Posted on Leave a comment

Marigold & Parsley

Parsley and Marigold Plant Shidonna Raven Garden and Cook

When we brought our African Marigold flower and Parsley Plant in for the winter we were not sure how quickly and successfully they would transition from being outside to being inside. We are happy to report that parsley seems to be doing very well. We will be clipping her soon and adding her to a dish.

Marigold on the other hand grew very tall and bent way over as she reached for the sun. The single stalk that carries her bountiful blossom weighed down heavy as we tried to straighten her stem out by rotating her pot. When we rotated her pot she bent back to reach for the sun, as plants do, and bent her stalk. She is still repairing under a straw cut down the center and placed around her stem as a brace. We will let you know how she recovers.

What plants have you brought in for the winter? How are they doing? Where are you located? What is the climate like where you are?

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today.

Posted on Leave a comment

Remote, Telehealth-Driven World Poses New Concerns for Medical Device Security


By Bill Enos Bill Enos, BSI Americas

Medical device security needs to address the cyber-physical threats, not just patient health information risk.

Increased use of telehealth, forced by the global COVID-19 pandemic, arrived at a time when heightened connectivity of medical devices to computer networks and a convergence of technologies already exposed devices and software applications to a variety of threats. The need to protect patient data from cyberattacks is well understood, but the potential risks from such hacking for clinical care and patient safety haven’t been addressed adequately by healthcare organizations, regulators and medical device manufacturers.

The inherent security risk with medical devices is that they can potentially expose both data and control of the device itself to attack. This exposure creates a tension between safety and security, which requires greater stakeholder collaboration to address, particularly in design and regulatory approaches. Put simply, medical device engineering has focused on medical safety for patients but has not sufficiently dealt with cybersecurity for the devices, despite some innovation.

In the age of telemedicine and increased cybersecurity risk, how can healthcare organizations, regulators, medical device manufacturers and consumers ensure their safety?

Demand for Telehealth Will Keep Rising

In 2020, the telehealth market is experiencing a tsunami of growth, and Frost & Sullivan forecasts a year-over-year expansion rate of 64.3% in the United States. “The challenges presented by the COVID-19 pandemic have obliterated the normal growth sequence for telehealth,” the consulting firm said in an April 2020 report.

The unexpected dependence on telehealth this year, in tandem with the increased network connectivity of medical devices and converging technologies, has exposed vulnerable devices and software applications to cyber incidents.

Risks are expected to continue to increase with the gradual adoption of the Internet of Things (IoT), or connected devices, by healthcare organizations and consumers. All these factors have enabled increasing integration of hospital enterprise systems/information technology (IT), clinical engineering (CE) and suppliers through remote connectivity. This increased adoption will be revolutionized further by cloud-based services and the use of big data analytics.

The domain silos of hospital enterprise systems/information technology and clinical engineering are being bridged by networking, exposing cybersecurity weaknesses, and revealing poor stakeholder communication, legacy technology, security vulnerabilities and inadequate device management. Medical device engineering up to now has focused more on patients’ medical safety. In fact, technology convergence is creating new attack pathways and cybersecurity risks as older, less secure medical devices continue to be used. For example, newer devices using older Bluetooth protocols such as blood glucose monitors, pulse oximeters or asthma inhalers could all be affected and provide inaccurate results.

Increased connectivity, wireless technologies, and “hyper-connectivity” often create positive new opportunities for service delivery, remote monitoring and diagnostics, but may also foster unforeseen consequences.

According to the U.S. Department of Health and Human Services, “there has been an increase in cybersecurity breaches in hospitals and healthcare providers’ networks which may be due to COVID-19. Between the months of February and May of this year, there have been 132 reported breaches, an almost 50% increase in reported breaches during the same time last year,” according to Healthcare Finance.

How Do Cybersecurity Breaches Happen?

Threats come from several sources and can be categorized as adversarial, natural (including system complexity, human error, accidents and equipment failures) and natural disasters. Adversarial groups or individuals, also known as “threat actors,” have varying capabilities, motives and resources.
One example, familiar to many in the security industry: Non-profit hospital system MedStar Health in 2016 received a cyber ransom note from hackers demanding a bitcoin payment to ensure Medstar’s continued access to its encrypted computer systems.

Notifications were displayed on infected computers, threatening loss of data after 10 days. Patient records for 10 hospitals and 250 outpatient centers were reported to be either unavailable and or could not be updated, and MedStar relied on paper backup systems. Patient operations were cancelled, and ambulances diverted. Nurses and doctors highlighted safety issues, from treatment delays to problems with test results and the administering of medication before normal operations could be resumed.

With connected medical devices, there is an increased vulnerability due to their connectivity to the internet, hospital networks, other medical devices, mobile computing and phones.

Preparing for Handling Worst-Case Scenarios

To increase patient protections, health IT providers and medical device manufacturers need to plan for the worst, asking tough questions such as:

  • How do we secure patient data considering remote monitoring and transmission of diagnoses?
  • What happens if data is manipulated or altered through a non-secure connection?
  • How do we guard critical, life-giving devices such as remote infusion pumps or pacemakers?

Medical device security has become a primary healthcare security concern after several high-profile incidents like the Medstar aggression. Justifiably so, given that a device infected with malware has the potential to shut down hospital operations, expose sensitive patient information, compromise other connected devices—and harm patients. Medical device manufacturers and healthcare organizations need to move swiftly to implement safeguards to reduce the risk of failure or misuse in the event of a cyberattack.

A common issue in IoT and medical device technology is the limitations found in hardware resources, power, memory and CPU. Ensuring the device can perform robust and resilient secure communications means implementing light-weight mutual authentication mechanisms that provide authenticity of the devices and server, in addition to simply encrypting the communications.

IoT device manufacturers should also avoid using a “Security Through Obscurity” approach or assuming that proprietary and obscure protocols are enough to avoid attention. For example, the Low Power Wide Area Networks (LPWANs) that connect IoT devices are wildly different from the 802.11 WiFi networks that are part of our everyday experience. But the more obscure protocols such as Long Range Wide Area Network (LoRaWAN) that power the communication of IoT devices are still vulnerable to replay and denial of service attacks.

