book.bib

@article{riddick_code_2003,
	title = {The {Code} of {Medical} {Ethics} of the {American} {Medical} {Association}},
	volume = {5},
	issn = {1524-5012},
	url = {https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3399321/},
	number = {2},
	urldate = {2023-07-13},
	journal = {The Ochsner Journal},
	author = {Riddick, Frank A.},
	year = {2003},
	pmid = {22826677},
	pmcid = {PMC3399321},
	pages = {6--10},
}

@article{moskop_hippocrates_2005,
	title = {From {Hippocrates} to {HIPAA}: {Privacy} and confidentiality in {Emergency} {Medicine}—{Part} {I}: {Conceptual}, moral, and legal foundations},
	volume = {45},
	issn = {0196-0644},
	shorttitle = {From {Hippocrates} to {HIPAA}},
	url = {https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7132445/},
	doi = {10.1016/j.annemergmed.2004.08.008},
	abstract = {Respect for patient privacy and confidentiality is an ancient and a contemporary professional responsibility of physicians. Carrying out this responsibility may be more challenging and more important in the emergency department than in many other clinical settings. Part I of this 2-part article outlines the basic concepts of privacy and confidentiality, reviews the moral and legal foundations and limits of these concepts, and highlights the new federal privacy regulations implemented under the Health Insurance Portability and Accountability Act of 1996. Part II of the article examines specific privacy and confidentiality issues commonly encountered in the ED.},
	number = {1},
	urldate = {2023-07-13},
	journal = {Annals of Emergency Medicine},
	author = {Moskop, John C. and Marco, Catherine A. and Larkin, Gregory Luke and Geiderman, Joel M. and Derse, Arthur R.},
	month = jan,
	year = {2005},
	pmid = {15635311},
	pmcid = {PMC7132445},
	pages = {53--59},
}

@article{higgins_history_1989,
	title = {The history of confidentiality in medicine: the physician-patient relationship},
	volume = {35},
	issn = {0008-350X},
	shorttitle = {The history of confidentiality in medicine},
	abstract = {The author of this article reviews the history of the confidentiality of medical information relating to patients from its roots in the Hippocratic Oath to the current codes of medical ethics. There has been an important shift in the basis for the demand for confidentiality, from a physician-based commitment to a professional ideal that will improve the physician-patient relationship and thus the physician's therapeutic effectiveness, and replace it with a patientbased right arising from individual autonomy instead of a Hippocratic paternalistic privilege.},
	language = {eng},
	journal = {Canadian Family Physician Medecin De Famille Canadien},
	author = {Higgins, Gerald L.},
	month = apr,
	year = {1989},
	pmid = {11650274},
	pmcid = {PMC2280818},
	keywords = {Canada, Codes of Ethics, Confidentiality, Ethics, Medical, Ethics, Professional, Freedom, Hippocratic Oath, History, Humans, International Cooperation, Internationality, Jurisprudence, Paternalism, Personal Autonomy, Physician-Patient Relations, Physicians, Prognosis, Societies, Terminally Ill, Canadian Medical Association, Professional Patient Relationship},
	pages = {921--926},
}

@Book{xie2015,
  title = {Dynamic Documents with {R} and knitr},
  author = {Yihui Xie},
  publisher = {Chapman and Hall/CRC},
  address = {Boca Raton, Florida},
  year = {2015},
  edition = {2nd},
  note = {ISBN 978-1498716963},
  url = {http://yihui.name/knitr/},
}

@misc{melvin_medical_2020,
	title = {Medical {Ethics}: {Ethical} {Dilemmas} in {Healthcare}},
	shorttitle = {Medical {Ethics}},
	url = {https://educationprojects.co.uk/medical-ethics-ethical-dilemmas-in-healthcare/},
	abstract = {Education Projects Group - Medical Ethics: Ethical Dilemmas in Healthcare - Medical Work Experience - Hospital Work Experience both in the UK and overseas.},
	language = {en-GB},
	urldate = {2023-03-02},
	journal = {Education Projects Group},
	author = {Melvin, Holly},
	month = oct,
	year = {2020},
}

@book{Pokropivny2007,
author = {Pokropivny, V. and Lõhmus, Rünno and nova, I. and Pokropivny, Alex and Vlassov, Sergei},
year = {2007},
month = {01},
pages = {},
title = {Introduction in nanomaterials and nanotechnology}
}

@misc{regulations_2010,
  author = {Equal Employment Opportunity Commission},
	title = {Regulations {Under} the {Genetic} {Information} {Nondiscrimination} {Act} of 2008},
	url = {https://www.federalregister.gov/documents/2010/11/09/2010-28011/regulations-under-the-genetic-information-nondiscrimination-act-of-2008},
	abstract = {The Equal Employment Opportunity Commission (``EEOC'' or ``Commission'') is issuing a final rule to implement Title II of the Genetic Information Nondiscrimination Act of 2008 (``GINA''). Congress enacted Title II of GINA to protect job applicants, current and former employees, labor union...},
	urldate = {2023-03-02},
	journal = {Federal Register},
	month = nov,
	year = {2010},
}

@article{hummel_data_2021,
	title = {Data sovereignty: {A} review},
	volume = {8},
	issn = {2053-9517},
	shorttitle = {Data sovereignty},
	url = {https://doi.org/10.1177/2053951720982012},
	doi = {10.1177/2053951720982012},
	abstract = {New data-driven technologies yield benefits and potentials, but also confront different agents and stakeholders with challenges in retaining control over their data. Our goal in this study is to arrive at a clear picture of what is meant by data sovereignty in such problem settings. To this end, we review 341 publications and analyze the frequency of different notions such as data sovereignty, digital sovereignty, and cyber sovereignty. We go on to map agents they concern, in which context they appear, and which values they allude to. While our sample reveals a considerable degree of divergence and an occasional lack of clarity about intended meanings of data sovereignty, we propose a conceptual grid to systematize different dimensions and connotations. Each of them relates in some way to meaningful control, ownership, and other claims to data articulated by a variety of agents ranging from individuals to countries. Data sovereignty alludes to a nuanced mixture of normative concepts such as inclusive deliberation and recognition of the fundamental rights of data subjects.},
	language = {en},
	number = {1},
	urldate = {2022-09-26},
	journal = {Big Data \& Society},
	author = {Hummel, Patrik and Braun, Matthias and Tretter, Max and Dabrock, Peter},
	month = jan,
	year = {2021},
	note = {Publisher: SAGE Publications Ltd},
	pages = {2053951720982012},
}


@misc{computerhope,
	title = {What is {ASCII} ({American} {Standard} {Code} for {Information} {Interexchange})?},
	url = {https://www.computerhope.com/jargon/a/ascii.htm},
	abstract = {Computer dictionary definition for what ASCII (American Standard Code for Information Interexchange) means including related links, information, and terms.},
	language = {en},
	urldate = {2021-10-12}
}

@misc{explainthatstuff,
	title = {How do logic gates work?},
	url = {http://www.explainthatstuff.com/logicgates.html},
	abstract = {An easy explanation of electronic logic gates, including AND, OR, NOT, and NOR.},
	urldate = {2021-10-12},
	journal = {Explain that Stuff}
	}

@misc{Wikipedia_Silicon,
	title = {Silicon - {Wikipedia}},
	url = {https://en.wikipedia.org/wiki/Silicon},
	language = {en},
	urldate = {2021-10-13}
}

@misc{IBM_data_security,
	title = {What is {Data} {Security}? {Data} {Security} {Definition} and {Overview}},
	shorttitle = {What is {Data} {Security}?},
	url = {https://www.ibm.com/topics/data-security},
	abstract = {Find out how data security helps protect digital information from unauthorized access, corruption, or theft throughout its entire lifecycle.},
	language = {en-us},
	urldate = {2021-11-11},
}

@misc{Forcepoint_2018,
	title = {What is {Data} {Encryption}?},
	url = {https://www.forcepoint.com/cyber-edu/data-encryption},
	abstract = {Data encryption is a security method where information is encoded and can only be accessed or decrypted by a user with the correct encryption key. Encrypted data, also known as ciphertext, appears scrambled or unreadable to a person or entity accessing without permission.},
	language = {en},
	urldate = {2021-11-11},
	journal = {Forcepoint},
	month = dec,
	year = {2018},
}

@misc{IBM_encryption,
	title = {What is encryption? {Data} encryption defined},
	shorttitle = {What is encryption?},
	url = {https://www.ibm.com/topics/encryption},
	abstract = {Encryption is the security method of encoding data from plaintext to ciphertext, which can only be decrypted by the user with the encryption key.},
	language = {en-us},
	urldate = {2021-11-11},
}


@misc{cyware_social_encryption,
	title = {Symmetric vs. Asymmetric Encryption: What's the Difference\?},
	url = {https://www.trentonsystems.com/blog/symmetric-vs-asymmetric-encryption},
	language = {en},
	urldate = {2021-3-1},
	journal = {Trenton Systems},
	author = {Brett Daniel}
	}


@misc{CISA_Least_Privilege,
	title = {Least {Privilege} {\textbar} {CISA}},
	url = {https://us-cert.cisa.gov/bsi/articles/knowledge/principles/least-privilege#footnoteref1_jh2zxwu},
	urldate = {2021-11-16}
}

@misc{Wikipedia_principle,
	title = {Wikipedia: Principle of least privilege},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=Principle_of_least_privilege&oldid=1053221709},
	abstract = {In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege or the principle of least authority, requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.},
	language = {en},
	urldate = {2021-11-16},
	journal = {Wikipedia},
	month = nov,
	year = {2021},
	note = {Page Version ID: 1053221709}
}

@misc{file-system_2021,
	title = {File-system permissions},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=File-system_permissions&oldid=1035316630},
	abstract = {Most file systems include attributes of files and directories that control the ability of users to read, change, navigate, and execute the contents of the file system. In some cases, menu options or functions may be made visible or hidden depending on a user's permission level; this kind of user interface is referred to as permission-driven.
Two types of permissions are very widely available: traditional Unix permissions and Access Control Lists (ACLs) which are capable of more specific control.},
	language = {en},
	urldate = {2021-11-16},
	journal = {Wikipedia},
	month = jul,
	year = {2021},
	note = {Page Version ID: 1035316630}
}

@misc{authentication,
	title = {Understanding {Authentication}, {Authorization}, and {Encryption} : {TechWeb} : {Boston} {University}},
	url = {https://www.bu.edu/tech/about/security-resources/bestpractice/auth/},
	urldate = {2021-11-17}
}

