/46/EC in the First pillar”. Data security issues are also key to the sharing of data in organised crime or counterterrorism situations. This article will critically analyse the current legal framework for data protection and security within the third pillar of the EU.

The diverse and extensive variety of artificial intelligence (AI) systems can lead to cultural appropriation, misuse, and digital adaptation of Indigenous groups’ data, art, and music. The dearth or inadequate consideration of cultural diversity and inclusion in the design, development, and implementation of AI systems will exacerbate marginalisation, discrimination, algorithmic oppression, and other ethical concerns in the AI sphere. This article investigates the African Union’s (AU) data governance frameworks, including the AU Data Policy Framework and the AU Convention on Cyber Security and Personal Data Protection, to determine their impact on inclusivity and cultural diversity within Africa’s digital realm. It adopts a practical model that presents the core methodological tool for assessing the AU’s data governance frameworks, particularly concerning questions of cultural diversity and inclusivity in AI systems. The findings reveal limited efforts, with only the AU Data Policy Framework partially incorporating a somewhat culturally diverse and inclusive approach in the African data ecosystem. The AU Convention on Cyber Security and Personal Data Protection framework appears divorced from an inclusive and culturally sensitive approach. This article canvasses for more strategic efforts to entrench cultural representation, inclusion, and diversity by design in developing and implementing AI systems in Africa and for Africans. It provides recommendations on exploring emerging technologies for Indigenous culture preservation and inclusivity, and it offers valuable insights into how policy interventions can improve data governance for greater cultural representation and inclusivity.

Machine learning plays a vital role in the real-time cloud based medical computing systems. However, most of the computing servers are independent of data security and recovery scheme in multiple virtual machines due to high computing cost and time. Also these cloud based medical applications require static security parameters for cloud data security. Cloud based medical applications require multiple servers in order to store medical records or machine learning patterns for decision making. Due to high computational memory and time, these cloud systems require an efficient data security framework in order to provide strong data access control among the multiple users. In this paper, a hybrid cloud data security framework is developed to improve the data security on the large machine learning patterns in real-time cloud computing environment. This work is implemented in two phases, data replication phase and multi-user data access security phase. Initially, machine decision patterns are replicated among the multiple servers for data recovering phase. In the multi-access cloud data security framework, a hybrid multi-access key based data encryption and decryption model is implemented on the large machine learning medical patterns for data recovery and security process. Experimental results proved that the present two-phase data recovering and security framework has better computational efficiency than the conventional approaches on large medical decision patterns.

The increasing complexity of hospital data management requires a robust Data Governance (DG) framework to ensure data quality, security, and compliance. This study focuses on developing a DG framework tailored to the Hospital Management Information System (SIM-RS) at RSUD ABC to enhance data integration, accessibility, and regulatory adherence. A qualitative approach with a case study method was employed, involving interviews and document analysis to identify key challenges in data management. The proposed DG framework aligns with ICD-10 and regulatory requirements, ensuring interoperability and efficient data processing. Implementing the Master Patient Index (MPI) reduces duplicate records, while Two-Factor Authentication (2FA) and AES-256 encryption strengthen data security. FHIR standards facilitate seamless data exchange across healthcare systems, optimizing operational efficiency. AI-driven data analytics further enhances clinical decision-making and administrative workflows. Evaluation of the framework demonstrates significant improvements in data quality, regulatory compliance, and risk management, leading to improved patient care and reduced medical errors. The High-Level Roadmap outlines a phased implementation strategy for sustainable DG adoption. Future research may explore performance metrics, Blockchain integration, and organizational change management to refine DG practices in healthcare institutions further.

Data security and privacy plays a key role in carrying out day to day and long term business operations successfully. Organizations need to protect their data in the areas of data security and privacy. Therefore data security and privacy is a significant activity for large organizations. One novel method used to achieve data security is to use fuzzy logic based data classification to determine the required data security levels based on various government and business policies. Classifying data provides organizations the facilities to categorise organisational data based on organisational policies. Organisational data needs to be evaluated. Fuzzy logic based categorisation is explored in this paper. The method employed is based on Mohammadian et al. (Int J Electron Financ 3(4):374–386, 2009). This paper considers the application of a hierarchical fuzzy logic (HFL) classification method for categorizing organisational data based on governmental and business data policies. This paper demonstrates the use of a HFL to improve data classification. HFL reduces the size of the required fuzzy knowledge base system of the HFL data classification. This paper demonstrates how a HFL system can be employed to improve data security, privacy and user access control to determine data and user access control based on data sensitivity government and organizational data security requirements and user level security measures.

