Featured Research

from universities, journals, and other organizations

Security weaknesses in file-sharing methods used in clinical trials revealed

Date:
February 17, 2011
Source:
Children's Hospital of Eastern Ontario Research Institute
Summary:
Patients who participate in clinical trials expect that their personal information will remain confidential, but a recent study found that the security practices used to transfer and share sensitive files were inadequate.

Patients who participate in clinical trials expect that their personal information will remain confidential, but a recent study led by Dr. Khaled El-Emam, Canada Research Chair in Electronic Health Information at the CHEO Research Institute, found that the security practices used to transfer and share sensitive files were inadequate.

The two-part study, entitled "How Strong Are Passwords Used to Protect Personal Health Information in Clinical Trials?," published February 16 in the Journal of Medical Internet Research, showed that the majority of passwords used to protect files are poorly constructed and easily cracked using commercial password recovery tools. Study coordinator interviews indicated that electronic information shared in the context of clinical trials may put personal health information at risk.

"The patients in these trials expect that their personal information will be protected," said Dr. El-Emam. "This is critical for maintaining the trust of clinical trial participants, and the public in general."

In the course of the study, passwords for 14 out of 15 sensitive files transmitted by email were successfully decoded. Of these 14, 13 contained sensitive health information and other potentially identifying factors such as name of study site, dates of birth, initials, and gender. File sharing practices were also found to be insecure, with unencrypted patient information being shared via email and posted on shared drives with common passwords.

"Cracking the passwords proved to be trivial," said Dr. El-Emam. "Choices included passwords as simple as car makers (e.g., "nissan"), and common number sequences (e.g., "123"). It was easy for the password recovery tools to guess them."

Poor security practices can be harmful to patients participating in clinical trials, who are at risk of being identified and possibly stigmatized by the disclosure of personal health information. There is also a potential for both medical and non-medical identity theft. In the context of international clinical trials, inadvertent disclosure of personal health information is considered a data breach in countries like the United States, which can lead to penalties in some states.

Dr. El-Emam believes that with some effort file sharing in clinical trials can be made secure: "There are protocols and tools that can be employed for secure file sharing. It may take more effort on the part of those who conduct clinical trials, but the alternative would not be acceptable."

Dr. El-Emam makes several recommendations, including enforcement of strong passwords and encryption algorithms, encrypting all information sent via email including site queries, and minimizing password sharing.

The study was financed by the Natural Sciences and Engineering Research Council of Canada (NSERC) and the Canada Research Chair program.


Story Source:

The above story is based on materials provided by Children's Hospital of Eastern Ontario Research Institute. Note: Materials may be edited for content and length.


Journal Reference:

  1. Khaled El Emam, Katherine Moreau, Elizabeth Jonker. How Strong are Passwords Used to Protect Personal Health Information in Clinical Trials? Journal of Medical Internet Research, 2011; 13 (1) DOI: 10.2196/jmir.1335

Cite This Page:

Children's Hospital of Eastern Ontario Research Institute. "Security weaknesses in file-sharing methods used in clinical trials revealed." ScienceDaily. ScienceDaily, 17 February 2011. <www.sciencedaily.com/releases/2011/02/110216123543.htm>.
Children's Hospital of Eastern Ontario Research Institute. (2011, February 17). Security weaknesses in file-sharing methods used in clinical trials revealed. ScienceDaily. Retrieved October 21, 2014 from www.sciencedaily.com/releases/2011/02/110216123543.htm
Children's Hospital of Eastern Ontario Research Institute. "Security weaknesses in file-sharing methods used in clinical trials revealed." ScienceDaily. www.sciencedaily.com/releases/2011/02/110216123543.htm (accessed October 21, 2014).

Share This



More Computers & Math News

Tuesday, October 21, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Thanks, Marty McFly! Hoverboards Could Be Coming In 2015

Thanks, Marty McFly! Hoverboards Could Be Coming In 2015

Newsy (Oct. 21, 2014) If you've ever watched "Back to the Future Part II" and wanted to get your hands on a hoverboard, well, you might soon be in luck. Video provided by Newsy
Powered by NewsLook.com
Robots to Fly Planes Where Humans Can't

Robots to Fly Planes Where Humans Can't

Reuters - Innovations Video Online (Oct. 21, 2014) Researchers in South Korea are developing a robotic pilot that could potentially replace humans in the cockpit. Unlike drones and autopilot programs which are configured for specific aircraft, the robots' humanoid design will allow it to fly any type of plane with no additional sensors. Ben Gruber reports. Video provided by Reuters
Powered by NewsLook.com
Japanese Scientists Unveil Floating 3D Projection

Japanese Scientists Unveil Floating 3D Projection

Reuters - Innovations Video Online (Oct. 20, 2014) Scientists in Tokyo have demonstrated what they say is the world's first 3D projection that floats in mid air. A laser that fires a pulse up to a thousand times a second superheats molecules in the air, creating a spark which can be guided to certain points in the air to shape what the human eye perceives as an image. Matthew Stock reports. Video provided by Reuters
Powered by NewsLook.com
Apple Enters Mobile Payment Business

Apple Enters Mobile Payment Business

AP (Oct. 20, 2014) Apple is making a strategic bet with the launch of Apple Pay, the mobile pay service aimed at turning your iPhone into your wallet. (Oct. 20) Video provided by AP
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:

Strange & Offbeat Stories


Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins