Inpatient palliative care consultation services operate with an interdisciplinary team, where effective handoffs are crucial for coordinated patient care. We aimed to replace encrypted email handoffs with a more concise and uniform handoff using I-PASS (illness severity, patient summary, action list, situational awareness, contingency planning, and synthesis by receiver) integrated within the electronic medical record (EMR). Aim and Measures: Within six months of launch, our goal was to achieve 90% I-PASS utilization for hospitalized acutely ill patients with cancer receiving palliative care consultation. In January 2021, our quality improvement team, consisting of physicians, advanced practice providers, and trainees, began implementing I-PASS using the plan-do-study-act cycle. After providing training sessions for all palliative care clinicians, I-PASS went live on October 1, 2021. I-PASS utilization was tracked via random and monthly audits of EMRs. Through anonymous surveys, both pre- and post-implementation, we gathered clinician feedback and concerns about the handoff system. Survey responses were compared using the Mann-Whitney test. Within six months of implementation, the I-PASS utilization rate reached > 99%. The survey participation rates were 70% (45/64) and 82% (49/60) for the pre-and post-implementation periods, respectively. Respondents provided answers on one to five scale (mean, standard deviation, SD): lower accuracy with email (3.53, SD = 0.98) vs. I-PASS (4.20, SD = 0.83), p < 0.001; handoff lengthier with email (4.17, SD = 1.05) vs. I-PASS (2.1, SD = 1.15), p < 0.001; the time required was longer with email (3.0, SD = 1.22) vs. I-PASS (1.71, SD = 0.73), p < 0.001. Overall, respondents found I-PASS to be significantly better (4.69, SD = 0.58). I-PASS was fully adopted by the team, with nearly 100% utilization and strong clinician endorsement as an effective communication tool. Future efforts should focus on optimizing usability, particularly by educating clinicians on smartphone EMR access and enabling the timely and streamlined editing of I-PASS.

Online Language Education (OLE) platforms have garnered considerable attention as the need for superior services escalates. Implementing the Mobile Internet of Things (MIoT) encounters numerous obstacles, such as communication security, availability, and scalability. These difficulties directly affect the usage of OLE systems. The constantly changing topology features of MIoT systems complicate the resolution of these difficulties. The research proposes an MIoT paradigm to address these difficulties, efficiently managing the dynamic and developing aspects of network structure, thus improving the system's agility and flexibility. The model can ensure communication confidentiality and security, especially in emergency scenarios for information security. Phishing attempts are now recognized as a significant threat to the security of private information. The present study introduces a novel methodology utilizing Secure Multi-Party Computation (SMPC) to detect phishing assaults on encrypted emails while maintaining data security and privacy. In the framework, the control layer is tasked with calculating routes for Online Educational Devices (OLDs) and directing entries for switching. The controller efficiently orchestrates the system by employing the data gathered from OLDs and amenities for information security. To guarantee the legitimacy and reliability of communications transmitted by OLDs, the research has suggested a novel signature and authentication system utilizing conventional encryption algorithms. The research presents an emergency-handling method incorporating multicast technologies into MIoT, constructing a Steiner Tree among affected nodes to alert OLDs during emergencies swiftly. The security study demonstrates that the MIoT system can guarantee communication safety. An assessment reveals that the method surpasses other current methods.