Finding Solutions Amid Uncertainty

With the sensitivity of medical devices to cybersecurity breaches so obvious in uncertain times, how can healthcare providers ensure safety?

One way could be leveraging well-recognized standards like BS EN ISO 14971: 2019 Medical Devices – Application of Risk Management to Medical Devices. Recognized by regulatory authorities globally, this standard guides medical device manufacturers to establish, document and maintain a systematic risk management process across the lifecycle of a medical device.

Use of the standard helps streamline the regulatory processes for entry to selected markets. It’s meant for all parts of the medical device industry, and organizations dealing with the design, development, production, installation or servicing of medical equipment, devices and technology. The standard’s process helps device manufacturers identify the hazards associated with a medical device, estimate and evaluate associated risks and control them, then monitor the effectiveness of the controls.

Another defense can be performing security risk assessments that don’t just focus on patient information as the primary asset to be defended. Instead, healthcare providers should explicitly consider the outcomes, systems and processes for which the information is used. A balance needs to be achieved among safety, security and privacy. Hospitals and healthcare facilities should also consider augmenting their HIPAA compliance with ISO 27799:2016 Health informatics – Information security management in health using ISO/IEC 27002, which provides guidance for a set of controls that can be effectively used for managing health information security. Applied to ISO 27002:2013 Information technology – Security techniques – Code of practice for information security controls , the controls that need to be considered when implementing a system to manage the security of the organization’s information, ISO 27799 speaks particularly to securely managing health informatics.

It’s clear medical device manufacturers, and healthcare organizations implement, or ensure they consistently update, safeguards to reduce the risk of failure or misuse in the event of a cyberattack, especially when telehealth’s use is rising during the pandemic. However, by leveraging industry standards, organizations can help inoculate against cyberthreats from malicious actors and user error alike.

Ultimately, any device in the medical ecosystem can be a stepping stone that a malicious actor can use to gain access to patient data, an in the end, medical devices and IoT systems are just computers. The basics of patching, least privilege, and monitoring still apply.

Certainly the pandemic has lead to an increase of use in technology from holiday shopping to doctor appointments in consideration of social distancing. But what are the security implications? How can a breach in security lead to poor health outcomes for you and your family? Why? Why not?

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today.

Posted on Leave a comment

‘Netflix for solar’: Virginia finalizing rules for solar subscription program

Solar Shidonna Raven Garden and Cook
WRITTEN BY Elizabeth McGowan
December 17, 2020
Source: Energy News

State regulators are expected to release final rules soon for a new shared solar program expected to launch in 2023.

During a summer 2019 visit to his vacation house in New York’s Adirondack Mountains, Scott Surovell clicked on an ad for community solar. He signed up in five minutes. Soon after, he learned that tapping into an off-property array would about cover his entire electric bill.

“We need this in Virginia yesterday,” the Democratic state senator who represents a district near Washington, D.C. noted in a social media post that autumn. Then, he set about deploying his legislative chops to create a bill heavy on accessibility and equity.

Fast forward to today. Virginia utility regulators are on the verge of releasing their final version of a shared solar program outlined in a bill Surovell shepherded through the General Assembly earlier this year. 

The State Corporation Commission published its proposed regulations on Sept. 21. The deadline for the release of the final rules is Jan. 1.

In a nutshell, Senate Bill 629 calls for establishing a program allowing customers in Dominion Energy territory to buy solar power via subscription from a shared power facility owned by a third-party entity. It’s identical to HB 1634.

Initially, the program will be capped at 150 megawatts. Both solar and environmental justice advocates are lauding a measure requiring that at least 30% of the enrolled customers qualify as low-income. If that subscriber bar is met, the program could add 50 more megawatts.

No single project can be larger than 5 MW. That is likely a model for a series of small-scale distributed generation projects starting at roughly 1 MW and rolled out in increments.

Rachel Smucker said the new regulation — set to debut in 2023 — opens an opportunity for Virginia to lead on delivering solar to low-income communities.

She is the Virginia policy and development manager for the solar trade association that also serves Maryland, Delaware and the District of Columbia. Her group recently changed its name to the Chesapeake Solar & Storage Association.

“I think there’s a lot of interest from the industry to dig into this program,” Smucker said. “They have even said the 150-megawatt cap is too small. Solar developers are interested in taking the shackles off of the program on the capacity side. The onus is on all of us to make sure we get this set up right.”

Surovell, in his second Senate term serving Fairfax, Prince William and Stafford counties, discussed SB 629 as a panelist at Solar Focus, the association’s virtual conference in mid-November.

The idea of growing solar gardens in his home state had intrigued him since 2010 when, as a newly elected House delegate, he learned about such endeavors in Colorado. In a July letter to the State Corporation Commission, he said his legislation would enable people and businesses to purchase solar power and net the energy against their home meters.

Access to non-rooftop solar, he wrote, was especially crucial to people in neighborhoods with heavy tree cover, those subject to homeowner association restrictions and residents in apartments or condominiums.

In that same letter, he emphasized ensuring that shared solar didn’t solely benefit the wealthy.

“Creating a program that is easy for low and moderate income consumers to participate [in] will be essential to the success of this initial phase,” he wrote. “The legislation was intended to provide equal and equitable access to renewable energy and critical cost savings to Virginia consumers who have faced barriers to accessing the green economy.”

Del. Lashrecse Aird, D-Petersburg, sat on the same Solar Focus digital panel with Surovell. Last year, she spearheaded separate legislation (HB2741) designed to expand solar access to those with fewer resources. It called for the creation of a Clean Energy Advisory Board, tasked with setting up a solar financing platform for households with low to moderate incomes.

“Ultimately, this is about people,” Aird said about the crux of Surovell’s legislation. “What’s critical to me is pushing regulators to get this right.”

Advocates: ‘Like Netflix for solar’

Democratic Gov. Ralph Northam revised SB 629 to define low-income customers as households whose income is no more than 80% of the median income in that particular locality. Some advocates have suggested that figure be adjusted to take into account Virginia’s broad economic differences as well as differences in housing types.