@misc{digicert,
	title = {What {Is} {SSL} ({Secure} {Sockets} {Layer})? {\textbar} {What} is an {SSL} {Certificate}? {\textbar} {DigiCert}},
	shorttitle = {digicert.com},
	url = {https://www.digicert.com/what-is-an-ssl-certificate},
	abstract = {What is a TLS/SSL Certificate and how does it work? TLS/SSL Certificates are small data files that digitally bind a cryptographic key to a company, business or organization’s details. TLS certificates are what enable websites to move from HTTP to HTTPS, which is more secure.},
	language = {en-US},
	urldate = {2021-11-17}
	}


@misc{sshprotocol,
	title = {SSH Protocol – Secure Remote Login and File Transfer},
	shorttitle = {www.ssh.com},
	url = {https://www.ssh.com/academy/ssh/protocol},
	language = {en-US},
}


@misc{chmod,
 shorttitle = {Indiana University},
	title = {Manage file permissions on {Unix}-like systems},
	url = {https://kb.iu.edu/d/abdb},
	urldate = {2021-11-18}
	}

@misc{Holland_2020,
	title = {What's the difference between data deletion and data erasure?},
	shorttitle = {Holland, 2020},
	url = {https://www.ontrack.com/en-us/blog/whats-the-difference-between-data-deletion-and-data-erasure},
	abstract = {Confusing the terms erasure and deletion can result in severe consequences. Make sure you're clear on the difference to avoid the risks of a data breach.},
	language = {en-US},
	urldate = {2021-11-18},
	journal = {Ontrack},
	author = {{Tilly Holland}},
	month = jan,
	year = {2020}
}


@misc{wikipedia_erasure_2021,
	title = {Data erasure},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=Data_erasure&oldid=1055626662},
	abstract = {Data erasure (sometimes referred to as data clearing, data wiping, or data destruction) is a software-based method of overwriting the data that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by using zeros and ones to overwrite data onto all sectors of the device. By overwriting the data on the storage device, the data is rendered irrecoverable and achieves data sanitization.
Ideally, software designed for data erasure should:

Allow for selection of a specific standard, based on unique needs, and
Verify the overwriting method has been successful and removed data across the entire device.Permanent data erasure goes beyond basic file deletion commands, which only remove direct pointers to the data disk sectors and make the data recovery possible with common software tools. Unlike degaussing and physical destruction, which render the storage media unusable, data erasure removes all information while leaving the disk operable. New flash memory-based media implementations, such as solid-state drives or USB flash drives, can cause data erasure techniques to fail allowing remnant data to be recoverable.Software-based overwriting uses a software application to write a stream of zeros, ones or meaningless pseudorandom data onto all sectors of a hard disk drive. There are key differentiators between data erasure and other overwriting methods, which can leave data intact and raise the risk of data breach, identity theft or failure to achieve regulatory compliance. Many data eradication programs also provide multiple overwrites so that they support recognized government and industry standards, though a single-pass overwrite is widely considered to be sufficient for modern hard disk drives. Good software should provide verification of data removal, which is necessary for meeting certain standards.
To protect the data on lost or stolen media, some data erasure applications remotely destroy the data if the password is incorrectly entered. Data erasure tools can also target specific data on a disk for routine erasure, providing a hacking protection method that is less time-consuming than software encryption. Hardware/firmware encryption built into the drive itself or integrated controllers is a popular solution with no degradation in performance at all.},
	language = {en},
	urldate = {2021-11-18},
	journal = {Wikipedia},
	month = nov,
	year = {2021},
	note = {Page Version ID: 1055626662}
	}

	@misc{transistor_count,
	title = {Transistor count},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=Transistor_count&oldid=1059186358},
	abstract = {The transistor count is the number of transistors in an electronic device. It typically refers to the number of MOSFETs (metal-oxide-semiconductor field-effect transistors, or MOS transistors) on an integrated circuit (IC) chip, as all modern ICs use MOSFETs. It is the most common measure of IC complexity (although the majority of transistors in modern microprocessors are contained in the cache memories, which consist mostly of the same memory cell circuits replicated many times). The rate at which MOS transistor counts have increased generally follows Moore's law, which observed that the transistor count doubles approximately every two years.
As of 2021, the largest transistor count in a commercially available microprocessor is 57 billion MOSFETs, in Apple's ARM-based M1 Max system on a chip, which is fabricated using TSMC's 5 nm semiconductor manufacturing process. As of November 2021, the highest transistor count GPU is AMD's Instinct MI250(X), built on TSMC's N6 process and totalling 59 billion MOSFETs across two dies. As of 2019, the highest transistor count in any IC chip was Samsung's 1 terabyte eUFS (3D-stacked) V-NAND flash memory chip, with 2 trillion floating-gate MOSFETs (4 bits per transistor). As of 2020, the highest transistor count in any IC chip is a deep learning engine called the Wafer Scale Engine 2 by Cerebras, using a special design to route around any non-functional core on the device; it has 2.6 trillion MOSFETs, manufactured using TSMC's 7 nm FinFET process.
In terms of computer systems that consist of numerous integrated circuits, the supercomputer with the highest transistor count as of 2016 is the Chinese-designed Sunway TaihuLight, which has for all CPUs/nodes combined "about 400 trillion transistors in the processing part of the hardware" and "the DRAM includes about 12 quadrillion transistors, and that's about 97 percent of all the transistors." To compare, the smallest computer, as of 2018 dwarfed by a grain of rice, has on the order of 100,000 transistors. Early experimental solid state computers had as few as 130 transistors, but used large amounts of diode logic. The first carbon nanotube computer has 178 transistors and is a 1-bit one-instruction set computer, while a later one is 16-bit (while the instruction set is 32-bit RISC-V).
In terms of the total number of transistors in existence, it has been estimated that a total of 13 sextillion (1.3×1022) MOSFETs have been manufactured worldwide between 1960 and 2018. MOSFETs account for at least 99.9\% of all transistors, the majority of which have been used for NAND flash memory manufactured during the early 21st century. This makes the MOSFET the most widely manufactured device in history.},
	language = {en},
	urldate = {2021-12-09},
	journal = {Wikipedia},
	month = dec,
	year = {2021},
	note = {Page Version ID: 1059186358}
}



@book{teoli_informatics_2021,
	title = {Informatics {Ethics}},
	url = {https://www.ncbi.nlm.nih.gov/books/NBK538512/},
	abstract = {Ethics are inherent in the practice of medicine. In the world of modern healthcare, the area of informatics plays a pivotal role in the maintenance and delivery of care.[1] As such, over recent years informatics ethics has further come into the spotlight. Similar to other codes of ethics, informatics offers insight into the recommended ethical guidance of clinicians and other healthcare professionals. Additionally, the informatics code of ethics functions as a gold standard against which actions of professionals can be compared. Furthermore, the code of informatics ethics offers patients and the general population an established statement of standards which may mold professionals’ actions and behaviors.},
	language = {en},
	urldate = {2022-03-03},
	publisher = {StatPearls Publishing},
	author = {Teoli, Dac and Ghassemzadeh, Sassan},
	month = sep,
	year = {2021},
	pmid = {30860747},
	note = {Publication Title: StatPearls [Internet]},
}

@article{lipworth_ethics_2017,
	title = {Ethics and {Epistemology} of {Big} {Data}},
	volume = {14},
	copyright = {2017 Journal of Bioethical Inquiry Pty Ltd.},
	issn = {1872-4353},
	url = {https://link.springer.com/article/10.1007/s11673-017-9815-8},
	doi = {10.1007/s11673-017-9815-8},
	abstract = {In this Symposium on the Ethics and Epistemology of Big Data, we present four perspectives on the ways in which the rapid growth in size of research databanks—i.e. their shift into the realm of “big data”—has changed their moral, socio-political, and epistemic status. While there is clearly something different about “big data” databanks, we encourage readers to place the arguments presented in this Symposium in the context of longstanding debates about the ethics, politics, and epistemology of biobank, database, genetic, and epidemiological research.},
	language = {en},
	number = {4},
	urldate = {2022-03-03},
	journal = {Journal of Bioethical Inquiry},
	author = {Lipworth, Wendy and Mason, Paul H. and Kerridge, Ian},
	month = dec,
	year = {2017},
	note = {Company: Springer
Distributor: Springer
Institution: Springer
Label: Springer
Number: 4
Publisher: Springer Netherlands},
	pages = {485--488}
}

@article{mckeown_consent_2021,
	title = {Ethical {Issues} in {Consent} for the {Reuse} of {Data} in {Health} {Data} {Platforms}},
	volume = {27},
	issn = {1353-3452, 1471-5546},
	url = {http://link.springer.com/10.1007/s11948-021-00282-0},
	doi = {10.1007/s11948-021-00282-0},
	abstract = {Data platforms represent a new paradigm for carrying out health research. In the platform model, datasets are pooled for remote access and analysis, so novel insights for developing better stratified and/or personalised medicine approaches can be derived from their integration. If the integration of diverse datasets enables development of more accurate risk indicators, prognostic factors, or better treatments and interventions, this obviates the need for the sharing and reuse of data; and a platform-based approach is an appropriate model for facilitating this. Platform-based approaches thus require new thinking about consent. Here we defend an approach to meeting this challenge within the data platform model, grounded in: the notion of ‘reasonable expectations’ for the reuse of data; Waldron’s account of ‘integrity’ as a heuristic for managing disagreement about the ethical permissibility of the approach; and the element of the social contract that emphasises the importance of public engagement in embedding new norms of research consistent with changing technological realities. While a social contract approach may sound appealing, however, it is incoherent in the context at hand. We defend a way forward guided by that part of the social contract which requires public approval for the proposal and argue that we have moral reasons to endorse a wider presumption of data reuse. However, we show that the relationship in question is not recognisably contractual and that the social contract approach is therefore misleading in this context. We conclude stating four requirements on which the legitimacy of our proposal rests.},
	language = {en},
	number = {1},
	urldate = {2022-03-03},
	journal = {Science and Engineering Ethics},
	author = {McKeown, Alex and Mourby, Miranda and Harrison, Paul and Walker, Sophie and Sheehan, Mark and Singh, Ilina},
	month = feb,
	year = {2021},
	pages = {9},
}


@article{byrd_responsible_2020,
	title = {Responsible, practical genomic data sharing that accelerates research},
	volume = {21},
	issn = {1471-0056, 1471-0064},
	url = {http://www.nature.com/articles/s41576-020-0257-5},
	doi = {10.1038/s41576-020-0257-5},
	abstract = {Data sharing anchors reproducible science, but expectations and best practices are often nebulous. Communities of funders, researchers and publishers continue to grapple with what should be required or encouraged. To illuminate the rationales for sharing data, the technical challenges and the social and cultural challenges, we consider the stakeholders in the scientific enterprise. In biomedical research, participants are key among those stakeholders. Ethical sharing requires considering both the value of research efforts and the privacy costs for participants. We discuss current best practices for various types of genomic data, as well as opportunities to promote ethical data sharing that accelerates science by aligning incentives.},
	language = {en},
	number = {10},
	urldate = {2022-03-23},
	journal = {Nature Reviews Genetics},
	author = {Byrd, James Brian and Greene, Anna C. and Prasad, Deepashree Venkatesh and Jiang, Xiaoqian and Greene, Casey S.},
	month = oct,
	year = {2020},
	pages = {615--629},
}