Abstract Objective Within the healthcare system, handoff processes are critical to maintain safety &amp; continuality of care. Many handoff platforms exist for clinical inpatient housestaff specialties. However, these do not always align with the needs of clinical pathologists. Academic transfusion medicine (TM) services often oversee a hybrid of laboratory management, clinical services including apheresis therapy, and blood product management. To date, the literature is limited in describing the effectiveness of TM handoff in addressing these needs. Methods Our institution transitioned from using Microsoft Word document-based handoff to a Microsoft Sharepoint, browser-based handoff accessible via campus intranet or virtual private network (VPN). A verbal handoff accompanying the document remains unchanged. The previous Word document-based handoff followed the known structured communication framework (situation, background, assessment, and recommendation (SBAR)) structure for each patient. This document could only be concurrently edited by one user and was distributed via closed-loop encrypted email to ensure Health Insurance Portability and Accountability Act (HIPAA) compliance. The new Sharepoint-based handoff features an expanded format including patient name/medical record number (MRN), date of contact, category of service, history, assessment and a task (to-do) list. This site can be concurrently edited and viewed by multiple users. It is version-controlled and searchable. It is also customizable to enable tracking of issues that are not associated with a MRN, such as product inventory, on-call staffing, and product investigation. Six months following the handoff transition, trainees’ feedback towards both formats were solicited with a Likert scale-based survey. The survey was open to any trainee that had rotated on the TM service, regardless of whether they had experienced both handoff formats. Handoff measures that were surveyed included effectiveness at communicating important information, ease of use, time spent, impact on patient care, amount of detail, integration in patient management and general attitudes towards TM call. Trainee demographics were also collected. Results Out of 18 potential participants, 15 trainees responded to the survey. Trainees reported that the Word document-based handoff contained significantly more extraneous detail, took excessive time to write and required more time overall to draft compared to the Sharepoint-based handoff (all p=&amp;lt;0.05). They also found that the Sharepoint-based handoff was significantly easier to use compared to the Word document-based handoff (p=&amp;lt;0.05). Additionally, the Sharepoint-based handoff was reported to convey important information more effectively and reduced the duration of verbal handoff compared to the Word document-based handoff, though these were not statistically significant. Conclusions TM services have unique responsibilities and benefit from customized handoffs with discrete categories that reflect the TM service’s distinct role. Such structure can help create a more standardized, focused handoff that requires less drafting time and improves efficiency and user satisfaction.

SENTINEY: Securing ENcrypted mulTI-party computatIoN for Enhanced data privacY and phishing detection

Group encryption: Full dynamicity, message filtering and code-based instantiation

End-to-end encryption is the best way to protect digital messages. Historically, end-to-end encryption has been extremely difficult for people to use, but recent tools have made it more broadly accessible, largely by employing key-directory services. These services sacrifice some security properties for convenience. We wanted to understand how average users think about these tradeoffs. We conducted a 52-person user study and found that participants could learn to understand properties of different encryption models. They also made coherent assessments about when different tradeoffs might be appropriate. Participants recognized the less-convenient exchange model was more secure overall, but considered the security of the registration model to be “good enough” for most everyday purposes.

User adoption and usage of end-to-end encryption tools is an ongoing research topic. A subset of such tools allows users to encrypt confidential emails, as well as manage their access control using features such as the expiration time, disabling forwarding, persistent protection, and watermarking. Previous studies have suggested that protective attitudes and behaviors could improve the adoption of new security technologies. Therefore, we conducted a user study on 19 participants to understand their perceptions of an email security tool and how they use it to manage access control to confidential information such as medical, tax, and employee information if sent via email. Our results showed that the participants’ first impression upon receiving an end-to-end encrypted email was that it looked suspicious, especially when received from an unknown person. After the participants were informed about the importance of the investigated tool, they were comfortable sharing medical, tax, and employee information via this tool. Regarding access control management of the three types of confidential information, the expiration time and disabling forwarding were most useful for the participants in preventing unauthorized and continued access. While the participants did not understand how the persistent protection feature worked, many still chose to use it, assuming it provided some extra layer of protection to confidential information and prevented unauthorized access. Watermarking was the least useful feature for the participants, as many were unsure of its usage. Our participants were concerned about data leaks from recipients’ devices if they set a longer expiration date, such as a year. We provide the practical implications of our findings.

BackgroundThe implementation of electronic health information technologies is a key target for healthcare quality improvement. Among Swiss chiropractors, reliable data on the use of electronic heath information technologies and distribution of the health workforce was lacking.ObjectivesTo estimate the prevalence of electronic patient record (EPR) and encrypted email communication use among Swiss chiropractors and describe the geographic distribution of chiropractors in Switzerland.MethodsPopulation-based cross-sectional study of all active practising members of the Swiss Chiropractic Association (ChiroSuisse) between 3 December 2019 and 31 January 2020. We asked about clinician and practice characteristics, EPR use for clinical record keeping, use of encrypted email for patient communication, and information on EPR and encrypted email communication products used. Multivariable logistic regression analyses assessed the associations between clinician and practice characteristics and (1) EPR use, and (2) encrypted email use.ResultsAmong 286 eligible Swiss chiropractors (193 [68%] men; mean age, 51.4 [SD, 11.2] years), 217 (76%) completed the survey (140 [65%] men; mean age 50.7 [11.2] years). Among respondents, 47% (95% confidence interval [CI], 40–54%) reported using an EPR in their practice, while 60% (95% CI, 54–67%) endorsed using encrypted email technology. Chiropractors aged ≥ 60 (versus those ≤ 39) years were 74% less likely to use an EPR system (OR 0.26, 95% CI 0.08 to 0.77), while clinicians from practices with 4 or more chiropractors (versus those from solo practices) were over 5 times more likely to report EPR use (OR 5.6, 2.1 to 16.5). Findings for factors associated with encrypted email use were similar. The density of chiropractors in Switzerland was 3.3 per 100,000 inhabitants.ConclusionsAs of January 2020, 286 duly licensed chiropractors were available to provide musculoskeletal healthcare in Switzerland — just under 50% of responding Swiss chiropractors used an EPR system in clinical practice, while 60% used encrypted email technology. Better implementation of EPR and electronic health information technologies in Swiss chiropractic practice is possible and encouraged for the purpose of musculoskeletal healthcare quality improvement.