Setting income limits matters, Smucker said, but it’s equally crucial that regulators figure out how to connect poorer households to solar gardens. That requires linking with existing affordable housing programs and having continued conversations with community leaders via a stakeholder working group.

“This should be like Netflix for solar,” she said about ease of enrollment. “We want to maximize its reach to communities that could really benefit.”

Ideally, she explained, that means that households would have multiple pathways to verify their income, would be able to register online and wouldn’t be penalized for unsubscribing.

Advocates also want the State Corporation Commission to revisit two other parts of the regulation commissioners rolled out in draft form. One is the annual reset of the minimum charge solar customers would be required to pay and the other is how customers will be credited on their monthly bills for the solar energy they use. 

During the legislative session, some lawmakers threatened to withdraw support from Surovell’s measure unless he included a minimum bill charge to cover the cost of serving customers and administering the program.

“The minimum bill was a sore point,” Surovell told Solar Focus attendees about claims that solar customers are unfairly exempt from basic utility infrastructure and upkeep costs.

“They claim there’s a cost shift that happens and non-solar customers bear more of that burden than solar customers,” Smucker said. “But we haven’t seen any data for that claim, so we don’t subscribe to that notion.”

However, because the requirement is built into the legislation, she said a charge of $8 to $10 would be reasonable.

“The [State Corporation Commission] makes the final ruling,” she said. “But if it’s $40, that’s restrictive and you won’t find subscribers. Investor interest won’t be there if it’s astronomically high and that will quickly erode the potential of the program.”

The state Department of Mines, Minerals and Energy didn’t counter that argument. It classified as “inappropriate” any infrastructure fee because “there will be no change in the infrastructure required to service the customer’s location.”

The department “recommends that the operational reality of the shared solar program is reflected in the regulations to prevent inappropriate costs from being included in the minimum bill,” the agency wrote in Nov. 2 testimony submitted to the commission. “The lack of detail on the content of the minimum bill combined with the intention to hold an annual proceeding wherein the amount of the minimum bill could be altered could create uncertainty for developers and consumers.”

In addition, the department joined solar advocates in prodding utility regulators to remove restrictions on bill credits for shared solar customers.

Appalachian Voices and the Southern Environmental Law Center called for customers to be permitted to roll over their bill credit, month to month, as long as the bill credits don’t exceed a customer’s average annual bill.

All backers of the shared solar program are hopeful that preliminary groundwork can begin next year so the program is ready to launch by 2023.

“Interconnection can take up to a year in Virginia and permitting can also take a long time,” Smucker said. “That’s why we’ve been pushing for projects to be allowed to attract customers to the program in 2021.” 

Other community solar program fizzled out earlier 

Industry veteran Myles Burnsed of Charlottesville said in an interview that his company, EDF Renewables Distributed Solutions, is interested in the prospect of developing, owning and operating the third-party projects envisioned in Surovell’s law. EDF would likely connect with a separate company to manage and subscribe customers. 

Burnsed, vice president of strategic development, said he’s watched similar solar programs launch in other states with varied levels of success. Like others in the industry, he noted that it can take years to smooth the kinks and unexpected challenges that arise.  

“It will be challenging, but it will attract people,” he said, adding that eventually quadrupling the size of the Virginia program to 600 MW would generate “a lot more interest and competition.”

EDF, an international company with a three-decade presence in North America, is already partnering with a Virginia rural electric cooperative to develop a 3.1 MW community solar project in Shenandoah County. That’s enough energy to power 570 homes annually.

Plans call for breaking ground for the array on 32 acres of farmland early next year and signing up customers by year’s end.

“We’re still super early on in the process,” said Morgan Messer, spokesperson for Shenandoah Valley Electric Cooperative, a distributor for Old Dominion Electric Cooperative. “This is still a pilot, so what the subscription process looks like we don’t know yet. We haven’t yet outlined any of the qualifications.”

Other co-ops in the state also have succeeded with community solar projects — unlike Virginia’s investor-owned utilities. A program the legislature rolled out several years ago geared for customers at Dominion and Appalachian Power never gained a foothold. It required utilities, not third parties, to own the solar projects.

“On that first go-round, there weren’t any projects,” Burnsed said. “It seems to have fizzled out.”

Senior attorney Will Cleveland, who specializes in utility issues for the Southern Environmental Law Center, wants to avoid a repeat of that debacle. 

“Presumably, [shared solar] will work better than the thing that never happened at all,” Cleveland said. “Before, neither utility ever rolled out a program. By that measure, it was a complete failure.”

<a href="https://energynews.us/author/emcgowan/">ELIZABETH MCGOWAN</a>
ELIZABETH MCGOWAN

Elizabeth is a longtime energy and environment reporter who has worked for InsideClimate News, Energy Intelligence and Crain Communications. Her groundbreaking dispatches for InsideClimate News from Kalamazoo, Michigan, “The Dilbit Disaster: Inside the Biggest Oil Spill You Never Heard Of” won a Pulitzer Prize for National Reporting in 2013. Elizabeth covers the state of Virginia. Her book, “Outpedaling ‘The Big C’: My Healing Cycle Across America” will be published by Bancroft Press in September 2020.

Posted on Leave a comment

Climate crisis: 2020 was joint hottest year ever recorded

Global heating continued unabated despite Covid lockdowns, with record Arctic wildfires and Atlantic tropical storms

Damian Carrington Environment editor @dpcarrington
Source: The Guardian
Fri 8 Jan 2021 02.00 ESTLast modified on Sun 10 Jan 2021 04.42 EST

Map showing land surface temperature anomalies from 19 March to 20 June 2020
 The Arctic and northern Siberia saw particularly extreme average temperatures in 2020, with a large region 3C higher than the long-term average. Photograph: Nasa/EPA
Shidonna Raven Garden and Cook

The climate crisis continued unabated in 2020, with the joint highest global temperatures on record, alarming heat and record wildfires in the Arctic, and a record 29 tropical storms in the Atlantic.

