Reflections on the White House Privacy Office Peter P. Swire U.S. Chief Counselor for Privacy, 1999- 2001 OSU College of Law, 2001-present CFP, March 8,

Slides:



Advertisements
Similar presentations
“Maintaining Trust in an Electronic World”
Advertisements

H = P = A = HIPAA DEFINED HIPAA … A Federal Law Created in 1996 Health
Chapter 44 Administrative Law Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.
Why the Financial Privacy Law is Better than People Think Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9,
Medical Privacy in a Broader Privacy Context Professor Peter P. Swire George Washington Law School Former Chief Counselor for Privacy, U.S. Govt. HIPAA.
Telecom, Privacy & Security After September 11 Professor Peter P. Swire Ohio State University Ohio Telecommunications Industry Association October 2, 2001.
The United States, Privacy, and Data Protection Peter P. Swire Dutch Embassy Presentation January 19, 2001.
Privacy and the Internet Professor Peter P. Swire Ohio State University National Press Foundation February 14, 2001.
Privacy and National Security After September 11 Professor Peter P. Swire Ohio State University FLICC 2002 Forum Library of Congress March 19, 2002.
The Chief Privacy Officer for the U.S. Government Professor Peter P. Swire Ohio State University Visiting, George Washington University Privacy Officers.
"Security and Privacy After September 11 Professor Peter P. Swire Ohio State Law School Consultant, Morrison & Foerster Privacy & Data Security Summit.
Electronic Surveillance, Security, and Privacy Professor Peter P. Swire Ohio State University InSITes -- Carnegie Mellon February 7, 2002.
"Security and Privacy After September 11: The Healthcare Example Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP April.
HIPAA In Relation to Other Federal Laws Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP Glasser LegalWorks/HIPAA Conference.
"Embedding Privacy in Federal Information Systems" Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP MITRE Corp. Workshop.
Sharing of Medical Records Pursuant to an Authorization Professor Peter P. Swire Moritz College of Law, Ohio St. Univ. Consultant, Morrison & Foerster,
Privacy in America: Your Role as Guardians of the Publics Data Professor Peter P. Swire Moritz College of Law The Ohio State University Ohio Digital Government.
Research and Privacy Under HIPAA Professor Peter P. Swire Moritz College of Law Ohio State University National Academy of Science Panel on Science, Technology.
The Role of the Federal Government in Privacy Policy Professor Peter P. Swire The Ohio State University Center for American Progress The Privacy Symposium,
Privacy Today Privacy Day January 28, 2008 International Association of Privacy Professionals.
"Security and Privacy After September 11: Implications for Healthcare" Professor Peter P. Swire George Washington Law School Consultant, Morrison & Foerster.
Online Profiling and Consumer Choice Peter P. Swire Center for American Progress Ohio State University ATL Hill Briefing April 28, 2008.
Mental Health Issues & Information Sharing Professor Peter P. Swire The Ohio State University NAAG Task Force on School Safety July 5, 2007.
Introduction to Legal Issues on Social Media & the Federal Government Peter Swire Ohio State University Center for American Progress DHS Conference June.
Reflections on the White House Privacy Office Peter P. Swire Ohio State University Center for American Progress N.C. State Privacy Day January 29, 2008.
The Need for Government-Wide Privacy Policy Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster, LLP DHS Privacy Advisory Committee.
HISPC-Illinois II The Public-Private Partnership Moves Forward on Privacy and Security.
HIPAA AWARENESS TRAINING
IT Security Policy Framework
1 FTC SAFEGUARDS RULE Gramm-Leach-Bliley Act Effective 5/23/2003.
30.5.  State funding helps keep tuitions low at public colleges. As a result, more Texans can afford college.  For the years 2000 and 2001, the Texas.
Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.
ADMINISTRATIVE REGULATION Approaches to Social Problems: “The Market” The Courts Legislation Administrative Agencies.
Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.
Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.
Language Legislation in the U.S.A. The “English as Official Language” Debate.
“Privacy Institutions in the Federal Government” Professor Peter Swire Ohio State University Center for American Progress Silicon Flatirons February 14,
© 2010 Dorsey & Whitney LLP Social Media Friday, September 17, 2010 The Committee on Finance & Information Technology (CFIT)
“Privacy and the Future of Justice Statistics” Peter P. Swire Chief Counselor for Privacy OMB/OIRA National Conf.on Privacy, Technology & Criminal Justice.
Track II: Introduction and Overview of Financial Services and Information Technology Privacy Policy: Synthesizing Financial Services Industry Privacy David.
STANDARD 5.3 Objective 3 Students will explain and understand the need for confidentiality.
Health Insurance Portability and Accountability Act (HIPAA)
“The Federal Role in Privacy Protection” Peter P. Swire OSU College of Law Cambridge Privacy Symposium August 23, 2007.
IAPP KnowledgeNet Los Angeles “Thinking Outside the Cookie Jar” The Second Wave of Global Privacy Protection: Why This Year Is Different Peter Swire, Senior.
Where Did HIPAA Come From? “HIPAA Then and Now” Peter Swire Georgia Tech Scheller College of Business Alston & Bird LLP IAPP-Las Vegas 2015.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
Protecting Privacy “Most people have figured out by now you can’t do anything on the Web without leaving a record” - Holman W. Jenkins, Jr
Changes in Presidential Nomination Rules *. Trend from Caucuses to Primaries **
C HAPTER 34 Code Blue Health Sciences Edition 4. Confidentiality of sensitive information is an important issue in healthcare. Breaches of confidentiality.
Student Financial Assistance. Session 55-2 Session 55 Internet Privacy Laws.
Presentation Pro © 2001 by Prentice Hall, Inc. Magruder’s American Government C H A P T E R 3 The Constitution.
HIPAA History March 3, HIPAA Ruling Health Insurance Portability Accountability Act Health Insurance Portability Accountability Act Passed by Congress.
Dino Tsibouris & Mehmet Munur Privacy and Information Security Laws and Updates.
Data Security in the Cloud and Data Breaches: Lawyer’s Perspective Dino Tsibouris Mehmet Munur
Table of Contents. Lessons 1. Introduction to HIPAA Go Go 2. The Privacy Rule Go Go.
1 HIPAA’s Impact on Depository Financial Institutions 2 nd National Medical Banking Institute Rick Morrison, CEO Remettra, Inc.
US Executive Branch NCSCOS 2.02/2.03. Executive Branch Located in Article II Includes the President and the Vice President main job: enforce laws.
The American Experience in Regulatory Review and Reform Dominic J. Mancini, PhD. Office of Information and Regulatory Affairs U.S. Office of Management.
Chapter 10 The Presidency.
Rules and Regulations GOVT 2305, Module 14.
The Executive Branch.
Information Technology Policy Institutional Data Policy
Disability Services Agencies Briefing On HIPAA
Employee Privacy and Privacy of Employee Information
"Security and Privacy After September 11: The Healthcare Example”
Health Care: Privacy in a Digital Age
Lesson 1: Introduction to HIPAA
Presidential Permits Implementing EO 13337
Presentation transcript:

Reflections on the White House Privacy Office Peter P. Swire U.S. Chief Counselor for Privacy, OSU College of Law, 2001-present CFP, March 8, 2001

Overview n Clinton Administration Privacy Actions n What Privacy Institutions Should the U.S. Have? n The New Administration – Medical Privacy Rules

I. Clinton Administration Privacy Actions n Privacy hot buttons before I entered government in 2/99: – Clipper – CALEA – Know Your Customer n People, and even governments, learn

Actions since early 1999 n Brief & favorable descriptions n Q&A afterward on these

Medical Privacy Rule n HIPAA in 1996 n Support for legislation through 8/99 n Proposed rule 10/99 n 52,000 comments by 2/00 n Final rule 12/00 n Executive Order 12/00: limits on using health oversight record for law enforcement

Financial Privacy n Clinton speech 5/99 n House bill with half that 6/99 n Significant Administration push for privacy n Gramm-Leach-Bliley 11/99 n Administration proposal for more, 4/00

Federal Government Privacy n 6/99 OMB memorandum to post clear privacy policies on agency sites n 6/00 OMB memorandum presumption against cookies on federal sites & reports to OMB on privacy in the budget process n 12/00 OMB memorandum on agency data sharing, including push for privacy impact assessments n Federal CIO Council privacy committee

Some other privacy actions n Crypto policy change 9/99 n Genetic Discrimination E.O. 2/00 n NAS study now underway on authentication and privacy – CFP next year? n Bankruptcy and privacy study 1/01: public records and privacy issue

Other privacy actions n Safe Harbor (low number of companies because it is so strict?) n Network Advertising Code 6/00 n SSN bill proposed 6/00, and fought Gregg bill n Wiretapping bill summer 2000, with higher standards for trap-and-trace and wiretaps

How to find these documents? n Agency web sites change & not well archived n Presidential privacy web archive up this week n n Technology Policy Group of the Ohio Supercomputer Center n send documents you want to add to

II. The Privacy Office in the U.S. n Chief Counselor for Privacy, – U.S. Office of Management and Budget – Executive Office of the President – Old Executive Office Building n 4 functions: – Government data handling – Clearance – Enforcement/Ombudsman – Bully Pulpit

Government Data Handling n Big advantage if in OMB n Management – Office of Information & Technology Policy n Budget n Cant do in an independent agency n Major issue in U.S. privacy debates

Clearance n Testimony, legislative proposals cleared in OMB n Less formal statements also cleared n Examples: – FIDNet – Money laundering – New hire data base n Cant do as well in independent agency

Enforcement/Ombudsman n Cant do in OMB n HHS and financial agencies n FTC for consumer protection n Web seals & CPAs (expand scale)? n Private rights of action?

Bully pulpit n Cons: – Fishbowl in White House therefore cautious about statements – Cant comment on individual products or companies n Pro: – Big impact if President or Cabinet speak – Any White House official can raise the issues visibility & help on the Hill n Independent agency has more flexibility

The New Administration n Bush and Clinton statements similar n No privacy official named yet n My guess is that they wont until have some privacy blowups

Medical Privacy Rule n Why now? – HIPAA administrative simplification rule last summer – Protocols for electronic record sharing – Need to build in privacy & security at the same time – Delay means, at best, privacy will be a retrofit in medical systems

Fair Information Practices n Notice n Opt in consent for nonmedical purposes n Strong access protections n Security rule n HHS enforcement (need more) n Employee protections

Marketing provision n BAD name -- communications with existing customers n Doctor or insurer can communicate with own customer n If does so on behalf of 3d party, must say so and say who is paying, and opt out n Information to 3d party only as agent of the doctor, such as mail shop – 3d party cant use for its own purposes

What next? n Public comments by March 30 to HHS n Decision by April 15 whether to cancel n Best choice: let rules go into effect & make specific changes as needed n If not: huge homework for new Administration (it took us 70 people for a year) n If not: strong likelihood the rule will never issue

More information n n

Conclusion n Substantial privacy activity past two years n New Administration has made encouraging statements but we need to watch their actions n Will need organized U.S. ways to handle privacy issues over time

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.