Roughly four decades ago, Taher ElGamal put forward what is today one of the most widely known and best understood public key encryption schemes. ElGamal encryption has been used in many different contexts, chiefly among them by the OpenPGP email encryption standard. Despite its simplicity, or perhaps because of it, in reality there is a large degree of ambiguity on several key aspects of the cipher. Each library in the OpenPGP ecosystem seems to have implemented a slightly different "flavor" of ElGamal encryption. While-taken in isolation-each implementation may be secure, we reveal that in the interoperable world of OpenPGP, unforeseen cross-configuration attacks become possible. Concretely, we propose different such attacks and show their practical efficacy by recovering plaintexts and even secret keys.

This study obtains an overview of the conditions of the encryption email management workflow among local governments in South Sumatra. The workflow for managing email encryption for regular official news has been going very well. Meanwhile, the workflow for managing encryption of emails for confidential news is still experiencing problems, especially for local governments that do not have cipher expert personnel and official cipher equipment from the BSSN. In addition, this study also illustrates that the application of information security theory in the use of encrypted emails for confidential news between local governments in South Sumatra is not optimal. The main obstacle faced is that there are still local governments that do not have cipher expert personnel and official cipher equipment from the BSSN. The quality of the workflow is measured by looking at the fulfillment of the main elements contained in the Standard Operating Procedures (SOP) of the encryption email management workflow. The quality of using email encryption for information security is carried out by analyzing the fulfillment of the elements contained in the information security theory.

This article has been retracted. A retraction notice can be found at https://doi.org/10.3233/JIFS-219433.

Privacy-preserving spam filtering using homomorphic and functional encryption

65 Background: Communication among the health care providers plays a crucial role in team-based practices, and a standardized communication platform is essential. Our palliative care consult service (PCCS) at a university-based cancer center manages cancer-related symptoms. The handoff process among the providers takes place via encrypted emails shared among the providers. The current demand for palliative care (PC) among the cancer population led to increased patient encounters and associated handoff emails. Numerous handoff emails (sometimes up to 25-30/day) can lead to missing/overlooked information, cause burnout among the providers, and affect patient safety. Studies have shown that implementing I-PASS into clinical practices has significantly reduced medical errors without increasing documentation time. We aimed to improve communication among the PC providers, prevent burnout and increase patient safety by using a built-in I-PASS handoff tool on electronic medical records (EMR). Methods: In January 2021, we formed a team to develop a quality improvement (QI) project to implement I-PASS for our PCCS at our institution. The institutional Quality Improvement Assessment Board approved this QI project. Our team started with Plan, Do, Study, Act. After extensive brainstorming, we mapped out the Cause-and-effect diagram (Fishbone). We laid out a Process mapping through a flowchart and Feasibility impact matrix. The implementation process took place in 4 phases. Phase 1: A per-implementation survey. Phase 2: Extensive training sessions for PC clinicians, both, 1:1 and group sessions. Phase 3: October 2021 I-Pass implementation went live. Phase 4: post-implementing survey to assess provider reception. Results: Based on real-time assessment on EMR, at four months mark, we reached the 100% utilization goal for I-PASS among PC clinicians. In Pre vs. Post-implementation survey, providers perceived they could identify their patient's related information, save time, update handoff daily and locate their assignments without any efforts on I-PASS compared to email handoff (p &lt; 0.0001). Overall, 95% of the PC providers found I-PASS helpful. Conclusions: Standardized communication tools such as I-PASS have proven safe and effective and help prevent provider burnout by improving overall workflow. Future studies need to focus on steps to continue developing tools to help modify the handoff on Smartphone EMR applications such as HAIKU.