Despite a 7% fall in fossil fuel burning due to coronavirus lockdowns, heat-trapping carbon dioxide continued to build up in the atmosphere, also setting a new record. The average surface temperature across the planet in 2020 was 1.25C higher than in the pre-industrial period of 1850-1900, dangerously close to the 1.5C target set by the world’s nations to avoid the worst impacts.

Only 2016 matched the heat in 2020, but that year saw a natural El Niño climate event which boosts temperatures. Without that it is likely 2020 would have been the outright hottest year. Scientists have warned that without urgent action the future for many millions of people “looks black”.

The temperature data released by the European Union’s Copernicus Climate Change Service (C3S) showed that the past six years have been the hottest six on record. They also showed that Europe saw its hottest year on record, 1.6C above the long-term average, with a searing heatwave hitting western Europe in late July and early August.

The Arctic and northern Siberia saw particularly extreme average temperatures in 2020, with a large region 3C higher than the long-term average and some locations more than 6C higher. This resulted in extensive wildfires, with a record 244m tonnes of CO2 released within the Arctic Circle. Arctic sea ice was also significantly lower, with July and October seeing the smallest extent on record for those months.

“[The year] 2020 stands out for its exceptional warmth in the Arctic,” said Carlo Buontempo, director of C3S. “It is no surprise that the last decade was the warmest on record, and is yet another reminder of the urgency of ambitious emissions reductions to prevent adverse climate impacts.”

“The extraordinary climate events of 2020 show us we have no time to lose,” said Matthias Petschke, at the European commission. “It will be difficult, but the cost of inaction is too great.”

Satellite view of tropical storms in the Atlantic
 A record 29 tropical storms formed in the Atlantic Ocean in 2020. Photograph: AP
Shidonna Raven Garden and Cook

“Despite the absence of the cyclical boost of El Niño to global temperatures [we are] getting dangerously close to the 1.5C limit,” said Prof Dave Reay, at the University of Edinburgh. “Covid lockdowns around the world may have caused a slight dip in emissions, but the CO2 accumulating in the atmosphere is still going up fast. Unless the global economic recovery from the nightmares of 2020 is a green one, the future of many millions of people around the world looks black indeed.”

The level of CO2 in the atmosphere reached a new record in 2020, with the cut in emissions due to Covid lockdowns described as a “tiny blip” by the UN’s World Meteorological Organisation. Vincent-Henri Peuch, director of the Copernicus Atmosphere Monitoring Service, said: “Until the net global emissions reduce to zero, CO2 will continue to accumulate in the atmosphere and drive further climate change.”

The UK Met Office issued a forecast on Friday that CO2 levels will pass a new milestone in 2021 – being 50% higher than before the Industrial Revolution. Its scientists said CO2 will exceed 417 parts per million (ppm) for several weeks from April to June, which is 50% higher than the 278 ppm in the late 18th century when industrial activity began.

This is despite the expectation that weather conditions brought by the counterpart of El Niño, La Niña, will see higher natural growth in tropical forests that will soak up some of humanity’s emissions.

“The human-caused buildup of CO2 in the atmosphere is accelerating,” said Prof Richard Betts at the Met Office. “It took over 200 years for levels to increase by 25%, but now just over 30 years later we are approaching a 50% increase. Global emissions will need to be brought down to net zero within about the next 30 years if global warming is to be limited to 1.5C.”

Do you recycle? Do you bike? How can you help the environment where you are and in the Hampton Road, Virginia area – – click above?

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today.

Posted on Leave a comment

Hospitals are leaving millions of sensitive medical images exposed online

Source: ZD Net

Cybersecurity researchers discover millions of medical files and associated personal data left discoverable on the open web due to being stored insecurely.

Danny Palmer
Source: ZD Net
Shidonna Raven Garden and Cook

By Danny Palmer | December 15, 2020 — 13:09 GMT (05:09 PST) | Topic: Security

Hacking healthcare: Why connected medical devices and hospitals are such a tempting target for cyber criminals WATCH NOW

More than 45 million medical images – including X-rays, MRI and CT scans, as well as accompanying data that could identify the people in those images – are exposed online on unsecured servers and storage devices.

The exposed medical data leaking from hospitals and medical centres around the world has been discovered by cybersecurity company CybelAngel over the course of a six-month long investigation into medical device security, which also found that outsiders could easily access sensitive medical data.

MORE ON PRIVACY

Cyber criminals who gain access to sensitive medical information could exploit it by selling it on the dark web, blackmailing identifiable individuals, or even potentially using the exposed servers as means of delivering ransomware to hospital networks.

Many medical devices are vulnerable to cyberattacks or exposing data because the technology is often outdated, and healthcare IT and security budgets are stretched.

The researchers were able to uncover more than 45 million unique cases of Digital Imaging and Communications in Medicine (DICOM) files being accessible without the need for hacking tools or even a password, but simply left visible to the open web

“The 45 million files are on unprotected servers. What we found was all this data was exposed for anyone,” David Sygula, senior cybersecurity analyst at CybelAngel, told ZDNet.

Experience the Freedom of Backup as a Service

Simplify your data protection, ensure recovery, and defend against ransomware with a modern, hyperscale solution. Cohesity DataProtect, delivered as a service, gives you the freedom to focus on managing your data, not your infrastructure. Set up in min…Downloads provided by Cohesity

In some cases identified by researchers, insecure network attached storage (NAS) was the reason for sensitive files potentially being able to be accessed. The use of FTP or SMB protocols and unpatched security flaws could provide outsiders with access to the machines and the data stored within.

Other cases involved servers and storage being attached to other network devices in order to meet a functional need, such as printing files, but the way they’d been set up meant they’ve become backdoors into networks.

“Let’s say you have a NAS and you need to share a printer, it creates guest access to the printer and all your security falls apart because when the printer accesses your NAS, it leaves the door open,” Sygula explained.

CybelAngel identified malicious scripts, including cryptocurrency miners, on a number of the servers examined, suggesting that the researchers weren’t the first to identify and access the unsecured devices.

Snooping on sensitive medical information like X-Rays and scans is intrusive enough, but it’s also possible that malicious hackers who gain access to this are also able to identify patients via metadata stored in images, which could even include the physician’s name, the medical centre, the body part photographed, and the patient’s name, or date of birth. All of this information could potentially be exploited for fraud and other malicious purposes.

