Presentation is loading. Please wait.

Presentation is loading. Please wait.

Robert Guerra Director, CryptoRights Foundation Implementing Privacy Implementing Privacy: Rules of the Game for Developers Mac-Crypto Conference on Macintosh.

Published byHerbert Hancock Modified over 8 years ago

Similar presentations

Presentation on theme: "Robert Guerra Director, CryptoRights Foundation Implementing Privacy Implementing Privacy: Rules of the Game for Developers Mac-Crypto Conference on Macintosh."— Presentation transcript:

1 Robert Guerra Director, CryptoRights Foundation Implementing Privacy Implementing Privacy: Rules of the Game for Developers Mac-Crypto Conference on Macintosh Cryptography & Internet Commerce January 29, 2001

2 Overview The Basics: Info-Privacy Principles General Trends: Global Privacy Law Getting Specific: Medical Privacy

3 The Basics: Information Privacy Principles

4 Information Privacy Principles [1] Accountability of Data Maintainer Purpose for Data Collection Consent for Data Collection Limits on Data Collection Limits on Storage, Use & Disclosure

5 Accuracy of Information Safeguards Openness of Policies & Practices User Access & Challenges Compliance & Auditing Information Privacy Principles [2]

6 General Trends: Global Privacy Law

7 World: Privacy Law Trends Countries around the world are: –Adopting comprehensive laws to protect privacy –Basing them on OECD and Council of Europe models

8 EU: Standardizing Privacy EU Privacy Directive prevents unauthorized transmission of personal info to any country that does not adequately protect privacy. Encourages countries to adopt strong privacy legislation and standardize privacy policy across borders.

9 Canada: Personal Privacy 1983 Privacy Act –Protection for information held by Govt. –Covers ~110 Federal Departments 2000 Personal Information Protection and Electronic Documents Act.

10 USA: Financial Privacy 1978: Right to Financial Privacy Act 1991: Telephone Consumer Protection Act 1992: Fair Credit Reporting Act 1996: Electronic Fund Transfer Act 1999: Gramm-Leach-Biley Act (Title V) 2000: Safe Harbour Principles (E.U./1998)

11 Getting Specific: Medical Privacy Regulations “The Only Crypto that Survives is Medical Crypto.”

12 USA: the HIPAA $tandard 1996 Health Insurance Portability & Accountability Act Improves efficiency of healthcare delivery by standardizing electronic data interchange. Protects health data confidentiality and security by setting and enforcing standards. All Healthcare organizations are affected. Covers all personally identifiable health info in electronic form. Includes paper records and oral communications.

13 Regulatory Comparisons

14 Regulatory Criteria [1] Access Controlling access and limiting patient info display. Backup Secure backups to prevent medical data loss. Unique ID Every patient or practicioner is unique like all the others. Logoff Automated signoff after period of inactivity. Audits Capture a historical record of medical data use.

15 Regulatory Criteria [2] eSignatures & Chart Signing Replacing paper-based signatures. Tracking patient-practicioner interactions. Encryption Protecting, hiding and transmitting confidential records. Patient Access Patients should can see their chart and know who’s looked. Sensitive Info Patient data disclosure control & perfect forward secrecy. Locking Data Original entries cannot be altered or deleted.

16 Regulatory Comparison criteria:

17 “I’m a privacy-rights person… the marketplace can function without sacrificing the privacy of individuals.” – George “Dubya” Bush (Business Week, 5 June 2000)

18 CryptoRights Foundation http://CryptoRights.org Mac-Crypto Conference on Macintosh Cryptography & Internet Commerce January 29, 2001 Robert Guerra Robert @ CryptoRights.org

Download ppt "Robert Guerra Director, CryptoRights Foundation Implementing Privacy Implementing Privacy: Rules of the Game for Developers Mac-Crypto Conference on Macintosh."

Similar presentations

Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC 29406 843-576-1426 Health Insurance Portability.

Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC Health Insurance Portability.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
The Physician’s Answer to Compliance to Privacy Legislation November 2, 2001.

The Physician’s Answer to Compliance to Privacy Legislation November 2, 2001.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
Westbrook Technologies from Document Management’s Role in HIPAA.

Westbrook Technologies from Document Management’s Role in HIPAA.
ITEC 6324 Health Insurance Portability and Accountability (HIPAA) Act of 1996 Instructor: Dr. E. Crowley Name: Victor Wong Date: 2 Sept. 2004.

ITEC 6324 Health Insurance Portability and Accountability (HIPAA) Act of 1996 Instructor: Dr. E. Crowley Name: Victor Wong Date: 2 Sept
SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.

SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.
CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.

CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.
Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,

Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.

© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.
Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA)
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.

Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
Brief Synopsis of Computer Security Standards. Tenets of Information Systems Security Confidentiality Integrity Availability Over the years, standards.

Brief Synopsis of Computer Security Standards. Tenets of Information Systems Security Confidentiality Integrity Availability Over the years, standards.
Data Classification & Privacy Inventory Workshop

Data Classification & Privacy Inventory Workshop
 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.

 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.
Security of Computerized Medical Information: Threats from Authorized Users James G. Anderson, Ph.D. Purdue University.

Security of Computerized Medical Information: Threats from Authorized Users James G. Anderson, Ph.D. Purdue University.

Similar presentations

Ads by Google