@article{colavizza_citation_2020,
	title = {The citation advantage of linking publications to research data},
	volume = {15},
	issn = {1932-6203},
	url = {https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0230416},
	doi = {10.1371/journal.pone.0230416},
	abstract = {Efforts to make research results open and reproducible are increasingly reflected by journal policies encouraging or mandating authors to provide data availability statements. As a consequence of this, there has been a strong uptake of data availability statements in recent literature. Nevertheless, it is still unclear what proportion of these statements actually contain well-formed links to data, for example via a URL or permanent identifier, and if there is an added value in providing such links. We consider 531, 889 journal articles published by PLOS and BMC, develop an automatic system for labelling their data availability statements according to four categories based on their content and the type of data availability they display, and finally analyze the citation advantage of different statement categories via regression. We find that, following mandated publisher policies, data availability statements become very common. In 2018 93.7\% of 21,793 PLOS articles and 88.2\% of 31,956 BMC articles had data availability statements. Data availability statements containing a link to data in a repository—rather than being available on request or included as supporting information files—are a fraction of the total. In 2017 and 2018, 20.8\% of PLOS publications and 12.2\% of BMC publications provided DAS containing a link to data in a repository. We also find an association between articles that include statements that link to data in a repository and up to 25.36\% (± 1.07\%) higher citation impact on average, using a citation prediction model. We discuss the potential implications of these results for authors (researchers) and journal publishers who make the effort of sharing their data in repositories. All our data and code are made available in order to reproduce and extend our results.},
	language = {en},
	number = {4},
	urldate = {2022-03-23},
	journal = {PLOS ONE},
	author = {Colavizza, Giovanni and Hrynaszkiewicz, Iain and Staden, Isla and Whitaker, Kirstie and McGillivray, Barbara},
	month = apr,
	year = {2020},
	note = {Publisher: Public Library of Science},
	keywords = {Bibliometrics, Citation analysis, Data management, Open access publishing, Reproducibility, Science policy, Scientific publishing, Support vector machines},
	pages = {e0230416},
}

@misc{commissioner_guide_2020,
	title = {A {Guide} to {Informed} {Consent}},
	url = {https://www.fda.gov/regulatory-information/search-fda-guidance-documents/guide-informed-consent},
	abstract = {Informed Consent Forms and Process},
	language = {en},
	urldate = {2022-03-23},
	journal = {U.S. Food and Drug Administration},
	author = {Commissioner, Office of the},
	month = jan,
	year = {2020},
	note = {Publisher: FDA}
}


@article{seh_breaches_2020,
	title = {Healthcare {Data} {Breaches}: {Insights} and {Implications}},
	volume = {8},
	issn = {2227-9032},
	shorttitle = {Healthcare {Data} {Breaches}},
	url = {https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7349636/},
	doi = {10.3390/healthcare8020133},
	abstract = {The Internet of Medical Things, Smart Devices, Information Systems, and Cloud Services have led to a digital transformation of the healthcare industry. Digital healthcare services have paved the way for easier and more accessible treatment, thus making our lives far more comfortable. However, the present day healthcare industry has also become the main victim of external as well as internal attacks. Data breaches are not just a concern and complication for security experts; they also affect clients, stakeholders, organizations, and businesses. Though the data breaches are of different types, their impact is almost always the same. This study provides insights into the various categories of data breaches faced by different organizations. The main objective is to do an in-depth analysis of healthcare data breaches and draw inferences from them, thereby using the findings to improve healthcare data confidentiality. The study found that hacking/IT incidents are the most prevalent forms of attack behind healthcare data breaches, followed by unauthorized internal disclosures. The frequency of healthcare data breaches, magnitude of exposed records, and financial losses due to breached records are increasing rapidly. Data from the healthcare industry is regarded as being highly valuable. This has become a major lure for the misappropriation and pilferage of healthcare data. Addressing this anomaly, the present study employs the simple moving average method and the simple exponential soothing method of time series analysis to examine the trend of healthcare data breaches and their cost. Of the two methods, the simple moving average method provided more reliable forecasting results.},
	number = {2},
	urldate = {2022-03-23},
	journal = {Healthcare},
	author = {Seh, Adil Hussain and Zarour, Mohammad and Alenezi, Mamdouh and Sarkar, Amal Krishna and Agrawal, Alka and Kumar, Rajeev and Ahmad Khan, Raees},
	month = may,
	year = {2020},
	pmid = {32414183},
	pmcid = {PMC7349636},
	pages = {133},
}

@book{Farmer_2004,
author = {Paul Farmer},
doi = {doi:10.1525/9780520931473},
url = {https://doi.org/10.1525/9780520931473},
title = {Pathologies of Power: Health, Human Rights, and the New War on the Poor},
year = {2004},
publisher = {University of California Press},
ISBN = {9780520931473}
}


@misc{mcvean_40_2019,
	title = {40 {Years} of {Human} {Experimentation} in {America}: {The} {Tuskegee} {Study}},
	shorttitle = {40 {Years} of {Human} {Experimentation} in {America}},
	url = {https://www.mcgill.ca/oss/article/history/40-years-human-experimentation-america-tuskegee-study},
	abstract = {Starting in 1932, 600 African American men from Macon County, Alabama were enlisted to partake in a scientific experiment on syphilis. The “Tuskegee Study of Untreated Syphilis in the Negro Male,” was conducted by the United States Public Health Service (USPHS) and involved blood tests, x-rays, spinal taps and autopsies of the subjects. The goal was to “observe the natural history of untreated syphilis” in black populations. But the subjects were unaware of this and were simply told they were receiving treatment for bad blood. Actually, they received no treatment at all. Even after penicillin was discovered as a safe and reliable cure for syphilis, the majority of men did not receive it. To really understand the heinous nature of the Tuskegee Experiment requires some societal context, a lot of history, and a realization of just how many times government agencies were given a chance to stop this human experimentation but didn’t. In 1865, the ratification of the Thirteenth Amendment of the U.S. Constitution formally ended the enslavement of black Americans. But by the early 20th century, the cultural and medical landscape of the U.S. was still built upon and inundated with racist concepts. Social Darwinism was rising, predicated on the survival of the fittest, and “scientific racism” (a pseudoscientific practice of using science to reinforce racial biases) was common. Many white people already thought themselves superior to blacks and science and medicine was all too happy to reinforce this hierarchy. Before the ending of slavery, scientific racism was used to justify the African slave trade. Scientists argued that African men were uniquely fit for enslavement due to their physical strength and simple minds. They argued that slaves possessed primitive nervous systems, so did not experience pain as white people did. Enslaved African Americans in the South were claimed to suffer from mental illness at rates lower than their free Northern counterparts (thereby proving that enslavement was good for them), and slaves who ran away were said to be suffering from their own mental illness known as drapetomania. During and after the American Civil War, African Americans were argued to be a different species from white Americans, and mixed-race children were presumed prone to many medical issues. Doctors of the time testified that the emancipation of slaves had caused the “mental, moral and physical deterioration of the black population,” observing that “virtually free of disease as slaves, they were now overwhelmed by it.” Many believed that the African Americans were doomed to extinction, and arguments were made about their physiology being unsuited for the colder climates of America (thus they should be returned to Africa). Scientific and medical authorities of the late 19th/early 20th centuries held extremely harmful pseudoscientific ideas specifically about the sex drives and genitals of African Americans. It was widely believed that, while the brains of African Americans were under-evolved, their genitals were over-developed. Black men were seen to have an intrinsic perversion for white women, and all African Americans were seen as inherently immoral, with insatiable sexual appetites. This all matters because it was with these understandings of race, sexuality and health that researchers undertook the Tuskegee study. They believed, largely due to their fundamentally flawed scientific understandings of race, that black people were extremely prone to sexually transmitted infections (like syphilis). Low birth rates and high miscarriage rates were universally blamed on STIs. They also believed that all black people, regardless of their education, background, economic or personal situations, could not be convinced to get treatment for syphilis. Thus, the USPHS could justify the Tuskegee study, calling it a “study in nature” rather than an experiment, meant to simply observe the natural progression of syphilis within a community that wouldn’t seek treatment. The USPHS set their study in Macon County due to estimates that 35\% of its population was infected with syphilis. In 1932, the initial patients between the ages of 25 and 60 were recruited under the guise of receiving free medical care for “bad blood,” a colloquial term encompassing anemia, syphilis, fatigue and other conditions. Told that the treatment would last only six months, they received physical examinations, x-rays, spinal taps, and when they died, autopsies. Researchers faced a lack of participants due to fears that the physical examinations were actually for the purpose of recruiting them to the military. To assuage these fears, doctors began examining women and children as well. Men diagnosed with syphilis who were of the appropriate age were recruited for the study, while others received proper treatments for their syphilis (at the time these were commonly mercury- or arsenic-containing medicines). In 1933, researchers decided to continue the study long term. They recruited 200+ control patients who did not have syphilis (simply switching them to the syphilis-positive group if at any time they developed it). They also began giving all patients ineffective medicines ( ointments or capsules with too small doses of neoarsphenamine or mercury) to further their belief that they were being treated. As time progressed, however, patients began to stop attending their appointments. To greater incentivize them to remain a part of the study, the USPHS hired a nurse named Eunice Rivers to drive them to and from their appointments, provide them with hot meals and deliver their medicines, services especially valuable to subjects during the Great Depression. In an effort to ensure the autopsies of their test subjects, the researchers also began covering patient’s funeral expenses. Multiple times throughout the experiment researchers actively worked to ensure that their subjects did not receive treatment for syphilis. In 1934 they provided doctors in Macon County with lists of their subjects and asked them not to treat them. In 1940 they did the same with the Alabama Health Department. In 1941 many of the men were drafted and had their syphilis uncovered by the entrance medical exam, so the researchers had the men removed from the army, rather than let their syphilis be treated. It was in these moments that the Tuskegee study’s true nature became clear. Rather than simply observing and documenting the natural progression of syphilis in the community as had been planned, the researchers intervened: first by telling the participants that they were being treated (a lie), and then again by preventing their participants from seeking treatment that could save their lives. Thus, the original basis for the study--that the people of Macon County would likely not seek treatment and thus could be observed as their syphilis progressed--became a self-fulfilling prophecy. The Henderson Act was passed in 1943, requiring tests and treatments for venereal diseases to be publicly funded, and by 1947, penicillin had become the standard treatment for syphilis, prompting the USPHS to open several Rapid Treatment Centers specifically to treat syphilis with penicillin. All the while they were actively preventing 399 men from receiving the same treatments. By 1952, however, about 30\% of the participants had received penicillin anyway, despite the researchers’ best efforts. Regardless, the USPHS argued that their participants wouldn’t seek penicillin or stick to the prescribed treatment plans. They claimed that their participants, all black men, were too “stoic” to visit a doctor. In truth these men thought they were already being treated, so why would they seek out further treatment? The researchers’ tune changed again as time went on. In 1965, they argued that it was too late to give the subjects penicillin, as their syphilis had progressed too far for the drug to help. While a convenient justification for their continuation of the study, penicillin is (and was) recommended for all stages of syphilis and could have stopped the disease’s progression in the patients. In 1947 the Nuremberg code was written, and in 1964 the World Health Organization published their Declaration of Helsinki. Both aimed to protect humans from experimentation, but despite this, the Centers for Disease Control (which had taken over from the USPHS in controlling the study) actively decided to continue the study as late as 1969. It wasn’t until a whistleblower, Peter Buxtun, leaked information about the study to the New York Times and the paper published it on the front page on November 16th, 1972, that the Tuskegee study finally ended. By this time only 74 of the test subjects were still alive. 128 patients had died of syphilis or its complications, 40 of their wives had been infected, and 19 of their children had acquired congenital syphilis. There was mass public outrage, and the National Association for the Advancement of Colored People launched a class action lawsuit against the USPHS. It settled the suit two years later for 10 million dollars and agreed to pay the medical treatments of all surviving participants and infected family members, the last of whom died in 2009. Largely in response to the Tuskegee study, Congress passed the National Research Act in 1974, and the Office for Human Research Protections was established within the USPHS. Obtaining informed consent from all study participants became required for all research on humans, with this process overseen by Institutional Review Boards (IRBs) within academia and hospitals. The Tuskegee study has had lasting effects on America. It’s estimated that the life expectancy of black men fell by up to 1.4 years when the study’s details came to light. Many also blame the study for impacting the willingness of black individuals to willingly participate in medical research today. We know all about evil Nazis who experimented on prisoners. We condemn the scientists in Marvel movies who carry out tests on prisoners of war. But we’d do well to remember that America has also used its own people as lab rats. Yet to this day, no one has been prosecuted for their role in dooming 399 men to syphilis. @Adamcvean Want to comment on this article? View it on our Facebook page!},
	language = {en},
	urldate = {2021-08-18},
	journal = {Office for Science and Society},
	author = {McVean, Ada},
	month = jan,
	year = {2019},
}


