RESOLUTION SDC 131

FORUM: SUSTAINABLE DEVELOPMENT COMMITTEE

QUESTION OF: Measures to develop digital tools in health and education

SUBMITTED BY: Cambodia

CO-SUBMITTERS:Australia, Mozambique, United States of America, Tunisia, Saudi Arabia, Nicaragua, Cambodia, Thailand, Republic of Korea, China, Kuwait, Hungary, Sri Lanka, Haiti, United Kingdom, Sudan.

STATUSPassed

Sustainable Development Committee,

Conscious of the importance of the development of digital technologies in health and education, and the informative and communicative technologies that assist in the advancement of the fields respectively,

Noting the benefits of a digitized lifestyle, such as higher efficiency and improved learning, while not ignoring the possibility of a loss of privacy and difficulties for the disadvantaged,

Taking into account that a breach of privacy could pose danger to marginalized groups causing a stigma around eHealth, thus discouraging groups from utilizing such services, and potentially limiting them from the benefits of eHealth,

Acknowledging the need to provide lower-income individuals the access to medical information and help regardless of not being able to visit a private or well-established doctor, leading to potentially saving the lives of some of the 400 million people who, according to the WHO, do not have access to essential health services,

Aware of the millions of patients’ medical records that are accessible, and in turn, their vulnerability to hackers with sinister intent to profit off of breeches in medical records, with a case of 32 million patient medical records that were breached in 2019, believed to have doubled from 2018 according to the Protenus Breach Barometer,

Further deploring the theft of medical records, and the supplementary information that is attached, including but not limited to, financial records, current address, social security numbers, etc., which pose a greater risk to patients, 

Recognizing the concern from previous security breaches resulting from false COVID related information, and have caused false data resulting in hampering a nation’s ability to proactively mitigate the spread of the virus,

Alarmed by the data breaches in education, with the Ponemon institute recording that breeches cost institutions an average of $141 per record, which as a consequence negatively affect not only students’ safety, but obstruct their learning, 

