1.Information security assessment in public administration
公共管理中的信息安全评估
作者: Szczepaniuk, Edyta Karolina; Szczepaniuk, Hubert; Rokicki, Tomasz;等.
COMPUTERS & SECURITY 卷: 90 文献号: UNSP 101709 出版年: MAR 2020
Abstract:The aim of the article is to characterise and assess information security management in units of public administration and to define recommended solutions facilitating an increase in the level of information security. The article is considered a theoretical-empirical research paper. The aim of theoretical research is to explain the basic terms related to information security management and to define conditions for the implementation of Information Security Management System (ISMS). Within the scope of theoretical considerations, source literature, legislation and reports are being referred to. In the years 2016-2019, empirical research has been conducted, which aim was to assess the efficiency of information security management in public administration offices. The evaluation of results of surveys was accompanied by an analysis of statistical relations between the researched variables, which enabled to define effects of European Union regulations on the delivery of information security in public administration. Results of the empirical data show that in the years 2016-2017, in public administration offices, certain problem areas in the aspect of information security management were present, which include, among others: lack of ISMS organisation, incomplete or outdated ISMS documentation, lack of regular risk analysis, lack of reviews, audits or controls, limited use of physical and technological protection measures, lack of training or professional development. In the years 2018-2019, European Union solutions, i.e. the GDPR Regulation and the NIS Directive, have affected the increase in the security level of information in public administration and have a significantly limited occurrence of identified irregularities. Results of the research enable to assume that the delivery of information security in public administration requires a systemic approach arising from the need for permanent improvement. (C) 2020 The Authors. Published by Elsevier Ltd.
2. Digital public health: data protection and data security
公共卫生数字化:数据保护与数据安全
作者: Kunz, Thomas; Lange, Benjamin; Selzer, Annika
BUNDESGESUNDHEITSBLATT-GESUNDHEITSFORSCHUNG-GESUNDHEITSSCHUTZ 卷: 63 期: 2 特刊: SI 页: 206-214 出版年: FEB 2020
Abstract:Digital public health applications are becoming increasingly popular; for example, about 45% of smartphone users have health or fitness apps on their devices. Most of these applications transfer the user's personal data to the provider of the health app. Application providers must comply with the relevant data protection statutes. In this article we provide a survey of important data protection requirements and the necessary technical measures for data security that the provider of a health app must observe. This includes - amongst other things - mechanisms for consent, determination of and compliance with the legitimate purposes of the processing, and the granting of so-called "rights of the data subject" (e.g. right of access). Furthermore, the provider of the health application must follow best practice recommendations from the area of data security. Therefore, the provider must ensure that, for example, unauthorized access, manipulation, loss, and destruction of personal data are prevented by appropriate technical and organizational measures. State-of-the-art procedures such as encryption, rights management, securing integrity, pseudonymization, and logging are some examples of technical and organizational measures. When implementing these measures, it must be taken into account that the processing of health data generally entails high risk for the rights and freedoms of the data subjects and that unauthorized access to and/or manipulation of data, for example, can lead to the publication of a stigmatizing diagnosis or incorrect medication.
3. Examining Implementation of Contingency Management in Real-World Settings
现实环境中的应急管理实施检验
作者: Rash, Carla J.; Alessi, Sheila M.; Zajac, Kristyn
PSYCHOLOGY OF ADDICTIVE BEHAVIORS 卷: 34 期: 1 特刊: SI 页: 89-98 出版年: FEB 2020
Abstract:Very little is known about how reward programs are implemented in real-world substance use treatment settings and whether training in contingency management (CM), an empirically supported rewards-based intervention, impacts their design quality. Providers (N = 214) completed surveys assessing CM beliefs, training, and practices related to use of tangible rewards in treatment. For providers reporting they had not used rewards in treatment previously (54%. n = 116), we assessed beliefs about and interest in adopting a reward-based program. For those endorsing prior reward experience (46%, n = 98), we assessed the features and delivery of rewards and the relation of reward-based intervention training to 4 parameters related to CM efficacy: reinforcement magnitude, immediacy, frequency, and escalation. Among providers without reward experience, endorsement of supportive statements about CM predicted interest in adopting a rewards-based program. Providers with reward experience most often targeted treatment attendance and engaged in behaviors likely to decrease the effectiveness of the intervention, including use of low magnitudes (<=$25/client), delayed reinforcement, failure to escalate reward values, and offering reward opportunities less than weekly. Providers with longer durations of training were more likely to engage in behaviors consistent with effective CM, including larger magnitude rewards and immediate delivery of rewards. Results indicate that real-world treatment clinics are using reward-based programs but not in ways consistent with research protocols. Longer training exposure is associated with greater adherence to some aspects of CM protocol design. Other evidence-based design features are not being implemented as recommended. even with training.
4. Using the security triad to assess blockchain technology in public sector applications
利用安全三元组评估区块链技术在公共部门的应用
作者: Warkentin, Merrill; Orgeron, Craig
INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT 卷: 52 文献号: UNSP 102090 出版年: JUN 2020
Abstract:This conceptual paper explores the impact of blockchain technology on public sector processes through the lens of information security. It includes an overview of the evolution of e-government, a synopsis of existing applications of blockchain technology, and innovative blockchain developments. We utilize the Confidentiality-Integrity-Accessibility (CIA) triad to guide our discussion of the security, governance, and regulatory implications of this technology. Leveraging the CIA triad model, we provide context for public managers who may consider blockchain technologies, and we highlight certain advantages arising from the "non-reputability" of distributed ledgers.
In particular, we highlight the advantages of blockchain technologies with regards to non-reputability to help public managers understand how to best leverage blockchain technology to transform operations.
5. The Dissemination and Implementation of Contingency Management for Substance Use Disorders: A Systematic Review
物质使用障碍应急管理的传播与实施:系统综述
作者: Oluwoye, Oladunni; Kriegel, Liat; Alcover, Karl C.;等.
PSYCHOLOGY OF ADDICTIVE BEHAVIORS 卷: 34 期: 1 特刊: SI 页: 99-110 出版年: FEB 2020
Abstract:Contingency management is one of the most effective behavioral interventions for substance use. However, the implementation of contingency management has not been as widespread as might be expected given its efficacy. This review summarizes literature that examines the dissemination and implementation of contingency management for substance use in community (e.g., specialized substance use treatment) and clinical (e.g., primary care) settings. A systematic review was conducted according to the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) statement. Databases including Google Scholar, World of Knowledge, PsycINFO, and PubMed were searched. Search results yielded 100 articles and after the screening of titles and abstracts 44 were identified. Full-text articles were examined for eligibility and yielded 24 articles that were included in this review. Of the 24 articles included in the review, the majority (n = 11) focused on implementing contingency management in methadone clinics and opioid treatment programs. Training methods, implementation strategies, fidelity assessments, and attitudes toward the implementation of contingency management are discussed in greater detail. These findings highlight the importance of organizational input and ongoing supervision and consultation, and the need for additional research that is guided by theoretical frameworks and use rigorous study designs.