@article{noauthor_henrietta_2020,
	title = {Henrietta {Lacks}: science must right a historical wrong},
	volume = {585},
	copyright = {2021 Nature},
	shorttitle = {Henrietta {Lacks}},
	url = {https://www.nature.com/articles/d41586-020-02494-z},
	doi = {10.1038/d41586-020-02494-z},
	abstract = {In Henrietta Lacks’s centennial year, researchers must do more to ensure that human cells cannot be taken without consent.},
	language = {en},
	number = {7823},
	urldate = {2021-08-18},
	journal = {Nature},
	month = sep,
	year = {2020},
	note = {Bandiera\_abtest: a
Cg\_type: Editorial
Number: 7823
Publisher: Nature Publishing Group
Subject\_term: History, Policy, Society},
	pages = {7--7},
	annote = {they},
	file = {Full Text PDF:/Users/carriewright/Zotero/storage/9A4B5H64/2020 - Henrietta Lacks science must right a historical w.pdf:application/pdf;Snapshot:/Users/carriewright/Zotero/storage/PL7HXE5J/d41586-020-02494-z.html:text/html},
}


@article{chen_approach_2019,
	title = {An approach for transgender population information extraction and summarization from clinical trial text},
	volume = {19},
	url = {https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6454593/},
	doi = {10.1186/s12911-019-0768-1},
	abstract = {Gender information frequently exists in the eligibility criteria of clinical trial text as essential information for participant population recruitment. Particularly, current eligibility criteria text contains the incompleteness and ambiguity issues in ...},
	language = {en},
	number = {Suppl 2},
	urldate = {2021-08-12},
	journal = {BMC Medical Informatics and Decision Making},
	author = {Chen, Boyu and Jin, Hao and Yang, Zhiwen and Qu, Yingying and Weng, Heng and Hao, Tianyong},
	year = {2019},
	pmid = {30961595},
	note = {Publisher: BioMed Central},
	file = {Full Text:/Users/carriewright/Zotero/storage/HJQD8WGK/Chen et al. - 2019 - An approach for transgender population information.pdf:application/pdf;Snapshot:/Users/carriewright/Zotero/storage/VWKUIDQ8/PMC6454593.html:text/html},
}


@article{clark_increasing_2019,
	title = {Increasing {Diversity} in {Clinical} {Trials}: {Overcoming} {Critical} {Barriers}},
	volume = {44},
	issn = {0146-2806},
	shorttitle = {Increasing {Diversity} in {Clinical} {Trials}},
	url = {https://www.sciencedirect.com/science/article/pii/S0146280618301889},
	doi = {10.1016/j.cpcardiol.2018.11.002},
	abstract = {Clinical trial results provide the critical evidence base for evaluating the safety and efficacy of new medicines and medical products. Efficacy and safety may differ among population subgroups depending on intrinsic/extrinsic factors, including sex, age, race, ethnicity, lifestyle, and genetic background. Racial and ethnic minorities continue to be underrepresented in cardiovascular and other clinical trials. Although barriers to diversity in trials are well recognized, sustainable solutions for overcoming them have proved elusive. We investigated barriers impacting minority patients’ willingness to participate in trials and—based on literature review and evaluation, and input from key stakeholders, including minority patients, referring physicians, investigators who were minority-serving physicians, and trial coordinators—formulated potential solutions and tested them across stakeholder groups. We identified key themes from solutions that resonated with stakeholders using a transtheoretical model of behavior change and created a communications message map to support a multistakeholder approach for overcoming critical participant barriers.},
	language = {en},
	number = {5},
	urldate = {2021-07-30},
	journal = {Current Problems in Cardiology},
	author = {Clark, Luther T. and Watkins, Laurence and Piña, Ileana L. and Elmer, Mary and Akinboboye, Ola and Gorham, Millicent and Jamerson, Brenda and McCullough, Cassandra and Pierre, Christine and Polis, Adam B. and Puckrein, Gary and Regnante, Jeanne M.},
	month = may,
	year = {2019},
	pages = {148--172}
}

@article{chiruvella_ethical_2021,
	title = {Ethical {Issues} in {Patient} {Data} {Ownership}},
	volume = {10},
	issn = {1929-073X},
	url = {https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8178732/},
	doi = {10.2196/22269},
	abstract = {Patient data have conventionally been thought to be well protected by the privacy laws outlined in the United States. The increasing interest of for-profit companies in acquiring the databases of large health care systems poses new challenges to the protection of patients’ privacy. It also raises ethical concerns of sharing patient data with entities that may exploit it for commercial interests and even target vulnerable populations. Recognizing that every breach in the confidentiality of large databases exposes millions of patients to the potential of being exploited is important in framing new rules for governing the sharing of patient data. Similarly, the ethical aspects of data voluntarily and altruistically provided by patients for research, which may be exploited for commercial interests due to patient data sharing between health care entities and third-party companies, need to be addressed. The rise of technologies such as artificial intelligence and the availability of personal data gleaned by data vendor companies place American patients at risk of being exploited both intentionally and inadvertently because of the sharing of their data by their health care provider institutions and third-party entities.},
	number = {2},
	urldate = {2022-03-30},
	journal = {Interactive Journal of Medical Research},
	author = {Chiruvella, Varsha and Guddati, Achuta Kumar},
	month = may,
	year = {2021},
	pmid = {34018968},
	pmcid = {PMC8178732},
	pages = {e22269}
}


@misc{kramer_surescripts_2019,
	title = {Surescripts {ReMy} {Health} {Breakup} {Creates} {Painful} {Situation} for {Amazon}’s {PillPack}},
	url = {https://futurumresearch.com/research-notes/surescripts-remy-health-breakup-creates-painful-situation-for-amazons-pillpack/},
	abstract = {Surescripts ReMy Health breakup creates painful situation for Amazon’s PillPack (and PillPack customers).},
	language = {en-US},
	urldate = {2022-03-31},
	journal = {Futurum Research},
	year = {2019},
	author = {Kramer, Shelly},
	file = {Snapshot:/Users/carriewright/Zotero/storage/C9ACIVRI/surescripts-remy-health-breakup-creates-painful-situation-for-amazons-pillpack.html:text/html},
}

@misc{myheritage_2018,
	title = {{MyHeritage} {Statement} {About} a {Cybersecurity} {Incident}},
	url = {https://blog.myheritage.com/2018/06/myheritage-statement-about-a-cybersecurity-incident/},
	abstract = {Today, June 4, 2018 at approximately 1pm EST, MyHeritage’s Chief Information Security Officer received a message from a security researcher that he had},
	urldate = {2022-03-31},
	journal = {MyHeritage Blog},
	month = jun,
	year = {2018}
}


@book{national_academies_of_sciences_2017,
	title = {Detailed {Case} {Histories}},
	url = {https://www.ncbi.nlm.nih.gov/books/NBK475955/},
	abstract = {The following five detailed case histories of specific cases of actual and alleged research misconduct are included in an appendix to raise key issues and impart lessons that underlie the committee's findings and recommendations without breaking up the flow of the report. In several cases, including the translational omics case at Duke University and the Goodwin case at the University of Wisconsin, the committee heard directly from some of those involved.},
	language = {en},
	urldate = {2022-03-31},
	publisher = {National Academies Press (US)},
	author = {National Academies of Sciences, Engineering and Affairs, Policy {and} Global and Committee on Science, Engineering and Science, Committee on Responsible},
	month = apr,
	year = {2017},
	note = {Publication Title: Fostering Integrity in Research},
	}


@article{baggerly_what_2018,
	title = {What ‘data thugs’ really need},
	copyright = {2021 Nature},
	url = {https://www.nature.com/articles/d41586-018-06903-2},
	doi = {10.1038/d41586-018-06903-2},
	abstract = {Science needs to develop ways and means to support the checking of data, says Keith Baggerly.},
	language = {en},
	urldate = {2022-03-31},
	journal = {Nature},
	author = {Baggerly, Keith},
	month = oct,
	year = {2018},
	note = {Bandiera\_abtest: a
Cg\_type: World View
Publisher: Nature Publishing Group
Subject\_term: Research data, Research management, Ethics},
	keywords = {Ethics, Research data, Research management},
}


@article{baggerly_deriving_2009,
	title = {Deriving chemosensitivity from cell lines: {Forensic} bioinformatics and reproducible research in high-throughput biology},
	volume = {3},
	issn = {1932-6157, 1941-7330},
	shorttitle = {Deriving chemosensitivity from cell lines},
	url = {https://projecteuclid.org/journals/annals-of-applied-statistics/volume-3/issue-4/Deriving-chemosensitivity-from-cell-lines--Forensic-bioinformatics-and-reproducible/10.1214/09-AOAS291.full},
	doi = {10.1214/09-AOAS291},
	abstract = {High-throughput biological assays such as microarrays let us ask very detailed questions about how diseases operate, and promise to let us personalize therapy. Data processing, however, is often not described well enough to allow for exact reproduction of the results, leading to exercises in “forensic bioinformatics” where aspects of raw data and reported results are used to infer what methods must have been employed. Unfortunately, poor documentation can shift from an inconvenience to an active danger when it obscures not just methods but errors. In this report we examine several related papers purporting to use microarray-based signatures of drug sensitivity derived from cell lines to predict patient response. Patients in clinical trials are currently being allocated to treatment arms on the basis of these results. However, we show in five case studies that the results incorporate several simple errors that may be putting patients at risk. One theme that emerges is that the most common errors are simple (e.g., row or column offsets); conversely, it is our experience that the most simple errors are common. We then discuss steps we are taking to avoid such errors in our own investigations.},
	number = {4},
	urldate = {2022-03-31},
	journal = {The Annals of Applied Statistics},
	author = {Baggerly, Keith A. and Coombes, Kevin R.},
	month = dec,
	year = {2009},
	note = {Publisher: Institute of Mathematical Statistics},
	keywords = {forensic bioinformatics, microarrays, reproducibility},
	pages = {1309--1334}
}

@article{garrison_genomic_2013,
	title = {Genomic {Justice} for {Native} {Americans}: {Impact} of the {Havasupai} {Case} on {Genetic} {Research}},
	volume = {38},
	issn = {0162-2439},
	shorttitle = {Genomic {Justice} for {Native} {Americans}},
	url = {https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5310710/},
	doi = {10.1177/0162243912470009},
	abstract = {In 2004, the Havasupai Tribe filed a lawsuit against the Arizona Board of Regents and Arizona State University (ASU) researchers upon discovering their DNA samples, initially collected for genetic studies on type 2 diabetes, had been used in several other genetic studies. The lawsuit reached a settlement in April 2010 that included monetary compensation and return of DNA samples to the Havasupai but left no legal precedent for researchers. Through semistructured interviews, institutional review board (IRB) chairs and human genetics researchers at US research institutions revealed their perspectives on the Havasupai lawsuit. For interviewees, the suit drew attention to indigenous concerns over genetic studies and increased their awareness of indigenous views. However, interviewees perceived no direct impact from the Havasupai case on their work; if they did, it was the perceived need to safeguard themselves by obtaining broad consent or shying away from research with indigenous communities altogether, raising important questions of justice for indigenous and minority participants. If researchers and IRBs do not change their practices in light of this case, these populations will likely continue to be excluded from a majority of research studies and left with less access to resources and potential benefit from genetic research participation.},
	number = {2},
	urldate = {2022-04-07},
	journal = {Science, technology \& human values},
	author = {Garrison, Nanibaa’ A.},
	year = {2013},
	pmid = {28216801},
	pmcid = {PMC5310710},
	pages = {201--223},
}

@misc{passwords,
	title = {Guidelines for {Strong} {Passwords} · {Information} {Technology} {Services} · {Lafayette} {College}},
	url = {https://its.lafayette.edu/policies/strongpasswords/},
	urldate = {2022-02-10},
	file = {Guidelines for Strong Passwords · Information Technology Services · Lafayette College:/Users/carriewright/Zotero/storage/54ZHAADY/strongpasswords.html:text/html},
}

@misc{gilbertson_4_2021,
	title = {4 {Best} {VPN} {Services} (2022): {For} {Routers}, {PC}, {iPhone}, {Android}, and {More} {\textbar} {WIRED}},
	shorttitle = {{VPN} {Services}},
	url = {https://www.wired.com/story/best-vpn/},
	urldate = {2022-02-10},
	author = {Gilbertson, Scott},
	month = oct,
	year = {2021}
	}



@misc{wikipedia_cache_2022,
	title = {Cache (computing)},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=Cache_(computing)&oldid=1084000712},
	abstract = {In computing, a cache ( (listen) KASH) is a hardware or software component that stores data so that future requests for that data can be served faster; the data stored in a cache might be the result of an earlier computation or a copy of data stored elsewhere.  A cache hit occurs when the requested data can be found in a cache, while a cache miss occurs when it cannot.  Cache hits are served by reading data from the cache, which is faster than recomputing a result or reading from a slower data store; thus, the more requests that can be served from the cache, the faster the system performs.To be cost-effective and to enable efficient use of data, caches must be relatively small. Nevertheless, caches have proven themselves in many areas of computing, because typical computer applications access data with a high degree of locality of reference. Such access patterns exhibit temporal locality, where data is requested that has been recently requested already, and spatial locality, where data is requested that is stored physically close to data that has already been requested.},
	language = {en},
	urldate = {2022-04-24},
	journal = {Wikipedia},
	month = apr,
	year = {2022},
	note = {Page Version ID: 1084000712},
	annote = {undefined},
}



@misc{memory_caching,
	title = {Memory {Caching}},
	url = {https://hazelcast.com/glossary/memory-caching/},
	abstract = {Memory caching is a technique in which computer applications temporarily store data in a computer’s main memory to enable fast retrievals of that data.},
	language = {en-US},
	urldate = {2022-04-24},
	journal = {Hazelcast}
}


@misc{caching_security,
	title = {What is a {Cache}? {\textbar} {UpGuard}},
	shorttitle = {What is a {Cache}?},
	url = {https://www.upguard.com/blog/cache},
	abstract = {A cache is a temporary data storage location that stores copies of frequently accessed data or files. Learn more about its types and uses.},
	language = {en},
	urldate = {2022-04-24},
}


@misc{drives_CISA_2019,
	title = {Using {Caution} with {USB} {Drives} {\textbar} {CISA}},
	url = {https://www.cisa.gov/uscert/ncas/tips/ST08-001},
	urldate = {2022-04-28},
	journal = {Cybersecurity \& Infrastructure Security Agency CISA.gov},
	year = {2019},
}

@misc{durken_how_2021,
	title = {How to {Keep} {Data} on {USB} {Flash} {Drives} {Safe}},
	url = {https://www.mymemory.co.uk/blog/how-to-keep-data-on-usb-flash-drives-safe/},
	abstract = {Prevent sensitive data from falling into the wrong hands via data breaches and security incidents with our 5 simple steps.},
	language = {en-GB},
	urldate = {2022-04-28},
	journal = {MyMemory Blog},
	author = {Durken, Helen},
	month = mar,
	year = {2021},
}


@misc{posey_modernizing_2021,
	title = {Modernizing the 3-2-1 {Backup} {Rule} -- {Redmondmag}.com},
	url = {https://redmondmag.com/articles/2021/12/01/modernizing-the-3-2-1-backup-rule.aspx},
	urldate = {2022-05-06},
	author = {Posey, Brien},
	month = dec,
	year = {2021},
}

@misc{rights_ocr_guidance_2012,
	type = {Text},
	title = {Guidance {Regarding} {Methods} for {De}-identification of {Protected} {Health} {Information} in {Accordance} with the {Health} {Insurance} {Portability} and {Accountability} {Act} ({HIPAA}) {Privacy} {Rule}},
	url = {https://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-identification/index.html},
	abstract = {This page provides guidance about methods and approaches to achieve de-identification in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. The guidance explains and answers questions regarding the two methods that can be used to satisfy the Privacy Rule’s de-identification standard: Expert Determination and Safe Harbor . This guidance is intended to assist covered entities to understand what is de-identification, the general process by which de-identified information is created, and the options available for performing de-identification.},
	language = {en},
	urldate = {2022-05-19},
	journal = {HHS.gov},
	author = {Rights (OCR), Office for Civil},
	month = sep,
	year = {2012}
}

@misc{hipaa_regulations,
	title = {{HIPAA} {Privacy} {Regulations}: {Other} {Requirements} {Relating} to {Uses} and {Disclosures} of {Protected} {Health} {Information}: {Re}-{Identification} - § 164.514(c)},
	shorttitle = {{HIPAA} {Privacy} {Regulations}},
	url = {https://www.bricker.com/industries-practices/health-care/insights-resources/resource/hipaa-privacy-regulations-other-requirements-relating-to-uses-and-disclosures-of-protected-health-information-re-identification-%c2%a7-164514c-368},
	abstract = {Text, HHS commentary and analysis of the requirements for re-identification in the final HIPAA privacy regulations.},
	urldate = {2022-05-19},
	file = {Snapshot:/Users/carriewright/Zotero/storage/95YLRVFE/hipaa-privacy-regulations-other-requirements-relating-to-uses-and-disclosures-of-protected-heal.html:text/html},
}

@misc{de-identification_2022,
	title = {De-identification},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=De-identification&oldid=1072643318},
	abstract = {De-identification is the process used to prevent someone's personal identity from being revealed.  For example, data produced during human subject research might be de-identified to preserve the privacy of research participants. Biological data may be de-identified in order to comply with HIPAA regulations that define and stipulate patient privacy laws. When applied to metadata or general data about identification, the process is also known as data anonymization. Common strategies include deleting or masking personal identifiers, such as personal name, and suppressing or generalizing quasi-identifiers, such as date of birth. The reverse process of using de-identified data to identify individuals is known as data re-identification. Successful re-identifications cast doubt on de-identification's effectiveness. A systematic review of fourteen distinct re-identification attacks found "a high re-identification rate […] dominated by small-scale studies on data that was not de-identified according to existing standards".De-identification is adopted as one of the main approaches toward data privacy protection. It is commonly used in fields of communications, multimedia, biometrics, big data, cloud computing, data mining, internet, social networks, and audio–video surveillance.},
	language = {en},
	urldate = {2022-05-19},
	journal = {Wikipedia},
	month = feb,
	year = {2022},
	note = {Page Version ID: 1072643318},
}