  1. Encourages all certified non-governmental organizations (NGOs) and all willing Member States to collaborate in the creation of an electronic application or website, overseen by the World Health Organization (WHO), that will provide access to reliable health care information globally, by:    
    1. releasing both academic and health papers, written to be as inclusive as possible to all literacy levels and translated to:
      1. all six of the official languages of the UN by 2022
      2. the top official languages of all 195 member nations by 2025
      3. continuing to update the application until it has been translated to all languages    
    2. protecting all of the members of this application through measures such as, but not limited to:
      1. ensuring all medical papers released have been referenced properly and intellectual property rights have been respected
      2. all personal information, such as names, addresses, and phone numbers, of patients will be confidential and not found on this application
      3. focusing on the protection of Internet Protocol (IP) rights, especially working on providing patents for individuals who upload research papers, for the purpose of providing protection for the owners of these “inventions”    
    3. providing reliable health care information globally, by:
      1. allowing the application to be truly international, by encouraging health care experts from across the globe to come together and share their learnings on a public platform
      2. supporting LEDCs who do not have all the medical research or funds, therefore, needed to treat their patients 
      3. all medical research provided to the WHO will be recognized and information will be shared from a variety of global sources, ensuring some degree of synchronicity in informational output, which assures users that they are not being provided false information, any form of governmental, political, or religious manipulation, or any other form of being misled on the application; 
  2. Calls for the Member States to work with UN agencies such as the World Health Organization (WHO) in LEDCs or private medical firms to provide greater security with digital privacy by:
    1. mandating that all platforms or systems of registration are approved by WHO guidelines, and ensure:
      1. coding overview and aid by WHO approved employees 
      2. maximum security from hackers or other parties besides patients and doctors
    2. recommending a national or regional control center for oversight of platforms and systems which will respond to failures and complaints as well as:
      1. provide aid to medical institutions when there is a system malfunction or loss of information stored 
      2. certify all employees in control centers are legally bound to a contract where any information leakage will result in immediate termination and further sentencing as decided by each jurisdiction
      3. ensure there are no third party infiltrations into the system
    3. upholding patient-doctor confidentiality and making sure both doctors and patients have access to the system
    4. implementing the same system in private and public healthcare of Member States, however, the private medical sector will regulate themselves but will face major repercussions if systems are exploited
    5. working with the WHO in less developed countries to create plans of funding and assistance for the governments to be conditional upon:
      1. Member States full transparency on the allocation of funds
      2. implementing WHO-approved policies and agreements;
  3. Requests Member States to collaborate with each other and the UN to devise a standard for adequate and comprehensive privacy-monitoring that is universally applicable via:
    1. formulating extensive criteria which can be measured against for qualification at privacy-monitoring 
    2. creating training programs for the practical measures of privacy-monitoring on eHealth and education tools to be more comprehensive and extensive within each nation-state
    3. establishing privacy monitoring as paid-professions and hence initiating industries within the quaternary sectors of the nation-state;
  4. Recommends the governments of Member States to dedicate a portion of their funds to the digital development of rural areas and for the UNDP to aid with funding LEDCs in reducing the digital divide and make digital services accessible for the population in addition to:
    1. educative campaigns to build trust and inform citizens about the benefits of digital health that would mention the importance of health literacy and ways into how to improve it; these campaigns would be done through the following mediums in order to achieve the deepest impact through:
      1. educational institutions, such as secondary school and colleges or universities
      2. social media platforms
      3. advertisement campaigns on the most popular channels in each Member State, which have the highest engagement indexes
      4. public service announcements that could be distributed via billboards or magazines
    2. provide workshops that would address concerns, help reduce stigmatization of digitalization, educate them on the use of technology, and provide ways to prevent their privacy from being breached
    3. improving electrical infrastructure in the Member States vital to facilitate digital tool usage by:
      1. working on increasing the number of cell towers and widening the map of data reception 
      2. facilitating relations with UN organizations such as the United Nations Development Programs (UNDP) to work out ways of distributing working electricity that could be provided to schools;
  5. Further recommends cooperation between the UN founded organization, the International Telecommunication Union (ITU), and all willing member states through a multilateral treaty that aims to eliminate the risk exhibited towards protection and privacy of data that is gathered during the COVID-19 pandemic by the government in order to determine the diseased, which will:
    1. guarantee the privacy of said collected data through proper national regulations,
    2. reduce the risk of data leakage to any third parties, including the government, through profound data encryption; only medical professionals should have access to collected statistics and data for the sole purpose of medical research and investigation;
  6. Strongly recommends individual member states, to implement laws regarding the protection of digital data records by implementing (stringently) measures such as, but not limited to:
    1. use of AES 256 Encryption as the standard protocol encryption at every public health level (major hospitals) to secure client’s data from end to end and provide user-friendly Fraud-Detection software to prevent malicious hacking attempts
    2. enabling at-least two-step verification (finger-printing, bio-retinal scans) while entering data at hospitals to enhance the security aspects and strengthen the protection of such digital data records, to actively prevent on ground hacking attempts,
    3. creating procedures in hospitals that educates their patients about the stringent data privacy measures in use at the hospital done through the hospital website, information pamphlets, and informing in-person while or before entering this information;
  7. Calls for states to update or establish national legal framework to protect the data of students, most of whom are children, and any and all staffers working in online education with the aid of organizations such as the United Nations International Children’s Emergency Fund (UNICEF) and United Nations Office of Information and Communications Technology by:
    1. Using the research results established by the Global Kids Online campaign as a reference for areas of improvement
    2. Expanding the scope and use of the guiding document submitted by the United Nations Development Group called the Data Privacy, Ethics and Protection Guidance Note on Big data for achievement of the 2030 agenda
    3. Reaching out to local and international child protection and data privacy experts
    4. Considering enacting measures to protect the privacy and individual rights of all students and staff such as:
      1. making it legally impermissible to share anyone’s personal information or pictures without getting their consent 
      2. Enforcing the use of systems of communication that are end to end encrypted
      3. Making citizens aware of the amount of data that is being collected
      4. Installing or encouraging the installation of firewalls and anti-virus systems on devices;
  8. Suggests the establishment of an international and multi-organisational committee that will work in cooperation with the United Nations Security Council (UNSC) and relevant state departments (Defense, Homeland Security etc.) which will:
    1. have members from all willing member states
    2. seek help from the UN according to the Secretary-General’s Roadmap for Digital Cooperation in order to fund its actions from establishments such as but not limited to The UN Digital Financing Task Force
    3. be focused only on cybercrimes and cyber attacks such as: spear phishing, Man-in-the-middle (MitM) attack, and Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks
    4. give monthly reports to all member states which will be created by the task forces, regarding the cyber attacks, their origins, the criminals responsible for these attacks, and their intention and how countries can develop themselves,
    5. cooperate with private companies such as Microsoft, which is a company that works with the UN Division for Sustainable Development Goals, in topics regarding the public sector select a group of scientists and computer specialists who will educate people as later mentioned in the 3rd clause, try to develop new, better and more sophisticated ways to combat against cybercriminals,
    6. work with the International Criminal Police Organization (INTERPOL), so that the newly established organization will have international jurisdiction.