Confidentiality of benchmarking information Bencheit workshop in Paris, December 4, 2013 Pekka Kähkipuro.

Slides:



Advertisements
Similar presentations
The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.
Advertisements

Module N° 4 – ICAO SSP framework
Consortium Agreements and how we can learn to love them… Andrew Charlesworth Senior Research Fellow in IT & Law University of Bristol.
Office Of Purchasing and Contracts Procurement Outreach Training Level II - Module C Specialized Agreements.
ARMENIA: Quality Assurance (QA) and National Qualifications Framework (NQF) Tbilisi Regional Seminar on Quality Management in the Context of National.
Data Protection: Health. Data Protection & Health Data Data on physical or mental health or condition or sexual life are ‘sensitive personal data’ with.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
Bencheit - Benchmarking higher education IT Ilkka Siissalo and Yvonne Falk University of Helsinki.
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
NORDRESS Consortium Agreement highlights. All participating institutions have signed the CA This presentation gives a brief overview of the main items.
The AMA Code of Ethics Could Egyptian Marketing Professionals Agree on a List of Rules, Perhaps Similar to This? The IMI Journal. Members of the AMA are.
Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.
Audit Planning and Documentation
Duncan Woodhouse – Assistant Registrar for Information Security, Risk Management and Business Continuity Helen Wollerton – Administrative Officer (Legal.
INTERNET and CODE OF CONDUCT
Risk Assessment 101 Kelley Bradder VP and CIO Simpson College.
WORLD BANK Publications The reference of choice on development The Promise, and Challenge, of Implementing Open Access at the World Bank Carlos Rossel.
Data Management. 2 Data Management Practices RESPONSIBLE CONDUCT IN RESEARCH.
Data Protection Recruitment Process
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
SDRGC 501(c)(4) Questions, Answers, and Issues April 9, 2008.
Internal Auditing and Outsourcing
© 2006 Jupitermedia Corporation Webcast TitleSuccessful Rollout Planning 1 January 19, :00pm EST, 11:00am PST George Spafford, President Spafford.
Copyright and the Classroom What do I do? Johnny Tilton Fall 2013.
VIRGINIA PUBLIC-PRIVATE EDUCATION FACILITIES AND INFRASTRUCURE ACT OF 2002 (PPEA) Augusta County Board of Supervisors Wednesday, January 6, 2009.
CPS Acceptable Use Policy Day 2 – Technology Session.
1 TIA Engineering Committees - Policies and Procedures TIA Staff.
Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
Electronic Use Policies.   Social Media  Internet.
7 - 1 Copyright  2003 Pearson Education Canada Inc. CHAPTER 7 Audit Planning and Documentation.
Innovative Medicines Initiative Financial and IPR aspects Magali Poinot Legal Manager Info Day Bucharest, 10 December 2012.
April 2011 Conducting Research at SPC Approval Process and Procedures Center of Excellence for Teaching and Learning.
Copyright and Licensing Legal issues associated with electronic resource access and usage.
Demystifying the Business Analysis Body of Knowledge Central Iowa IIBA Chapter December 7, 2005.
INTOSAI Public Debt Working Group Updating of the Strategic Plan Richard Domingue Office of the Auditor General of Canada June 14, 2010.
After completing this lesson, participants will be able to:  Identify ethical, legal, and policy issues for managing research data  Define copyrights,
Privacy & Personal Information Prepared by the CBC Law Department CONFIDENTIAL – FALL 2011.
Best Practices: Financial Resource Management February 2011.
1 CIP Cyber Security – Personnel & Training Steve Garn CIP Compliance Workshop Baltimore, MD August 19-20, 2009 © ReliabilityFirst Corporation.
IPR related obligations DG Research & Innovation Research and Innovation.
© 2012 Cengage Learning. All Rights Reserved. This edition is intended for use outside of the U.S. only, with content that may be different from the U.S.
The Linguistics Department Institutional Review Board Committee Silvina Montrul, chair Fred Davidson Irene Koshik Ryan Shosted September 22, 2008.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
Ethics and Research. Ethics is Educational Research Committee on Scientific and Professional Ethics of American Psychological Association -- Ethical Principals.
International Telecommunication Union New Delhi, India, December 2011 ITU Workshop on Standards and Intellectual Property Rights (IPR) Issues Philip.
WP1: IP charter Geneva – 23rd June 2009 Contribution from CERN.
Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.
© 2004 The IPR-Helpdesk is a project of the European Commission DG Enterprise, co-financed within the fifth framework programme of the European Community.
1 Public-Private Partnerships for Infrastructure Financing in the MENA Region 8 November 2006 The OECD Principles for International Investor Participation.
WELCOME to the TULANE UNIVERSITY HUMAN RESEARCH PROTECTION OFFICE WORKSHOP for SOCIAL/BEHAVIORAL RESEARCH (March 2, 2010) Tulane University HRPO Uptown.
MICS Data Processing Workshop Multiple Indicator Cluster Surveys Data Processing Workshop Overview of the MICS Process.
COPYRIGHT CLEARANCE PROCEDURE. LEGAL SERVICES COPYRIGHT ACT The Copyright Act no. 98 of 1978 governs the use of copyright protected works – those works.
© 2004 The IPR-Helpdesk is a project of the European Commission DG Enterprise, co-financed within the fifth framework programme of the European Community.
Award Management Services Procurement Outreach Training Level II - Module C Specialized Agreements.
Company LOGO. Company LOGO PE, PMP, PgMP, PME, MCT, PRINCE2 Practitioner.
Data protection—training materials [Name and details of speaker]
Review of Research-Related Agreements Between Academic Institutions and Other Entities. Manoja Ratnayake Lecamwasam, PhD Intellectual Property and Innovation.
Award Management Services Procurement Outreach Training Level II - Module C Specialized Agreements.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Dirk Weiler Chairman of the ETSI IPR Special Committee Document No: GSC16-IPR-02 Source: ETSI Contact:
University of Southern California Identity and Access Management (IAM)
IIASA Governance Review
CHAPTER 7 Audit Planning and Documentation
Export Controls – Export Provisions in Research Agreements
University of Southern California Identity and Access Management (IAM)
The partnership principle in the implementation of the CSF funds ___ Elements for a European Code of Conduct.
INTELLECTUAL PROPERTY RIGHTS (IPR) IN FP7
Taking the STANDARDS Seriously
Export Controls – Export Provisions in Research Agreements
LIMITED PARTNERSHIPS AND LIMITED LIABILITY PARTNERSHIPS
Presentation transcript:

Confidentiality of benchmarking information Bencheit workshop in Paris, December 4, 2013 Pekka Kähkipuro

Agenda Background Examples Group work Discussion and conclusions Bencheit workshop, Paris, December 4, 20132

Background There is a need to protect critical IT related information to avoid –the misuse of information by vendors (risk of financial loss) –time-consuming discussions on the use of IT resources –disclosure of critical plans too early, etc. There are different rules in different benchmarking initiatives this, such as –”full confidentiality” (e.g. consulting companies conducting benchmarks may keep the ownership of the data and the details to themselves, only disclosing average data for comparison purposes to participants) –”open among participants” (e.g. all data of all participants are available to all other participants, but not any outsiders) Bencheit workshop, Paris, December 4, 20133

Example: Bencheit Disclaimer This IT Benchmarking survey is intended for non-profit educational institutions on a per invitation/agreement only basis. Any data or analysis collected and created from participants is used solely for the purposes of measuring and benchmarking IT functions of various higher education institutes and for identifying best practices. All data shall be handled as confidential. Raw data may be used for further academic research by specific permission of the EUNIS Bencheit Steering Committee and only in such a way that an individual participating institutions´ exact and detailed financial or technical data cannot be identified. This survey questionnaire is open to all European HEIs willing to participate. HEIs participating are required to accept the condition of total openness: By giving its own information, the individual HEI gets all the information from all other HEIs and agrees that its information may and will be sent to all other participants. Information collected is intended only for internal use within the HEIs participating. Any further publishing or commercial use of the results is forbidden. Bencheit workshop, Paris, December 4, 20134

Example: EDUCAUSE 1/2 Core Data Service Appropriate Use Policy—for Participants Appropriate use policies establish how the identified data must be protected by CDS participants, as well as how EDUCAUSE may use the data to communicate the state of IT and to enhance services to its diverse membership. All CDS Managers, Authors, and Reviewers are expected to read and comply with the CDS Appropriate Use Policy (AUP) for participants. A fundamental tenet of the participant AUP is that access to identified data is limited to survey participants. In addition, advance approval from EDUCAUSE is required for use of any CDS data, even aggregated data, in public presentations or publications. … Copyright Data contributed to the Core Data Service by a participating institution remain the property of that institution. EDUCAUSE otherwise owns the copyright to the contents of the Core Data Service database, survey, and website. To protect data confidentiality on behalf of contributors, users may only use the contents of the Core Data Service as set forth in this Core Data Service Appropriate Use Policy. Bencheit workshop, Paris, December 4, 20135

Example: EDUCAUSE 2/2 Terms and Conditions of Use I affirm that I have been authorized by my institution to use the Core Data Service, that I have accessed CDS via my unique credentials, and that I will not share these credentials. I will limit disclosure and use of data obtained from CDS to those in my institution with formal responsibilities related to the use of such data (e.g., executive, budget, and planning officers, IT oversight committees, and senior staff of cognizant IT organizations). This limitation applies to both institutionally identifiable and aggregated data. I will store and provide data access, as appropriate, in a secure manner. I will not share or make public any CDS data about other institutions beyond my institution unless I have received prior approval from EDUCAUSE to do so. I understand that permission from EDUCAUSE is required prior to my using any data—even in aggregated form—in professional publications, public documents, or presentations beyond my institution. If I am employed by a corporation but working on a campus through a consulting, outsource, or partnership arrangement, I will not share any data with the corporation. As an exception, for the purposes of reaccreditation, peer review, or similar studies being conducted on behalf of my institution, I am permitted to provide data from CDS to reviewers not affiliated with my institution, so long as a copy of this Policy accompanies the data provision and is understood to govern the use made of the data. Bencheit workshop, Paris, December 4, 20136

Group work results 1.Data visibility and the possibility to identify individual institutions in the data set –Approach #1: Data is visible to all participants –Approach #2: Perhaps a dual approach with full details within Bencheit and less details somewhere else 2.Data ownership and IPRs –Each institution owns its own data, EUNIS owns the rest? 3.Rules for sharing the data within the institution and with other organizations –The goal: open data at least at an aggregate level 4.How to deal with product vendors and service providers –There is a need to compare license costs across countries –What about working together with NRENs 5.What kind of organizations are allowed to participate –For-profit HEIs perhaps, other parts of the world perhaps –Consortia would be facilitating the process 6.Using the data for research purposes –Yes with clear rules for what can be published with/without permission (respecting the confidentiality of individual contributors) 7.The need for all participating groups/initiatives to change their internal rules. 8.What results should be public –Need to analyze the side effects –Open the data to the extent that is not causing harmful side effects (possible side effects could come from vendors, ministries, etc.) –Report is needed to avoid misunderstandings and for ensuring the perceived quality of the work –Aggregation at the national level not needed by HEIs Bencheit workshop, Paris, December 4, 20137

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.