The world is in the midst of a data revolution being fueled by the increasing interconnectedness of data often, data that until now was not connected.
|
|
- Ellen Weaver
- 7 years ago
- Views:
Transcription
1 Slide #1 The world is in the midst of a data revolution being fueled by the increasing interconnectedness of data often, data that until now was not connected. The real value of this revolution cannot be unlocked until we can separate data from the person who generates it anonymity from privacy. At Anonos, we refer to this as taking the person out of personal data. The keyhole on the fingerprint in the Anonos logo represents our ability to unlock the value of interconnected data by disconnecting it. 1
2 Slide #2 Let s assume I m monitoring my blood pressure with a wearabe Internet of Things (or IoT) device that also captures my geolocation information. Real-time data records who I am, what my blood pressure is and where I m located. Unfortunately that data my personal data is subject to: Potential employee misuse (e.g., recent situations with ride sharing companies Uber and Lyft); Sale to - and use by - third parties without my knowing consent; and Security breaches like what recently happened at Sony. That s a problem. We re here today at the request of the Information Accountability Foundation to talk to about Anonos Dynamic Anonymity as an example of a Dynamic Data Obscurity (or DDO) technology tool. Ted and I have dedicated the last 3 years of our lives to research and development on Dynamic Anonymity - leveraging more than ten years of success in developing and deploying risk management technology on a global basis. We re here to talk about how Dynamic Anonymity splits up or disconnects data to solve this problem. Our approach is integrated into the data itself compared to external methods of protection that are contractual or intellectual property based. Dynamic Anonymity takes the person out of personal data while at the same time unlocking even greater value from the data. How? Well, this blood pressure data - rather than just being tied to me - could and should be tied to the greater health of humanity. Why don t more people upload their blood pressure data to the web? One of the problems is that they 2
3 don t want their personal data to be misused or end up in the wrong hands. Application developers are often start-ups who are more focused on sustainability than privacy or security concerns. And even more established companies are subject to data misuse - both internally (a recent survey of IT and security specialist showed that 80% are more concerned about internal threats) as well as externally by hackers. If Sony can t protect private information about their stars, how can people expect anyone to protect their personal data? If people weren t so concerned about their data, they might be more willing to share it. Anonos unlocks the value of data by giving people more trust by providing them more control over the security and privacy of personal data. We do this by introducing dynamic chaos into data ecosystems. And we do that by dynamically changing identifiers associated with a user as well as their activities (give example of Mardi Gras masks one versus changing) multi-layered access controls. We substitute sensitive data with dynamically changing identifiers that we refer to as Dynamic De- Identifiers or DDIDs to emphasize the fact that these identifiers do just the opposite of identifying users or actions they dynamically obscure them. Obscured data and DDIDs are kept in secure Circles of Trust (CoT) under the care of trusted parties and the keys necessary to associate DDIDs with data are kept in separate secure facilities. Without these keys, data cannot be accessed in an identifiable or understandable manner. 3
4 Slide #3 Anonos multi-level access controls separate the person from their personal data - without losing full value of the data. Multi-level access controls prevent data misuse before-the-fact a priori compared to after-the-fact liability for violating contractual terms of service or intellectual property rights that fail to make users whole. Anonos multi-layer access controls separate data from context in a manner that is roughly analogous to Digital Rights Management (or DRM). Anonos multi-layer access controls can be applied to both existing data sets and newly created data sets to achieve Aristotle s Golden Mean - a desirable middle between two extremes, one of excess and the other of deficiency with regard to Data Value and Data Privacy. Taking the analogy to DRM further, DRMD stands for DRM used by a control party for De- Identification purposes; DRMI provides individual users with control over their personal data. We anticipate that the vast majority of applications will be DRMD (this graphic assumes 95% are DRMD) but the existence of the DRMI option via opt out or other means could help reconcile conflicts between US and EU perspectives on data privacy. The question arises who should be trusted parties in charge of Circles of Trust? We have had numerous discussions with Commissioner Brill and others in this room on that very subject. Who has control over DDO tools is highly relevant. But, the existence of tools like Anonos Dynamic Anonymity make such discussions highly relevant and actionable. Circles of Trust leveraging multi-layered access controls store data that is obscured via DDIDs at one location while separate locations serve as lockers for the keys necessary to associate the DDIDs to data with security experts charged with defending both locations. This requires access to more than one place the Circle of Trust plus each separate locker where keys are kept. Requiring access to two separate facilities more than doubles the difficulty of misuse and requires a significantly more sophisticated, coordinated and synchronized multi-prong attack. For example, consider by analogy the requirement for two keys to launch a nuclear warhead. And - this touches upon the mission of the Information Accountability Foundation encouraging development of ethical frameworks, policies and procedures that parse proportionality of the robustness of solutions with the risk. 4