“If these documents were also accessed by cyber criminals, they could have been sold on the dark web,” Sygula explained.

Researchers identified servers around the world that are leaking data, although with hundreds of them out there, it hasn’t been possible for them to contact every health institution to let them know – which is why all of the statistics around this research have been released anonymously. But all healthcare providers should regard this as a warning to check the security of their networks and storage.

“This is a concerning discovery and proves that more stringent security processes must be put in place to protect how sensitive medical data is shared and stored by healthcare professionals. A balance between security and accessibility is imperative to prevent leaks from becoming a major data breach,” said Sygula.

In order to avoid data being exposed, it’s recommended that networks are properly segmented so critical diagnostic equipment such as X-Ray machines and supporting systems aren’t connected to the wider business or public-facing networks, so they can’t be accessed directly from outside.

In recent history we have seen many breaches of our data in ways we did not expect. Whether voluntary or not, the Facebook and Cambridge Analytica Scandal is one of the most recent of such scandals. Is it okay that this industry remains unregulated with regard to the easy access of you and your families data? What would you like to see happen? Why? Why not? Should you know how your data is shared in clear non legal terminology?

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today.

Posted on Leave a comment

WikiLeaks Founder Julian Assange Denied Bail By London Court

Robert Hart
Forbes Staff
Source: Forbes Business

TOPLINE

Julian Assange has been refused bail by a British judge just two days after she had blocked his extradition to the United States, where he faces charges of espionage and hacking — the judge said Assange “still has an incentive to abscond from these, as yet unresolved, proceedings” and that there is reason to believe he may not surrender to court to face further proceedings if summoned. 

BRITAIN-US-ECUADOR-AUSTRALIA-DIPLOMACY-COURT-ASSANGE
WikiLeaks founder Julian Assange was denied bail in London Wednesday. AFP VIA GETTY IMAGES
Shidonna Raven Garden and Cook

KEY FACTS

Judge Vanessa Baraitser, who blocked Assange’s extradition to the U.S. Monday on account of his mental health and likelihood of attempting suicide if held in an American prison, told London’s Westminster Magistrates Court that the U.S. had a right to challenge her decision. 

“If Mr Assange absconds during this process then they will have lost the opportunity to do so,” Baraitser said, pointing to his history of “attempts to evade extradition to the United States” in the past, which has included a seven-year stint in Ecuador’s London embassy, where he sought asylum.

Clair Dobbin, a lawyer representing the U.S., said the court “should be under no doubt about his resources to abscond,” pointing to an offer of political asylum from Mexico following the extradition hearing Monday and Assange’s previous failure to comply with bail conditions. 

“This court should be under no illusion either as to the readiness of other states to offer Mr Assange protection,” Dobbin said, adding that the extradition request had been denied solely on the grounds of his mental health.  

Assange’s lawyer and partner both called on the court to release Assange, who has been held in the high-security Belmarsh prison for over a year awaiting the extradition hearing. 

KEY BACKGROUND

Assange is wanted in the U.S. for his role in releasing a huge trove of confidential and sensitive information in 2010, one of the largest leaks in U.S. history, including hundreds of thousands of secret military documents relating to Afghanistan and Iraq and many diplomatic cables. He faces 18 charges of espionage and hacking, including allegations he worked with whistleblower Chelsea Manning. Assange and his lawyers argue that the U.S.’ action against is politically motivated as WikiLeaks published U.S. government documents revealing evidence of war crimes and human rights abuses. The public speech figurehead has been trapped in the U.K. for nearly ten years. In 2011, a court ordered his extradition to Sweden to face allegations of rape, a ruling upheld by the U.K.’s Supreme Court in 2012. However, authorities were unable to extradite Assange as he had taken refuge in Ecuador’s London embassy. Eventually, relations between Assange and Ecuador’s leadership soured, and he was evicted from the embassy in 2019 by British authorities who took him into custody. There he awaited Monday’s extradition hearing, where Baraitser blocked the American request. Though she said Assange’s conduct went beyond that of a journalist, she could not sanction his extradition on health grounds. Baraitser expressed concern about the toll imprisonment in the U.S. would take on Assange’s mental health, believing he would be at risk of suicide if held in a U.S. prison. 

CRUCIAL QUOTE

“As far as Mr Assange is concerned this case has not yet been won … the outcome of this appeal is not yet known,” Baraitser said.

WHAT TO WATCH FOR

The U.S. is appealing the extradition block, with Dobbin stressing that it had been denied  only on grounds of mental health. “It is a decision that hangs on a single thread,” she said. WikiLeaks has said it intends to appeal the bail refusal.

BIG NUMBER

175. If convicted, this is how many years Assange potentially faces in jail in the U.S..

I am a London-based reporter for Forbes covering breaking news. Previously, I have worked as a reporter for a specialist legal publication covering big data and as a freelance journalist and policy analyst covering science, tech and health. I have a master’s degree in Biological Natural Sciences and a master’s degree in the History and Philosophy of Science from the University of Cambridge. Follow me on Twitter @theroberthart or email me at rhart@forbes.com 

Data leaks can have a profound effect on a country and consequently the world. Or a data leak can have a profound impact on you though the leaking of health care records or your data posted on social media platforms such as Facebook, who recently opened a neurological center focused on studying marketing. Many have called for the regulation of the industries involved in such links as well as the breaking up of large technology companies such as Facebook and Google? What would you like to see happen? Why? Why not? Should these industries be regulated? Why? Why not?

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today.

Posted on Leave a comment

Doctor accused of sexual abuse receives prison sentence for fraud

Shidonna Raven Garden and Cook

Source: Tremont, Sheldon, Robinson, Mahoney

A doctor, who was accused of alleged sexual abuse by multiple women, was recently sentenced to prison for fraud.

Recently, a doctor accused of abusing many of his patients received a nine-year prison sentence for fraud and the requirement to pay $2.7 million in restitution. Although the doctor was charged with fraud at the most recent sentencing, the trial for charges brought against the doctor for criminal sexual assault are still pending.