The early months of the COVID-19 pandemic caused suspension of physician home visits at our NYC home-based primary care practice as well as disruptions in community-based services homebound patients rely on. This produced gaps in care for a vulnerable patient population that is considered underserved and medically and socially complex. Telephone triage nurses at Mount Sinai Visiting Doctors Program responded to these gaps in care with targeted enhancements to telephonic patient assessment: creating an encrypted email address to receive photographs, the use of two Epic dot phrases to screen and educate regarding COVID-19, assessment of patients' ability to complete a video visit, the reassessment of goals of care, and the assessment of changes in home care services. We surveyed 15 attending physicians in our practice to evaluate primary care providers' opinions regarding changes in nurse telephone triage and how helpful they were in managing patients at home during the early pandemic. We found enhancements to nurse telephone triage were viewed by physicians as beneficial, valuable, and improved patient care. Physicians found changes improved timeliness of care, could improve self-management, helped avoid transfer to emergency department, and helped manage patient care at home. As the pandemic continues and telehealth becomes more widely used, nurse telephone triage may be adaptable to help care for a variety of patient populations during future public health emergencies.

Lattice-based public-key encryption with equality test supporting flexible authorization in standard model

An Encrypted Cloud Email Searching and Filtering Scheme Based on Hidden Policy Ciphertext-Policy Attribute-Based Encryption With Keyword Search

With the outbreak of e-mail message leakage events, such as the Hillary Clinton’s Email Controversy, privacy and security of sensitive e-mail information have become users’ primary concern. Encrypted email seems to be a viable solution for providing security, but it will greatly limit their operations. Public encryption with keyword search (PEKS) scheme is a popular technology to incorporate security protection and favorable operability functions together, which can play an important role in searching over encrypted email in a cloud server. In this paper, we propose a practical PEKS scheme named as public-key multi-keyword searchable encryption with hidden structures (PMSEHS). It could enable e-mail receivers to do the multi-keyword and boolean search in the large encrypted email database as fast as possible, without revealing more information to the cloud server. We also give comparative experiments, which demonstrate that our scheme has a higher efficiency in multi-keyword search for encrypted emails.

This paper presents the results of a usability study focused on three end-to-end encryption technologies for securing e-mail traffic, namely PGP, S/MIME, and Pretty Easy Privacy (pEp). The findings of this study show that, despite of existing technology, users seldom apply them for securing e-mail communication. Moreover, this study helps to explain why users hesitate to employ encryption technology in their e-mail communication. For this usability study, we have combined two methods: 1) an online survey, 2) and user testing with 12 participants who were enrolled in tasks requiring e-mail encryption. We found that more than 60% of our study participants (in both methods) are unaware of the existence of encryption technologies and thus never tried to use one. We observed that above all, users 1) are overwhelmed with the management of public keys and 2) struggle with the setup of encryption technology in their e-mail software. Nonetheless, 66% of the participants consider secure e-mail communication as important or very important. Particularly, we found an even stronger concern about identity theft among e-mail users, as 78% of the participants want to make sure that no other person is able to write e-mail on their behalf.

Public-key encryption with bidirectional keyword search and its application to encrypted emails

Abstract Existing end-to-end-encrypted (E2EE) email systems, mainly PGP, have long been evaluated in controlled lab settings. While these studies have exposed usability obstacles for the average user and offer design improvements, there exist users with an immediate need for private communication, who must cope with existing software and its limitations. We seek to understand whether individuals motivated by concrete privacy threats, such as those vulnerable to state surveil-lance, can overcome usability issues to adopt complex E2EE tools for long-term use. We surveyed regional activists, as surveillance of social movements is well-documented. Our study group includes individuals from 9 social movement groups in the US who had elected to participate in a workshop on using Thunder-bird+Enigmail for email encryption. These workshops tool place prior to mid-2017, via a partnership with a non-profit which supports social movement groups. Six to 40 months after their PGP email encryption training, more than half of the study participants were continuing to use PGP email encryption despite intervening widespread deployment of simple E2EE messaging apps such as Signal. We study the interplay of usability with social factors such as motivation and the risks that individuals undertake through their activism. We find that while usability is an important factor, it is not enough to explain long term use. For example, we find that riskiness of one’s activism is negatively correlated with long-term PGP use. This study represents the first long-term study, and the first in-the-wild study, of PGP email encryption adoption.