e14108 Background: Oncology has unique characteristics that predict early benefit from digital technologies including a culture of patient involvement in trials, genetic testing, and longitudinal assessments including objective measures. However, implementation of digital tools is slow for many reasons including lack of incentives/interoperability, and high-profile cases highlighting inadequate data governance. We report results from the Digital Medicine Society’s study of the stakeholders involved in using digital technologies to optimize health, with a focus on oncology. Methods: We performed 16 interviews with diverse Key Opinion Leaders (KOLs) including physicians, executives, senior government officials, patients, payers, tech innovators, and investors. KOLs received a pre-interview list of topics. We used the Delphi method, an evidence-based approach to compile expert opinions, to iteratively refine recommendations. Results: We identified priorities for 5 stakeholder groups to facilitate digital tool implementation (Table); all groups must also act now to develop a framework for data governance. We describe 4 categories of early success in oncologic digital tools: regimen/drug choice, drug approval efficiency, digital user training, and patient generated health data. Conclusions: Data and technology have great potential to improve cancer care. Multi-stakeholder involvement and a framework for US health data governance are needed. [Table: see text]

Enterprise data management practices have been reshaped by the fast uptake of cloud-based Customer Relationship Management (CRM) systems especially Salesforce. Though cloud environment is scalable, flexible and cost efficient, it also brings in great problems with data governance, privacy, compliance, and security. The growing size, rate and types of the enterprise data prompt the need to establish intelligent and automated systems of governance that are capable of guaranteeing regulatory compliance, data integrity, and lessening risks. Artificial Intelligence (AI) is a potential solution to help overcome these issues by implementing predictive analytics, detecting anomalies, automated classification, and implementing policies. In this paper, I will present an effective and secure data governance framework on Salesforce understanding cloud-based businesses based on AI. The model suggested will combine machine learning, deep learning, and rule based compliance engines to automate the data classification, access control, and risk assessment, audit management. The framework uses metadata analytics, natural language processing, and behavioral profiling to promote the effectiveness of governance. Also, audit trail and encryption are added features based on blockchain to guarantee transparency and information integrity. The research paper gives an extensive literature review on the available models of governance and their weaknesses. A comprehensive methodology is formulated which includes data preparation, model learning, deployment structure, and metrics of evaluation. The experimental outcomes illustrate an increase in compliance levels, decrease in governance delays and availability of extra security stability in comparison with conventional strategies. The results validate the hypothesis that AI-enhanced governance is ultra-efficient and that the Salesforce ecosystems respond to regulatory compliance. The suggested framework offers businesses with a dynamic, adaptable, and forward-thinking governance framework that can handle the changing regulatory and security demands. The study will be of value to the current efforts to develop intelligent cloud governance systems, as well as provide useful insights to implement those systems in the enterprise.

This study provides a comprehensive examination of data privacy and security within the realm of environmental research, highlighting the evolving challenges and innovative solutions in safeguarding sensitive environmental data. Employing a systematic literature review and content analysis, this research scrutinizes peer-reviewed articles, legal documents, and policy papers published from 2014 to 2024. The study's objectives were to explore fundamental principles, assess key developments and cutting-edge solutions, and understand the impact of international standards and regulatory bodies on data protection in environmental studies. Key findings reveal a growing emphasis on robust data governance frameworks, driven by advancements in digital technologies and the global diffusion of regulations such as the GDPR. Innovations in encryption and anonymization techniques have emerged as critical tools in enhancing data security. However, the study identifies a pressing need for interdisciplinary collaboration and stakeholder engagement to navigate the complex landscape of data privacy and security effectively. The study concludes that the future of environmental research is intricately linked to the strategic integration of data privacy and security measures. It recommends a proactive approach to data protection, emphasizing the importance of compliance with international regulations, the adoption of privacy-by-design principles, and the development of education and training programs. Future research should focus on advancing data security technologies and exploring the socio-ethical implications of data use in environmental studies, ensuring the ethical stewardship of sensitive information. Keywords: Data Privacy, Environmental Research, Data Security Solutions, International Regulations.