@misc{violations_2018,
	title = {Most {Common} {HIPAA} {Violations} {With} {Examples}},
	url = {https://inspiredelearning.com/blog/hipaa-violation-examples/},
	abstract = {Keeping up with the HIPAA regulations is essential for any physician office. Failure to comply can end up being extremely costly. Complying with HIPAA though isn’t always that easy. Inspired eLearning walks you through some of the most common violations for organizations.},
	language = {en-US},
	urldate = {2022-05-19},
	journal = {Inspired eLearning},
	author = {eLearning, Inspired},
	month = jul,
	year = {2018}
}



@misc{phishing_2022,
	title = {Phishing},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=Phishing&oldid=1089465113},
	abstract = {Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, phishing is by far the most common attack performed by cybercriminals, the FBI's Internet Crime Complaint Centre recording over twice as many incidents of phishing than any other type of computer crime.The first recorded use of the term "phishing" was in the cracking toolkit AOHell created by Koceilah Rekouche in 1995; however, it is possible that the term was used before this in a print edition of the hacker magazine 2600. The word is a leetspeak variant of fishing (ph is a common replacement for f ), probably influenced by phreaking, and alludes to the use of increasingly sophisticated lures to "fish" for users' sensitive information.Attempts to prevent or mitigate the impact of phishing incidents include legislation, user training, public awareness, and technical security measures. Phishing awareness has become important at home and at the work place. For instance, from 2017 to 2020, phishing attacks have increased from 72\% to 86\% among businesses.},
	language = {en},
	urldate = {2022-05-25},
	journal = {Wikipedia},
	month = may,
	year = {2022},
	note = {Page Version ID: 1089465113}
}

@article{davis_causal_2007,
	title = {Causal {Factors} {Implicated} in {Research} {Misconduct}: {Evidence} from {ORI} {Case} {Files}},
	volume = {13},
	issn = {1353-3452, 1471-5546},
	shorttitle = {Causal {Factors} {Implicated} in {Research} {Misconduct}},
	url = {http://link.springer.com/10.1007/s11948-007-9045-2},
	doi = {10.1007/s11948-007-9045-2},
	abstract = {There has been relatively little empirical research into the causes of research misconduct. To begin to address this void, the authors collected data from closed case files of the Office of Research Integrity (ORI). These data were in the form of statements extracted from ORI file documents including transcripts, investigative reports, witness statements, and correspondence. Researchers assigned these statements to 44 different concepts. These concepts were then analyzed using multidimensional scaling and cluster analysis. The authors chose a solution consisting of seven clusters: (1) personal and professional stressors, (2) organizational climate, (3) job insecurities, (4) rationalizations A, (5) personal inhibitions, (6) rationalizations B and, (7) personality factors. The authors discuss the implications of their findings for policy and for future research.},
	language = {en},
	number = {4},
	urldate = {2022-06-09},
	journal = {Science and Engineering Ethics},
	author = {Davis, Mark S. and Riske-Morris, Michelle and Diaz, Sebastian R.},
	month = dec,
	year = {2007},
	pages = {395--414},
}

@misc{redcap_2022,
	title = {{REDCap}},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=REDCap&oldid=1086529440},
	abstract = {REDCap (Research Electronic Data Capture) is a browser-based, metadata-driven EDC software and workflow methodology for designing clinical and translational research databases. It is widely used in the academic research community: the REDCap Consortium is a collaborative, international network of more than 5900 institutional partners in 145 countries, with more than 2.1 million total end-users employing the software. Over 19,000 journal articles cite REDCap.},
	language = {en},
	urldate = {2022-06-10},
	journal = {Wikipedia},
	month = may,
	year = {2022},
	note = {Page Version ID: 1086529440},
}



@misc{privacy_act_2022,
	title = {Privacy {Act} of 1974},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=Privacy_Act_of_1974&oldid=1107883305},
	abstract = {The Privacy Act of 1974 (Pub. L. 93–579, 88 Stat. 1896, enacted December 31, 1974, 5 U.S.C. § 552a), a United States federal law, establishes a Code of Fair Information Practice that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies. A system of records is a group of records under the control of an agency from which information is retrieved by the name of the individual or by some identifier assigned to the individual. The Privacy Act requires that agencies give the public notice of their systems of records by publication in the Federal Register. The Privacy Act prohibits the disclosure of information from a system of records absent of the written consent of the subject individual, unless the disclosure is pursuant to one of twelve statutory exceptions. The Act also provides individuals with a means by which to seek access to and amendment of their records and sets forth various agency record-keeping requirements. Additionally, with people granted the right to review what was documented with their name, they are also able to find out if the "records have been disclosed" and are also given the right to make corrections.},
	language = {en},
	urldate = {2023-02-21},
	journal = {Wikipedia},
	month = sep,
	year = {2022},
	note = {Page Version ID: 1107883305}
}

@misc{dinardi_14_2022,
	title = {14 {Dangers} of {Identity} {Theft} {With} {Serious} {Consequences} {\textbar} {Aura}},
	url = {https://www.aura.com/learn/dangers-of-identity-theft},
	abstract = {From financial devastation to emotional pain, the dangers of identity theft are serious. Don't let identity theft cripple your life.},
	language = {en},
	urldate = {2023-02-21},
	author = {DiNardi, Gaetano},
	month = dec,
	year = {2022},
}

@article{begay_weaving_2020,
	title = {Weaving the {Strands} of {Life} ({Iiná} {Bitł}’ool): {History} of {Genetic} {Research} {Involving} {Navajo} {People}},
	volume = {91},
	issn = {0018-7143},
	shorttitle = {Weaving the {Strands} of {Life} ({Iiná} {Bitł}’ool)},
	url = {https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7895446/},
	doi = {10.13110/humanbiology.91.3.04},
	abstract = {To date, some genetic studies offer medical benefits but lack a clear pathway to benefit for people from underrepresented backgrounds. Historically, Indigenous people, including the Diné (Navajo people), have raised concerns about the lack of benefits, misuse of DNA samples, lack of consultation, and ignoring of cultural and traditional ways of knowing. Shortly after the Navajo Nation Human Research Review Board was established in 1996, the Navajo Nation recognized growing concerns about genetic research, and in 2002 they established a moratorium on human genetic research studies. The moratorium effectively has protected their citizens from potential genetic research harms. Despite the placement of the moratorium, some genetic research studies have continued using blood and DNA samples from Navajo people. To understand the history of genetic research involving Navajo people, the authors conducted a literature review of genetic or genetics-related research publications that involved Navajo people, identifying 79 articles from the years 1926 to 2018. To their knowledge, no known literature review has comprehensively examined the history of genetic research in the Navajo community. This review divides the genetic research articles into the following general classifications: bacteria or virus genetics, blood and human leukocyte antigens, complex diseases, forensics, hereditary diseases, and population genetics and migration. The authors evaluated the methods reported in each article, described the number of Navajo individuals reported, recorded the academic and tribal approval statements, and noted whether the study considered Diné cultural values. Several studies focused on severe combined immunodeficiency disease, population history, neuropathy, albinism, and eye and skin disorders that affect Navajo people. The authors contextualize Diné ways of knowing related to genetics and health with Western scientific concepts to acknowledge the complex philosophy and belief system that guides Diné people and recognizes Indigenous science. They also encourage researchers to consider cultural perspectives and traditional knowledge that has the potential to create stronger conclusions and better-informed, ethical, and respectful science.},
	number = {3},
	urldate = {2022-08-16},
	journal = {Human biology},
	author = {Begay, Rene L. and Garrison, Nanibaa’ A. and Sage, Franklin and Bauer, Mark and Knoki-Wilson, Ursula and Begay, David H. and Becenti-Pigman, Beverly and Claw, Katrina G.},
	month = jul,
	year = {2020},
	pmid = {32549035},
	pmcid = {PMC7895446},
	pages = {189--208},
}


@article{after_2010,
	title = {After {Havasupai} litigation, {Native} {Americans} wary of genetic research},
	volume = {152A},
	issn = {1552-4833},
	url = {https://onlinelibrary.wiley.com/doi/abs/10.1002/ajmg.a.33592},
	doi = {10.1002/ajmg.a.33592},
	language = {en},
	number = {7},
	urldate = {2022-08-16},
	journal = {American Journal of Medical Genetics Part A},
	year = {2010},
	note = {\_eprint: https://onlinelibrary.wiley.com/doi/pdf/10.1002/ajmg.a.33592},
	pages = {fm ix--fm ix},
}

@article{garrison_genomic_2019,
	title = {Genomic {Research} {Through} an {Indigenous} {Lens}: {Understanding} the {Expectations}},
	volume = {20},
	shorttitle = {Genomic {Research} {Through} an {Indigenous} {Lens}},
	url = {https://doi.org/10.1146/annurev-genom-083118-015434},
	doi = {10.1146/annurev-genom-083118-015434},
	abstract = {Indigenous scholars are leading initiatives to improve access to genetic and genomic research and health care based on their unique cultural contexts and within sovereign-based governance models created and accepted by their peoples. In the past, Indigenous peoples’ engagement with genomicresearch was hampered by a lack of standardized guidelines and institutional partnerships, resulting in group harms. This article provides a comparative analysis of research guidelines from Canada, New Zealand, Australia, and the United States that pertain to Indigenous peoples. The goals of the analysis are to identify areas that need attention, support Indigenous-led governance, and promote the development of a model research policy framework for genomic research and health care that has international relevance for Indigenous peoples.},
	number = {1},
	urldate = {2022-08-16},
	journal = {Annual Review of Genomics and Human Genetics},
	author = {Garrison, Nanibaa’ A. and Hudson, Māui and Ballantyne, Leah L. and Garba, Ibrahim and Martinez, Andrew and Taualii, Maile and Arbour, Laura and Caron, Nadine R. and Rainie, Stephanie Carroll},
	year = {2019},
	pmid = {30892943},
	note = {\_eprint: https://doi.org/10.1146/annurev-genom-083118-015434},
	keywords = {bioethics, data governance, data sovereignty, genomics, Indigenous, policy},
	pages = {495--517},
}

@misc{protections_ohrp_attachment_2017,
	type = {Text},
	title = {Attachment {F} - {Recommendations} on {Reporting} {Incidental} {Findings}},
	url = {https://www.hhs.gov/ohrp/sachrp-committee/recommendations/attachment-f-august-2-2017/index.html},
	abstract = {Attachment F - Recommendations on Reporting Incidental Findings},
	language = {en},
	urldate = {2022-09-26},
	journal = {HHS.gov},
	author = {Protections (OHRP), Office for Human Research},
	month = aug,
	year = {2017},
	note = {Last Modified: 2022-08-04T16:28:42-0400},
	file = {Snapshot:/Users/carriewright/Zotero/storage/5FFUIQNQ/index.html:text/html},
}