5 Slide #4 Discuss benefits of Anonos-enabled Just-In-Time Identity / JITI which protects the identity of users GENERALLY compared to Just-In-Time Disclosures advocated in the 2013 FTC Mobile Privacy Disclosures: Building Trust Through Transparency Report. Highlight the ability of Just-In-Time Identity / JITI to address the following quote by FTC Chairwoman Edith Ramirez at recent Consumer Electronics Show (CES): To the extent that companies collect information, they should de-identify consumer data where possible. Many of the beneficial big-data uses from the IoT could still be accomplished by using de-identified data. De-identification isn t perfect. There is always the possibility that ostensibly anonymized data can be re-identified. To address this issue, sound technical strategies for making data anonymous should be coupled with administrative safeguards. FTC Chairwoman Edith Ramirez Discuss benefits of Anonos-enabled Do Not Remember over unsuccessful efforts at Do Not Track which is inconsistent with the economic model of a free Internet. Enhanced context from Do Not Remember can actually improve economic models. Discuss benefits of removing barriers to innovation so that data and creativity can flow e.g., certification that IoT and other health-related wearable device manufactures / app providers that use Anonos will be HIPAA exempt (versus compliant) and therefore exempt from costs, obligations and potential liabilities under the HIPAA / HITECH Final Rule that otherwise applies to health related data in the wearables / IoT space. 5
6 Slide #5 We believe that Dynamic Data Obscurity tools - like Anonos Dynamic Anonymity - are superior to other approaches to anonymity or privacy and that innovative opportunities like genomic research and the Internet of Things can better achieve their potential with Dynamic Data Obscurity tools. After the presentations, during the informal lunch and discussion we would welcome to opportunity to speak further on this subject: This Magic Quadrant Chart shows that No Anonymity does not provide maximum value due to overload of information and provides no protection. Static Anonymity masking data by using a single, unchanging anonymous identifier to hide connections between data and a data subject - provides medium privacy and medium value. Scrambled Anonymity hiding the identity of a data subject by means like using Tor to anonymously browse the Internet provides strong protection but reduces value to near zero. We believe the highest value and protection comes from Dynamic Data Obscurity tools like Anonos Dynamic Anonymity multi-level access controls that dynamically obscure data elements. 6
Degrees of De-identification of Clinical Research Data
Vol. 7, No. 11, November 2011 Can You Handle the Truth? Degrees of De-identification of Clinical Research Data By Jeanne M. Mattern Two sets of U.S. government regulations govern the protection of personal
More informationPreparing for the HITECH September Deadline: Tips for Negotiating Effective Business Associate Agreements under HIPAA.
Preparing for the HITECH September Deadline: Tips for Negotiating Effective Business Associate Agreements under HIPAA July 29, 2014 Meet Today s Speakers James B. Wieland Principal, Ober Kaler jbwieland@ober.com
More informationPrivacy Update for Australian Government Agencies. What we've seen in the first 12 months of the new APPs and what's next!
Privacy Update for Australian Government Agencies What we've seen in the first 12 months of the new APPs and what's next! Presented by Sharon Rowe and Alec Christie Canberra, 31 March 2015 What we are
More informationThe Promise of Industrial Big Data
The Promise of Industrial Big Data Big Data Real Time Analytics Katherine Butler 1 st Annual Digital Economy Congress San Diego, CA Nov 14 th 15 th, 2013 Individual vs. Ecosystem What Happened When 1B
More informationAre You Prepared for a HIPAA Audit? 7 Steps to Security Readiness GUIDE BOOK
Are You Prepared for a HIPAA Audit? 7 Steps to Security Readiness GUIDE BOOK Are You Ready? For nearly four years, official HIPAA compliance audits have been on hold. The Department of Human Services (HHS)
More informationPRIVACY POLICY. comply with the Australian Privacy Principles ("APPs"); ensure that we manage your personal information openly and transparently;
PRIVACY POLICY Our Privacy Commitment Glo Light Pty Ltd A.C.N. 099 730 177 trading as "Lighting Partners Australia of 16 Palmer Parade, Cremorne, Victoria 3121, ( LPA ) is committed to managing your personal
More informationFoundation Working Group
Foundation Working Group Proposed Recommendations on De-identifying Information for Disclosure to Third Parties The Foundation Working Group (FWG) engaged in discussions around protecting privacy while
More informationAm I a Business Associate?