An investigation revealed that as early as 2009, the police received reports for the doctor’s alleged sexual misconduct from 20 women. However, charges were not brought against the doctor until 2015. Many more women came forward and reported alleged abuse after learning the doctor was being charged for Medicare fraud in federal court starting in 2014. Although federal authorities were allowed to bring up sexual abuse claims in the doctor’s fraud trial, he will be tried separately for these charges.

Why doctors continue to exploit patients

Although this doctor’s case may seem significant, it is not abnormal for doctors to sexually abuse their patients and cause them undue harm. Many doctors continue to do so because some victims are intimidated, embarrassed or confused by what occurred so they say nothing. Some patients also believe that their word may not mean as much compared to a doctor’s.

In other cases, accusations of sexual abuse are brushed off by healthcare organizations or hospitals. Rather than notifying the police or licensing agencies, the accused doctor is quietly removed from his or her position.

The scope of the problem

As of present, not enough accurate data exists to determine just how widespread patient sexual abuse is. However, a year ago, the Atlanta Journal-Constitution launched an investigation in Georgia and discovered that two-thirds of doctors in the state were allowed to continue practicing after being disciplined for sexual misconduct.

After launching an additional investigation that involved uncovering documentation and tracking certain cases thoroughly, the AJC discovered that physician sexual misconduct is tolerated to some degree in every state in the U.S. During this investigation, over 100,000 disciplinary documents were analyzed to find cases where sexual misconduct by a physician could have occurred. In these cases, offenses ranged from bargaining drugs for sex to lewd comments spoken during exams.

Reach out to an attorney

Would you recognize sexual abuse if you saw it? What would it look like? What should you do?

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today.

Posted on Leave a comment

NY doctor charged in serial sexual assaults on patients

A former New York gynecologist accused of sexually abusing dozens of patients, including the wife of former presidential candidate Andrew Yang, now faces federal charges

By LARRY NEUMEISTER and JIM MUSTIAN
Source: Associated Press / ABC News
September 9, 2020, 8:04 PM

NOTIFIED: Jan. 8, 2021
Source: Associated Press / ABC News
Shidonna Raven Garden and Cook

NOTIFIED: Jan. 8, 2021

NEW YORK — A former New York gynecologist accused of sexually abusing dozens of patients, including the wife of former Democratic presidential candidate Andrew Yang, was charged Wednesday with attacking girls and women for nearly two decades using the cover of medical examinations.

Prosecutors described the doctor, Robert A. Hadden, 62, as a “predator in a white coat,” accusing him of singling out young and unsuspecting victims, including a young girl he’d delivered at birth.

The federal charges will be the second time Hadden is prosecuted over alleged abuse of patients. He surrendered his medical license in a 2016 plea deal with Manhattan District Attorney Cyrus R. Vance Jr. that didn’t require him to serve any jail time.

Outrage over that light punishment built as the #MeToo movement gained momentum and more women told their stories publicly, including Evelyn Yang, who earlier this year told CNN that Hadden assaulted her in 2012, including when she was seven months pregnant.

Hadden was arrested at his home in Englewood, New Jersey, a community 10 miles outside Manhattan.

He pleaded not guilty at a court hearing Wednesday evening to six counts of inducing others to travel to engage in illegal sex acts and was ordered released on $1 million bail over the objections of a prosecutor who said he should be held as a threat to flee.

Isabelle Kirshner, Hadden’s attorney, declined comment.

One of the women who says she was abused by Hadden spoke at the hearing, and unsuccessfully urged the judge to hold him pending trial.

“I don’t think he deserves any opportunity to prevent justice in whatever means he could potentially do that,” Jessica Chambers said. “He has injured many, many, many women and he has to be held accountable for that.”

The Associated Press generally withholds the names of sexual abuse victims from stories unless they have decided to tell their stories publicly, which Chambers and Evelyn Yang have done.

Wednesday’s charges represented the second recent instance when federal prosecutors in Manhattan sought to revive a concluded sex abuse prosecution criticized as lenient. Financier Jeffrey Epstein faced federal sex trafficking charges last year after a Florida state prosecution and accompanying federal non-prosecution agreement was criticized as lax. He then killed himself in a federal jail.

Audrey Strauss, the acting U.S. attorney in Manhattan, said Hadden, had “inappropriately touched, squeezed and even licked his victims” and subjected a young girl he’d delivered as a baby “to the same sort of sexual abuse he inflicted on his adult victims.”

“He used the cover of conducting medical examinations to engage in sexual abuse that he passed off as normal and medically necessary,” Strauss said. “His conduct was neither normal nor medically necessary.”

The indictment said Hadden sexually abused dozens of patients, including multiple minors, at his medical offices and Manhattan hospitals from 1993 through at least 2012 while he worked as a medical doctor at Columbia University and at New York Presbyterian Hospital.

The indictment detailed what it described as the abuse of one minor female and five adult women who traveled from out of state to see Hadden. It said Hadden invited his victims to meet with him alone in his office, where he frequently raised “inappropriate and irrelevant sexual topics” and asked women questions about their own sexual activities.

Strauss and William F. Sweeney Jr., the head of New York’s FBI office, urged victims who had not reported their abuse to call the FBI.

Sweeney called the alleged crimes “just outrageous” and said Hadden manipulated dozens of women including several minors who had “no understanding of what to expect, what was normal and what was not.”

After Hadden’s arrest, Andrew Yang tweeted: “So proud of @EvelynYang – this guy belongs behind bars. Thank you to everyone who supported her.”

Previously, Evelyn Yang had called Hadden’s earlier punishment under the state plea deal, under which he admitted to forcible touching and one count of a criminal sex act, a “slap on the wrist.”

Hadden faces a civil lawsuit brought by more than two dozen accusers who say he groped and molested them.

Danny Frost, a spokesman for Vance, said state prosecutors provided “substantial assistance” leading to federal indictment. The Manhattan District Attorney’s Office is still conducting its own “intensely active” investigation into “potential failures by Dr. Hadden’s employer and hospital to disclose additional incidents of abuse to our office and to regulators when required.”