@misc{hippocratic_2023,
	title = {Hippocratic {Oath}},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=Hippocratic_Oath&oldid=1145959645},
	abstract = {The Hippocratic Oath is an oath of ethics historically taken by physicians. It is one of the most widely known of Greek medical texts. In its original form, it requires a new physician to swear, by a number of healing gods, to uphold specific ethical standards. The oath is the earliest expression of medical ethics in the Western world, establishing several principles of medical ethics which remain of paramount significance today. These include the principles of medical confidentiality and non-maleficence. As the seminal articulation of certain principles that continue to guide and inform medical practice, the ancient text is of more than historic and symbolic value. It is enshrined in the legal statutes of various jurisdictions, such that violations of the oath may carry criminal or other liability beyond the oath's symbolic nature.
The original oath was written in Ionic Greek, between the fifth and third centuries BC. Although it is traditionally attributed to the Greek doctor Hippocrates and it is usually included in the Hippocratic Corpus, some modern scholars do not regard it as having been written by Hippocrates himself.},
	language = {en},
	urldate = {2023-03-30},
	journal = {Wikipedia},
	month = mar,
	year = {2023},
	note = {Page Version ID: 1145959645},
}


@misc{security_HITECH_2021,
	title = {Major {Components} of the {HITECH} {Act}: {What} {You} {Should} {Know}},
	shorttitle = {Major {Components} of the {HITECH} {Act}},
	url = {https://blog.rsisecurity.com/major-components-of-the-hitech-act-what-you-should-know/},
	abstract = {Learn about the major components of the HITECH act that healthcare organizations should know.},
	language = {en-US},
	urldate = {2023-03-30},
	journal = {RSI Security},
	author = {Security, R. S. I.},
	month = feb,
	year = {2021},
}

@misc{Principles_2015,
	title = {Guiding {Principles} for {Ethical} {Research}},
	url = {https://www.nih.gov/health-information/nih-clinical-research-trials-you/guiding-principles-ethical-research},
	abstract = {Researchers can take precautions to protect participants in research studies.},
	language = {EN},
	urldate = {2023-03-30},
	journal = {National Institutes of Health (NIH)},
	month = jun,
	year = {2015},
	file = {Snapshot:/Users/carriewright/Zotero/storage/WHEE792D/guiding-principles-ethical-research.html:text/html},
}

@misc{IRB_Iowa,
  title = {{IOWA STATE UNIVERSITY} {Institutional Review Board}{Recruitment of Research Participants}},
  url = {https://www.compliance.iastate.edu/sites/default/files/imported/irb/guide/docs/Recruitment%20of%20Research%20Participants.pdf},
	urldate = {2023-03-30},
  year = {2015}
}

@misc{wikipedia_informed_2023,
	title = {Informed consent},
	copyright = {Creative Commons Attribution-ShareAlike License},
	url = {https://en.wikipedia.org/w/index.php?title=Informed_consent&oldid=1147352914},
	abstract = {Informed consent is a principle in medical ethics and medical law and media studies, that a patient must have sufficient information and understanding before making decisions about their medical care. Pertinent information may include risks and benefits of treatments, alternative treatments, the patient's role in treatment, and their right to refuse treatment. In most systems, healthcare providers have a legal and ethical responsibility to ensure that a patient's consent is informed. This principle applies more broadly than healthcare intervention, for example to conduct research and to disclosing a person's medical information.
Within the US, definitions of informed consent vary, and the standard required is generally determined by the state. Informed consent requires a clear appreciation and understanding of the facts, implications, and consequences of an action. To give informed consent, the individual concerned must have adequate reasoning faculties and possess all relevant facts. Impairments to reasoning and judgment that may preclude informed consent include intellectual or emotional immaturity, high levels of stress such as post-traumatic stress disorder or a severe intellectual disability, severe mental disorder, intoxication, severe sleep deprivation, dementia, or coma.
Obtaining informed consent is not always required. If an individual is considered unable to give informed consent, another person is generally authorized to give consent on their behalf—for example, the parents or legal guardians of a child (though in this circumstance the child may be required to provide informed assent) and conservators for the mentally disordered. Alternatively, the doctrine of implied consent permits treatment in limited cases, for example when an unconscious person will die without immediate intervention. Cases in which an individual is provided insufficient information to form a reasoned decision raise serious ethical issues. When these issues occur, or are anticipated to occur, in a clinical trial, they are subject to review by an ethics committee or institutional review board.
Informed consent is codified in both national and international law. 'Free consent' is a cognate term in the International Covenant on Civil and Political Rights, adopted in 1966 by the United Nations, and intended to be in force by 23 March 1976. Article 7 of the covenant prohibits experiments conducted without the "free consent to medical or scientific experimentation" of the subject. As of September 2019, the covenant has 173 parties and six more signatories without ratification.},
	language = {en},
	urldate = {2023-03-30},
	journal = {Wikipedia},
	month = mar,
	year = {2023},
	note = {Page Version ID: 1147352914},
}


@article{broman_identification_2015,
	title = {Identification and {Correction} of {Sample} {Mix}-{Ups} in {Expression} {Genetic} {Data}: {A} {Case} {Study}},
	volume = {5},
	issn = {2160-1836},
	shorttitle = {Identification and {Correction} of {Sample} {Mix}-{Ups} in {Expression} {Genetic} {Data}},
	url = {https://doi.org/10.1534/g3.115.019778},
	doi = {10.1534/g3.115.019778},
	abstract = {In a mouse intercross with more than 500 animals and genome-wide gene expression data on six tissues, we identified a high proportion (18\%) of sample mix-ups in the genotype data. Local expression quantitative trait loci (eQTL; genetic loci influencing gene expression) with extremely large effect were used to form a classifier to predict an individual’s eQTL genotype based on expression data alone. By considering multiple eQTL and their related transcripts, we identified numerous individuals whose predicted eQTL genotypes (based on their expression data) did not match their observed genotypes, and then went on to identify other individuals whose genotypes did match the predicted eQTL genotypes. The concordance of predictions across six tissues indicated that the problem was due to mix-ups in the genotypes (although we further identified a small number of sample mix-ups in each of the six panels of gene expression microarrays). Consideration of the plate positions of the DNA samples indicated a number of off-by-one and off-by-two errors, likely the result of pipetting errors. Such sample mix-ups can be a problem in any genetic study, but eQTL data allow us to identify, and even correct, such problems. Our methods have been implemented in an R package, R/lineup.},
	number = {10},
	urldate = {2023-03-30},
	journal = {G3 Genes{\textbar}Genomes{\textbar}Genetics},
	author = {Broman, Karl W and Keller, Mark P and Broman, Aimee Teo and Kendziorski, Christina and Yandell, Brian S and Sen, Śaunak and Attie, Alan D},
	month = oct,
	year = {2015},
	pages = {2177--2186},
}


@article{bambauer_privacy_2013,
	title = {Privacy {Versus} {Security}},
	volume = {103},
	language = {en},
	number = {3},
	journal = {THE JOURNAL OF CRIMINAL LAW \& CRIMINOLOGY},
	author = {Bambauer, Derek E},
	year = {2013},
}

@article{nong_discrimination_2022,
	title = {Discrimination, trust, and withholding information from providers: {Implications} for missing data and inequity},
	volume = {18},
	issn = {2352-8273},
	shorttitle = {Discrimination, trust, and withholding information from providers},
	url = {https://www.sciencedirect.com/science/article/pii/S2352827322000714},
	doi = {10.1016/j.ssmph.2022.101092},
	abstract = {Quality care requires collaborative communication, information exchange, and decision-making between patients and providers. Complete and accurate data about patients and from patients are especially important as high volumes of data are used to build clinical decision support tools and inform precision medicine initiatives. However, systematically missing data can bias these tools and threaten their effectiveness. Data completeness relies in many ways on patients being comfortable disclosing information to their providers without prohibitive concerns about security or privacy. Patients are likely to withhold information in the context of low trust relationships with providers, but it is unknown how experiences of discrimination in the healthcare system also relate to non-disclosure. In this study, we assess the relationship between withholding information from providers, experiences of discrimination, and multiple types of patient trust. Using a nationally representative sample of US adults (n = 2,029), weighted logistic regression modeling indicated a statistically significant relationship between experiences of discrimination and withholding information from providers (OR 3.7; CI [2.6–5.2], p {\textless} .001). Low trust in provider disclosure of conflicts of interest and low trust in providers' responsible use of health information were also positively associated with non-disclosure. We further analyzed the relationship between non-disclosure and the five most common types of discrimination (e.g., discrimination based on race, education/income, weight, gender, and age). We observed that all five types were statistically significantly associated with non-disclosure (p {\textless} .05). These results suggest that experiences of discrimination and specific types of low trust have a meaningful association with a patient's willingness to share information with their provider, with important implications for the quality of data available for medical decision-making and care. Because incomplete information can contribute to lower quality care, especially in the context of data-driven decision-making, patients experiencing discrimination may be further disadvantaged and harmed by systematic data missingness in their records.},
	urldate = {2024-09-12},
	journal = {SSM - Population Health},
	author = {Nong, Paige and Williamson, Alicia and Anthony, Denise and Platt, Jodyn and Kardia, Sharon},
	month = jun,
	year = {2022},
	pages = {101092},
}

@article{belmont_1979,
	title = {The {Belmont} {Report}},
	url = {https://www.hhs.gov/ohrp/sites/default/files/the-belmont-report-508c_FINAL.pdf},
}
  year = {1979},
	date = {1979},
	abstract = {On July 12, 1974, the National Research Act (Pub. L. 93-348) was signed into law, there-by creating the National Commission for the Protection of Human Subjects of Biomedical and Behavioral Research. One of the charges to the Commission was to identify the basic ethical principles that should underlie the conduct of biomedical and behavioral research involving human subjects and to develop guidelines which should be followed to assure that such research is conducted in accordance with those principles. In carrying out the above, the Commission was directed to consider: (i) the boundaries between biomedical and behavioral research and the accepted and routine practice of medicine, (ii) the role of assessment of risk-benefit criteria in the determination of the appropriateness of research involving human subjects, (iii) appropriate guidelines for the selection of human subjects for participation in such research and (iv) the nature and definition of informed consent in various research settings.},
	language = {en},
	author = {{The} {National} {Commission} {for} {the} {Protection} {of} {Human} {Subjects} {of} {Biomedical} {and} {Behavior Research}},
	urldate = {2024-09-12},
}