Am I a Business Associate? Now What? JENNIFER L. RATHBURN Quarles & Brady LLP KATEA M. RAVEGA Quarles & Brady LLP agenda» Overview of HIPAA / HITECH» Business Associate ( BA ) Basics» What Do BAs Have
More informationInviting Data Hackers to Lunch Without Knowing it
Reynolds and Reynolds Inviting Data Hackers to Lunch Without Knowing it And Getting Stuck with the Tab Bob Schaefer, Vice President of Data Services Reynolds and Reynolds Inviting Data Hackers to Lunch
More informationHow To Protect Your Health Data From Being Used For Research
Big Data: Research Ethics, Regulation and the Way Forward Tia Powell, MD AAIC Washington, DC, 2015 1854 Broad Street Cholera Outbreak Federal Office of Personnel Management Data Breach, 2015 Well-known
More informationPrivacy Challenges in the Internet of Things (IoT) a European Perspective
Privacy Challenges in the Internet of Things (IoT) a European Perspective Alicja Gniewek, PhD Student Interdisciplinary Centre for Security, Reliability and Trust Weicker Building, Université du Luxembourg
More informationBy Emily Hay and Jan Dhont, Data Privacy Department, Lorenz Brussels.
Getting a Clean Bill of Health for Privacy in Your Mobile App By Emily Hay and Jan Dhont, Data Privacy Department, Lorenz Brussels. I. Introduction to the legal regime and risks As the marketplace floods
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BA Agreement ) is entered into by Medtep Inc., a Delaware corporation ( Business Associate ) and the covered entity ( Covered Entity
More informationCloud Apps and the Modern Professional: The New Business Landscape
Cloud Apps and the Modern Professional: The New Business Landscape White Paper by Crucial Research September, 2015 Whitepaper by http://www.crucial.com.au/ Cloud Apps and the Modern Professional: The New
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 03.16 EB7178 DATA SECURITY Table of Contents 2 Data-Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationObservations on international efforts to develop frameworks to enhance privacy while realising big data s benefits
Big Data, Key Challenges: Privacy Protection & Cooperation Observations on international efforts to develop frameworks to enhance privacy while realising big data s benefits Seminar arranged by the Office
More informationHow Does Big Data Change Your Way of Managing Information?
How Does Big Data Change Your Way of Managing Information? A Best-Practices Guide for Data Managers By Erian Laperi, Director Enterprise Data Management and Business Enablement at AT&T How Does Big Data
More informationtechuk Cloud 2020 Vision Keeping the UK at the forefront of cloud adoption
techuk Cloud 2020 Vision Keeping the UK at the forefront of cloud adoption Introduction Cloud computing is fundamental to the UK s digital future. The next wave of the digital revolution is being powered
More informationSecurity & Privacy Strategies for Expanded Communities. Deven McGraw Partner Manatt, Phelps & Phillips LLP
Security & Privacy Strategies for Expanded Communities Deven McGraw Partner Manatt, Phelps & Phillips LLP 1 Key Challenges in Community Data Sharing Patient-mediated data sharing Sharing data with companies
More informationRequest for Comments on Energy and Commerce Digital Health White Paper
15 October 2014 The Honorable Fred Upton Chairman, Committee on Energy and Commerce 2125 Rayburn House Office Building Washington, D.C. 20515 Request for Comments on Energy and Commerce Digital Health
More informationHEALTHCARE SECURITY AND PRIVACY CATALOG OF SERVICES
HEALTHCARE SECURITY AND PRIVACY CATALOG OF SERVICES OCTOBER 2014 3300 North Fairfax Drive, Suite 308 Arlington, Virginia 22201 USA +1.571.481.9300 www.lunarline.com OUR CLIENTS INCLUDE Contents Healthcare
More informationSOP Number: OCR-HIP-001 Effective Date: August 2013 Page 1 of 5
Title: HIPAA Research Policy: General Nova Southeastern University Standard Operating Procedure for GCP Version # 1 SOP Number: OCR-HIP-001 Effective Date: August 2013 Page 1 of 5 PURPOSE: Federal privacy
More informationThe Importance of Sharing Medical Data
Diving into the Data Pool Exploring public views about the way medical data is shared Report from public event on 31 October 2013 Should it be easier for medical data to be shared to help research? What
More informationFebruary 17, 2011. Federal Trade Commission 600 Pennsylvania Avenue, NW Washington, DC 20580
February 17, 2011 Federal Trade Commission 600 Pennsylvania Avenue, NW Washington, DC 20580 Re: A Preliminary FTC Staff Report on Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework
More informationWebinar: Implications of FDA Regulation of Medical Devices: When is an ipad More Than an ipad?