An industrial-scale increase in applications of the Internet of Things (IoT), a significant number of which are based on the concept of federation, presents unique security challenges due to their distributed nature and the need for secure communication between components from different administrative domains. A federation may be created for the duration of a mission, such as military operations or Humanitarian Assistance and Disaster Relief (HADR) operations. These missions often occur in very difficult or even hostile environments, posing additional challenges for ensuring reliability and security. The heterogeneity of devices, protocols, and security requirements in different domains further complicates the requirements for the secure distribution of data streams in federated IoT environments. The effective dissemination of data streams in federated environments also ensures the flexibility to filter and search for patterns in real-time to detect critical events or threats (e.g., fires and hostile objects) with changing information needs of end users. The paper presents a novel and practical framework for secure and reliable data stream dissemination in federated IoT environments, leveraging blockchain, Apache Kafka brokers, and microservices. To authenticate IoT devices and verify data streams, we have integrated a hardware and software IoT gateway with the Hyperledger Fabric (HLF) blockchain platform, which records the distinguishing features of IoT devices (fingerprints). In this paper, we analyzed our platform’s security, focusing on secure data distribution. We formally discussed potential attack vectors and ways to mitigate them through the platform’s design. We thoroughly assess the effectiveness of the proposed framework by conducting extensive performance tests in two setups: the Amazon Web Services (AWS) cloud-based and Raspberry Pi resource-constrained environments. Implementing our framework in the AWS cloud infrastructure has demonstrated that it is suitable for processing audiovisual streams in environments that require immediate interoperability. The results are promising, as the average time it takes for a consumer to read a verified data stream is in the order of seconds. The measured time for complete processing of an audiovisual stream corresponds to approximately 25 frames per second (fps). The results obtained also confirmed the computational stability of our framework. Furthermore, we have confirmed that our environment can be deployed on resource-constrained commercial off-the-shelf (COTS) platforms while maintaining low operational costs.

Health data from healthcare facilities are helpful to monitoring and planning national health, research in health, healthcare performance, and improvement of patient care. Health data governance is used to increase the benefits of health data and reduce the risk of health data itself. Through the One Data Indonesia program, Indonesia encourages health data quality that the government can use. This research was conducted to analyze the issues in healthcare facilities related to health data governance with a qualitative approach. We used a semi-structured interview with three different healthcare facilities in Jakarta with six participants; hospital director, IT manager, and medical record management. We find five major health data governance issues in healthcare facilities; IT resources and responsibility, data quality, data security, data standard, and policy. It leads to how we should design health data governance in health care to provide high-quality health data for health research, health decision-making, patient care, and national health strategy.

A decentralized framework for device authentication and data security in the next generation internet of medical things

Prediction and detection of terminal diseases using Internet of Medical Things: A review.

This article presents an overview of the security mechanisms in the NDN architecture that have been developed over the past several years. NDN changes the network communication model from the delivery of packets to hosts identified by IP addresses to the retrieval of named and secured data packets. Consequently, NDN also fundamentally changes the approaches to network security. Making named data the centerpiece of the architecture leads to a new security framework that secures data directly, and uses name semantics to enable applications to reason about security and to automate the use of cryptographic keys. In this article, we introduce NDN's approaches to security bootstrapping, data authenticity, confidentiality, and availability.

In the contemporary business landscape, effective data governance has emerged as a cornerstone for enhancing organizational efficiency and fostering innovation. This manuscript explores the intricate relationship between data governance, organizational efficiency, and innovation within various sectors. Data governance encompasses the processes, policies, and standards that ensure the availability, usability, integrity, and security of data used in an organization. As companies increasingly rely on data-driven decision-making, the need for robust data governance frameworks becomes imperative. This research adopts a mixed-methods approach, combining quantitative surveys and qualitative interviews with organizational leaders and data governance experts. The findings indicate a significant positive correlation between strong data governance practices and key efficiency metrics, such as cost reduction, operational speed, and decision-making quality. Moreover, organizations that implement effective data governance frameworks are more likely to exhibit higher levels of innovation, including new product development and process enhancements. The study highlights specific data governance practices, such as data quality management, compliance enforcement, and strategic data stewardship, as critical components influencing both efficiency and innovation outcomes. The implications of these findings underscore the necessity for organizations to prioritize data governance initiatives to maintain competitive advantages in an increasingly data-centric environment. Future research avenues are suggested, emphasizing the evolving nature of data governance in response to technological advancements and regulatory changes. Ultimately, this manuscript contributes to the understanding of how organizations can leverage data governance as a strategic asset to improve efficiency and stimulate innovation, thereby enhancing overall organizational performance and adaptability.