@misc{wma_1964,
	title = {{WMA} - {The} {World} {Medical} {Association}-{Declaration} of {Helsinki}},
	url = {https://www.wma.net/what-we-do/medical-ethics/declaration-of-helsinki/},
	abstract = {WMA - The World Medical Association},
	language = {en-US},
	urldate = {2024-09-12},
	author = {{The} {World} {Medical} {Association}},
	year = {1964},
}

@article{kumar_theoretical_2010,
	title = {A {Theoretical} {Comparison} of the {Models} of {Prevention} of {Research} {Misconduct}},
	volume = {17},
	issn = {0898-9621},
	url = {https://doi.org/10.1080/08989621003641132},
	doi = {10.1080/08989621003641132},
	abstract = {The current methods of dealing with research misconduct involve detection and rectification after the incident has already occurred. This method of monitoring scientific integrity exerts considerable negative effects on the concerned persons and is also wasteful of time and resources. Time has arrived for research administrators to focus seriously on prevention of misconduct. In this article, preventive models suggested earlier by Weed and Reason have been combined to arrive at six models of prevention. This is an effort to streamline the thinking regarding misconduct prevention, so that the advantages and disadvantages of each can be weighed and the method most appropriate for the institute chosen.},
	number = {2},
	urldate = {2023-06-01},
	journal = {Accountability in Research},
	author = {Kumar, Malhar   N.},
	month = mar,
	year = {2010},
	pmid = {20306348},
	note = {Publisher: Taylor \& Francis
\_eprint: https://doi.org/10.1080/08989621003641132},
	keywords = {models of prevention, prevention of research misconduct, research ethics, research misconduct investigation},
	pages = {51--66},
}

@article{mousavi_review_2020,
	title = {A review of the current concerns about misconduct in medical sciences publications and the consequences},
	volume = {28},
	issn = {1560-8115},
	url = {https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7214560/},
	doi = {10.1007/s40199-020-00332-1},
	abstract = {Background
In the new era of publication, scientific misconduct has become a focus of concern including extreme variability of plagiarism, falsification, fabrication, authorship issues, peer review manipulation, etc. Along with, overarching theme of “retraction” and “predatory journals” have emphasized the importance of studying related infrastructures.

Methods
Information used in this review was provided through accessing various databases as Google Scholar, Web of Science, Scopus, PubMed, Nature Index, Publication Ethics and Retraction Watch. Original researches, expert opinions, comments, letters, editorials, books mostly published between 2010 and 2020 were gathered and categorized into three sections of “Common types of misconduct”,” Reasons behind scientific misconduct” and “Consequences”. Within each part, remarkable examples from the past 10 years cited in Retraction Watch are indicated. At last, possible solution on combating misconduct are suggested.

Results
The number of publications are on the dramatic rise fostering a competition under which scholars are pushed to publish more. Consequently, due to several reasons including poor linguistic and illustration skills, not adequate evaluation, limited experience, etc. researchers might tend toward misbehavior endangering the health facts and ultimately, eroding country, journal/publisher, and perpetrator’s creditability. The reported incident seems to be enhanced by the emergence of predatory with publishing about 8 times more papers in 2014 than which is in 2010. So that today, 65.3\% of paper retraction is solely attributing to misconduct, with plagiarism at the forefront. As well, authorship issues and peer-review manipulation are found to have significant contribution besides further types of misconduct in this duration.

Conclusion
Given the expansion of the academic competitive environment and with the increase in research misconduct, the role of any regulatory sector, including universities, journals/publishers, government, etc. in preventing this phenomenon must be fully focused and fundamental alternation should be implemented in this regard.},
	number = {1},
	urldate = {2023-06-01},
	journal = {DARU Journal of Pharmaceutical Sciences},
	author = {Mousavi, Taraneh and Abdollahi, Mohammad},
	month = feb,
	year = {2020},
	pmid = {32072484},
	pmcid = {PMC7214560},
	pages = {359--369},
	annote = {undefined},
}


@article{kurihara_declaration_2024,
	title = {Declaration of {Helsinki}: ethical norm in pursuit of common global goals},
	volume = {11},
	issn = {2296-858X},
	shorttitle = {Declaration of {Helsinki}},
	url = {https://www.frontiersin.org/journals/medicine/articles/10.3389/fmed.2024.1360653/full},
	doi = {10.3389/fmed.2024.1360653},
	abstract = {{\textless}p{\textgreater}The World Medical Association’s Declaration of Helsinki is in the process of being revised. The following amendments are recommended to be incorporated in pursuit of the common goal of promoting health for all. 1. Data-driven research that facilitates broad informed consent and dynamic consent, assuring participant’s rights, and the sharing of individual participant data (IPD) and research results to promote open science and generate social value. 2. Risk minimisation in a placebo-controlled study and post-trial access to the best-proven interventions for all who need them. 3. A future-oriented research framework for co-creation with all the relevant stakeholders.{\textless}/p{\textgreater}},
	language = {English},
	urldate = {2024-09-12},
	journal = {Frontiers in Medicine},
	author = {Kurihara, Chieko and Kerpel-Fronius, Sandor and Becker, Sander and Chan, Anthony and Nagaty, Yasmin and Naseem, Shehla and Schenk, Johanna and Matsuyama, Kotone and Baroutsou, Varvara},
	month = apr,
	year = {2024},
	note = {Publisher: Frontiers},
	keywords = {Data-driven research, Declaration of Helsinki, Health for all, placebo, post-trial access, stakeholder involvement},
}


@article{stark_unintended_2016,
	title = {The unintended ethics of {Henry} {K} {Beecher}},
	volume = {387},
	issn = {0140-6736, 1474-547X},
	url = {https://www.thelancet.com/journals/lancet/article/PIIS0140-6736(16)30743-7/fulltext},
	doi = {10.1016/S0140-6736(16)30743-7},
	language = {English},
	number = {10036},
	urldate = {2024-09-12},
	journal = {The Lancet},
	author = {Stark, Laura},
	month = jun,
	year = {2016},
	pmid = {27312298},
	note = {Publisher: Elsevier},
	pages = {2374--2375},
}


@article{beecher_ethics_1966,
	title = {Ethics and {Clinical} {Research}},
	volume = {274},
	issn = {0028-4793},
	url = {https://www.nejm.org/doi/full/10.1056/NEJM196606162742405},
	doi = {10.1056/NEJM196606162742405},
	abstract = {HUMAN experimentation since World War II has created some difficult problems with the increasing employment of patients as experimental subjects when it must be apparent that they would not have been available if they had been truly aware of the uses that would be made of them. Evidence is at hand that many of the patients in the examples to follow never had the risk satisfactorily explained to them, and it seems obvious that further hundreds have not known that they were the subjects of an experiment although grave consequences have been suffered as a direct result of experiments described . . .},
	number = {24},
	urldate = {2024-09-12},
	journal = {New England Journal of Medicine},
	author = {Beecher, Henry K.},
	month = jun,
	year = {1966}
}



@article{packhauser_deep_2022,
	title = {Deep learning-based patient re-identification is able to exploit the biometric nature of medical chest {X}-ray data},
	volume = {12},
	copyright = {2022 The Author(s)},
	issn = {2045-2322},
	url = {https://www.nature.com/articles/s41598-022-19045-3},
	doi = {10.1038/s41598-022-19045-3},
	abstract = {With the rise and ever-increasing potential of deep learning techniques in recent years, publicly available medical datasets became a key factor to enable reproducible development of diagnostic algorithms in the medical domain. Medical data contains sensitive patient-related information and is therefore usually anonymized by removing patient identifiers, e.g., patient names before publication. To the best of our knowledge, we are the first to show that a well-trained deep learning system is able to recover the patient identity from chest X-ray data. We demonstrate this using the publicly available large-scale ChestX-ray14 dataset, a collection of 112,120 frontal-view chest X-ray images from 30,805 unique patients. Our verification system is able to identify whether two frontal chest X-ray images are from the same person with an AUC of 0.9940 and a classification accuracy of 95.55\%. We further highlight that the proposed system is able to reveal the same person even ten and more years after the initial scan. When pursuing a retrieval approach, we observe an mAP@R of 0.9748 and a precision@1 of 0.9963. Furthermore, we achieve an AUC of up to 0.9870 and a precision@1 of up to 0.9444 when evaluating our trained networks on external datasets such as CheXpert and the COVID-19 Image Data Collection. Based on this high identification rate, a potential attacker may leak patient-related information and additionally cross-reference images to obtain more information. Thus, there is a great risk of sensitive content falling into unauthorized hands or being disseminated against the will of the concerned patients. Especially during the COVID-19 pandemic, numerous chest X-ray datasets have been published to advance research. Therefore, such data may be vulnerable to potential attacks by deep learning-based re-identification algorithms.},
	language = {en},
	number = {1},
	urldate = {2024-09-25},
	journal = {Scientific Reports},
	author = {Packhäuser, Kai and Gündel, Sebastian and Münster, Nicolas and Syben, Christopher and Christlein, Vincent and Maier, Andreas},
	month = sep,
	year = {2022},
	note = {Publisher: Nature Publishing Group},
	keywords = {Computer science, Medical ethics, Radiography},
	pages = {14851},
}


@article{ganz_re-identification_2025,
	title = {Re-identification from histopathology images},
	volume = {99},
	issn = {1361-8415},
	url = {https://www.sciencedirect.com/science/article/pii/S1361841524002603},
	doi = {10.1016/j.media.2024.103335},
	abstract = {In numerous studies, deep learning algorithms have proven their potential for the analysis of histopathology images, for example, for revealing the subtypes of tumors or the primary origin of metastases. These models require large datasets for training, which must be anonymized to prevent possible patient identity leaks. This study demonstrates that even relatively simple deep learning algorithms can re-identify patients in large histopathology datasets with substantial accuracy. In addition, we compared a comprehensive set of state-of-the-art whole slide image classifiers and feature extractors for the given task. We evaluated our algorithms on two TCIA datasets including lung squamous cell carcinoma (LSCC) and lung adenocarcinoma (LUAD). We also demonstrate the algorithm’s performance on an in-house dataset of meningioma tissue. We predicted the source patient of a slide with F1 scores of up to 80.1\% and 77.19\% on the LSCC and LUAD datasets, respectively, and with 77.09\% on our meningioma dataset. Based on our findings, we formulated a risk assessment scheme to estimate the risk to the patient’s privacy prior to publication.},
	urldate = {2024-09-25},
	journal = {Medical Image Analysis},
	author = {Ganz, Jonathan and Ammeling, Jonas and Jabari, Samir and Breininger, Katharina and Aubreville, Marc},
	month = jan,
	year = {2025},
	keywords = {Deep learning, Digital pathology, Re-identification},
	pages = {103335},
}