Marissa Hoechstetter, another Hadden accuser, has said Vance’s office misled her about the statute of limitations in Hadden’s case and was already negotiating the plea deal when she was still talking to prosecutors about testifying at a potential trial.

The federal indictment Wednesday “only puts into high relief the betrayal I and his other victims experienced by the Manhattan DA,” she said.

“I hope that through the course of this, the world will finally see the full extent of Hadden’s decades of sexual abuse and the institutional cowardice that protected and enabled him for so long,” Hoechstetter said in a statement to The Associated Press. “He and his enablers must be held accountable if we are to make change in a system that harms those it is meant to protect.”

Vance has defended his office’s handling of the case, saying his “career prosecutors do not shrink from the challenge of prosecuting powerful men.”

“Because a conviction is never a guaranteed outcome in a criminal trial, our primary concern was holding him accountable and making sure he could never do this again – which is why we insisted on a felony conviction and permanent surrender of his medical license,” Vance said in a statement.

———

Associated Press Writer Tom Hays contributed to this story.

Would you recognize health care fraud if you see it? How can health care fraud lead to sexual assault? What would you like to see happen to the people who use the mask of health care to commit sexual assault? How can new technologies in neuroscience involve those who sexual assault? How can they use these new technologies to assault? Do these doctors get informed consent? Are you apart of a neurological experiment and don’t even know it? What roles do social media platforms like Facebook play in these new technologies. Many have reported being apart of medical experiments without being made aware: the Tuskegee men for example. Facebook has opened a neuroscience center focused on marketing.

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today.

Posted on Leave a comment

Why Elon Musk’s pigs are a legal headache

Elon Musk (credit: Duncan.Hull via Wikimedia Commons) and Gertrude
Source: Legal Cheek
Shidonna Raven Garden and Cook
William Holmes, Legal Cheeck
Shidonna Raven Garden and Cook

By William Holmes
on Dec 16 2020 9:18am
Source: Legal Cheek

Bristol University student and future trainee William Holmes explores the challenges ahead for brain-computer interface (BCI) systems

Elon Musk’s pig, Gertrude, looks like any other pig. But the coin-sized chip Musk’s company Neuralink have placed in Gertrude’s brain makes her a key part of a ground-breaking experiment to discover if technology can enable us to do things with thoughts.

The chip is a brain-computer interface (BCI) which picks up neural activity. Musk hopes to decode this neural activity so that it can be understood as instructions for a computer, allowing BCI users to control a computer with their minds. In other words, BCIs can transform a thought into an act.

For many who have lost certain bodily functions, BCI technology is a scientific miracle. The technology has the potential to treat neurological conditions like dementia or Parkinson’s, restore paralysed individual’s ability to control their bodies and even allow the blind to see again. But for prosecutors, judges and policy makers, BCIs are a troubling legal headache.

Proving criminal responsibility for most crimes requires the prosecution to prove both a defendant’s criminal act (actus reus) and intention (mens rea). So, how would this work for a defendant who used a BCI to commit a crime? An act is defined in most legal systems as “a bodily movement” (the quote here is from the US Model Penal Code). But a crime committed using a BCI involves no bodily movement. Nevertheless, if we take a neuroscientific approach, this is not an insurmountable obstacle for a prosecutor.

The chain of causation for a BCI user is as follows. First, the BCI user imagines an act that they want the computer to perform (I shall refer to this as a “mental act”). Second, neural activity is triggered by the mental act that is input for the BCI. Finally, the BCI interprets this neural activity and performs the act. Just as a finger pulls the trigger on a gun, neural activity triggers the BCI. Therefore, the neurons that fire and produce measurable neural activity could plausibly be considered the actus reus in cases involving the use of BCI technology. So, it appears that a legal loophole in prosecuting disembodied acts can be avoided. But at a price.

By finding actus reus in the activity of a defendant’s neurons, we have been forced to expand the law into the mental sphere. This is a sphere which, in keeping with the Roman law maxim that “nobody shall be punished for thoughts” (cogitationis poenam nemo patitur), is not regulated by the law. In the UK, this doctrine is a right enshrined in article 9 of the Human Rights Act 1998. Given the repercussions for our freedom of thought, is it acceptable to regulate BCIs? If not, can legal systems that only regulate outward behaviour properly maintain the rule of law in BCI cases?

The middle ground between a BCI Wild West and criminalising thoughts is granting BCI users the ability to waive their right to freedom of thought. For those that this technology offers the most, for example tetraplegics, this may well be a right they are happy to waive. Should an individual be allowed to take such a decision? Legislators would have to step in to clarify who can use BCIs and judges would have to recognise implied consent from BCI users to waive this right to freedom of thought.

When deciding this, we must not ignore how significant this expansion of government regulation would be. For the first time, certain thoughts or mental acts would be outlawed. As a result, law-abiding BCI users will be forced to think before they think, regulating themselves in an unprecedented way. This is the immediate ‘legal headache’: BCIs force us to consider the merits of breaking a human right that is fundamental to democratic society and individual liberty in order to avoid criminal loopholes.

There is, however, a second long-term ‘legal headache’. Using the brain’s neurons to establish responsibility forces us to reconsider how we determine responsibility more broadly. How we attribute responsibility is (and has always been) a social decision. In some societies in the past, if an act was compelled or inspired by a divine force, then the law did not deem the individual responsible. In societies where an artist considered the muses responsible for their work, an acceptable waiver of responsibility was the excuse that “God made me do it”.

Today, we consider acting people to be responsible. But this could change in the future, especially if BCIs help to promote neuroscience to the forefront of the legal system. A recent example that highlights the influence of neuroscience on policy is Holland’s adolescent criminal law that came into force in 2014. This law allows those aged between 16 and 22 to be tried as an adult or as a juvenile at the court’s discretion. The underlying rationale is based on neuroscience: Holland’s new system hopes to take into consideration the mental development of defendants when sentencing them. This represents a social shift that sees the brain as the responsible agent.

This shift, which was famously critiqued as “brain overclaim syndrome” by Stephen J. Morse, could have some troubling consequences. The data recorded by BCIs (especially from the amygdala which regulates emotion) offers temptingly persuasive evidence for a defendant’s mens rea and mental state. The question for judges is whether this data is admissible evidence.

A neurocentric legal culture would encourage a judge to admit such evidence. If admissible, a high level of cross-examination is vital to ensure that there is clarity around neuroscience’s technical and interpretive limits. For example, there is evidence that factors like parenting and socio-economic status change the way the amygdala and prefrontal cortex function. The fact that neuroscientific technology is overwhelmingly tested on students from Western Educated Industrialised Rich and Democratic (WEIRD) population means that there is a possible bias in interpreting neuroscientific information. Unquestioned, these limitations allow lawyers to cast uncertain aspersions based on competing expert testimony which could lead juries to jump to false conclusions.

Furthermore, if the brain is considered responsible for criminality, then a reform of the penal system is implicit. The chances of recidivism and the methods with which guilty prisoners are treated — be it regenerative or punitive — would no longer be based on human nature and character. Instead, neuroscience would nuance our understanding of criminality and how to treat it. And the result might not be dissimilar to the Ludovico Technique, a type of psychological treatment that Antony Burgess portrays in his dystopian novel A Clockwork Orange.

Gertrude the pig is just the start of a technology that could rewire the legal norms of responsibility and radically change the legal concept of action. In light of this, policy makers and judges must prepare the criminal justice system for advent of BCIs. There is currently no regulation that is specific to BCI technology in the UK, as the British government acknowledged in a report published in January 2020. That is because the technology is still being developed and there are no clear solutions yet. But one thing is for sure: Elon Musk’s pigs promise to be a complex legal headache for scholars, lawyers, judges and legislators for decades to come.

William Holmes is a penultimate year student at the University of Bristol studying French, Spanish and Italian. He has a training contract offer with a magic circle law firm.

BCI is cutting edge and so are the criminals who use it to commit crimes. The health care industry is not stranger to crime such as sexual assault, fraud and stalking all in the name of health and science. How do parents protect their children from criminals? How does society protect women? How do you protect intellectual rights? How do you prevent hacking? Will humanity always prevail or how can this technology be used to put technology over people in the hands of criminals?

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today.

Posted on Leave a comment

Securing medical devices: Can a hacker break your heart?

Why are connected medical devices vulnerable to attack and how likely are they to get hacked? Here are five digital chinks in the armor.

Cameron Camp

Cameron Camp

Source: We Live Security

There’s virtually no realm in healthcare today that isn’t adopting more technology. From real-time wireless access to your own health parameters through smart watches and wearables to implanted devices inside your body, technology is coming. But can we secure it all?

Several years ago at Black Hat, we saw an insulin pump being hacked. And whether the lion’s share of software on that device was off the shelf, regulators say that the integrator is responsible for security up and down the stack, including the underlying operating system (OS), even if it that OS has a good security track record. In other words: Device manufacturers bear the responsibility, no matter what technology they use.

While that casts the burden of security on the manufacturer, it also steeply increases the cost and complexity of bringing a device to market. As a result, while market pressures lean on companies to produce devices quickly, the road ahead looks rocky and expensive. Also, it can unknowingly put patients on the defense.

And what about patches, who’s responsible for those? According to the FDA, the manufacturer does that too. With some medical devices expected to be around for many years, that’s a long time to pay to support gear in the field.

What makes the devices vulnerable and how likely are they to get hacked? As this week’s theme of Cybersecurity Awareness Month focuses on the security of internet-connected devices in healthcare, here are five digital chinks in the armor:

  • Bluetooth

Many medical devices integrate monitoring and interaction via Bluetooth, which has a long history of vulnerabilities. And while there may be patches, it’s hard to determine the real adoption rate and timeline in the field. Meanwhile, if your blood sugar measurement gets spoofed, you could be in real physical danger if you try to adjust blood glucose levels based on false readings.

  • Windows

Many hospitals have management computers for their medical equipment which run on older, unsupported Windows versions due to lagging updates from the manufacturer that did the integration. A manufacturer can’t simply push the latest Windows patch before extensive testing on their units to see integration issues, so patch vetting can be tricky. Would-be attackers have the advantage here, since ell-known exploits can be deployed as soon as they come to light, and long before the manufacturer can react.

  • Cloud

Many implanted devices “phone home” to medical clinicians through cloud connectivity to facilitate health status updates and trigger events where patients may need to seek attention. As we saw this year at Black Hat and DEF CON, cloud security can be less than stellar. It’s unlikely the patient would have a way to know about potential vulnerabilities, but attackers are quick to seize on known exploits, pumping them through their attack frameworks quite rapidly. In some cases, patients have opted out of external communications with their pacemakers citing hacking fears, but cloud adoption for implanted devices has strong tailwinds pushing further adoption.

  • Ethernet

Many medical devices plug into medical TCP/IP networks via Ethernet, but it would be very difficult for many clinicians and patients to notice a network tap placed inline with existing connections. By exfiltrating data across wireless links embedded in such a tap, attackers could snoop traffic and craft exploits. This way, attackers only need one-time physical access, and don’t necessarily have to return to retrieve the device if it’s deemed dangerous, due to their low cost.

  • Wireless keyboards

Keyloggers have been standard fare for logging keystrokes from wireless keyboards for some time now, posing as fake USB chargers plugged into outlets, while simultaneously snooping for signals and exfiltrating them across industrial 4G wireless cards. This allows the capture of sensitive data like typed passwords, but can also allow attackers to attempt to download and install remote backdoor exploits by bypassing warning prompts from security products.

In closing

The medical field has been on its heels – security wise – for years. And while it may be making important strides, many medical devices have been performing fine all those years, lessening the perceived need to act. It will be a challenge to “modernize the fleet” for some years to come. Even so, medical folk have started to lean into the process and get the technical chops on staff to start moving the needle. Meanwhile, it might be wise to get to know any vulnerabilities that might affect your medical devices, especially if they are critically involved in your health care, as so many are.
Cameron Camp

The medical device industry is in full swing lacking much needed regulations and testing. Should regulation be proactive or reactive? What are the consequences of reactive regulations? Could this approach lead to unnecessary death?

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today.