Webinar: Implications of FDA Regulation of Medical Devices: When is an ipad More Than an ipad? Additional resources on this topic may be found at: www.aamc.org/fdamobiledevice Sharon Klein, Esq. Pepper
More informationTrust in the Cloud Legal and Regulatory Framework
Trust in the Cloud Legal and Regulatory Framework Cloud Security Alliance San Francisco, CA February 26, 2014 Francoise Gilbert, JD, CIPP Managing Director IT Law Group 2014 IT Law Group All Rights Reserved
More informationUNITED STATES OF AMERICA BEFORE THE FEDERAL TRADE COMMISSION. Julie Brill Maureen K. Ohlhausen Terrell McSweeny
1423161 UNITED STATES OF AMERICA BEFORE THE FEDERAL TRADE COMMISSION COMMISSIONERS: Edith Ramirez, Chairwoman Julie Brill Maureen K. Ohlhausen Terrell McSweeny In the Matter of HENRY SCHEIN PRACTICE SOLUTIONS,
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into effective the day of, 20 ( Effective Date ), by and between the Regents of the University of Michigan,
More information5.5. Penetration Tests. Report of the Auditor General of the Ville de Montréal to the City Council and to the Urban Agglomeration Council
Report of the Auditor General of the Ville de Montréal to the City Council and to the Urban Agglomeration Council 5.5 For the Year Ended December 31, 2013 Penetration Tests 5.5. Penetration Tests Table
More informationIntellectual Property Issues for Asset Managers
Intellectual Property Group January 2010 Intellectual Property Issues for Asset Managers In today s economy, an effective intellectual property (IP) strategy is increasingly important to success. Companies
More informationData Protection & Cyber Security Law Update 1 st October 2015
Data Protection & Cyber Security Law Update 1 st October 2015 Robert Bond, Partner Janine Regan, Associate Viktoria Protokova, Data Protection Executive charlesrussellspeechlys.com Brief introduction to
More informationBefore the AmCham EU Transatlantic Conference (Mar. 3, 2011), available at http://useu.usmission.gov/kennard_amchameu_030311.html.
One Year Later: Privacy and Data Security in a World of Big Data, the Internet of Things, and Global Data Flows Keynote Address Before the USCIB/BIAC/OECD Conference on Promoting Inclusive Growth in the
More informationPrivacy Policy Version 1.0, 1 st of May 2016
Privacy Policy Version 1.0, 1 st of May 2016 THIS PRIVACY POLICY APPLIES TO PERSONAL INFORMATION COLLECTED BY GOCIETY SOLUTIONS FROM USERS OF THE GOCIETY SOLUTIONS APPLICATIONS (GoLivePhone and GoLiveAssist)
More informationWritten Testimony of. Brendan Desetti Director of Education Policy Software & Information Industry Association
1 Written Testimony of Brendan Desetti Director of Education Policy Software & Information Industry Association Submitted to: Education Committee Connecticut General Assembly RE: HB 5469, An Act Concerning
More informationRESEARCH NOTE. Workplace Service. Predictions for Mobile, 2015: Mobile-First Apps and the Imperative to Protect the Enterprise
Authors: Jim Lundy, David Mario Smith Predictions for Mobile, 2015: Mobile-First Apps and the Imperative to Protect the Enterprise Summary: Mobile is poised to continue disrupting the workplace, as mobile-first
More informationWelcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information
Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information about HIPAA, the HITECH-HIPAA Omnibus Privacy Act, how
More informationA Pragmatic Guide to Big Data & Meaningful Privacy. kpmg.be
A Pragmatic Guide to Big Data & Meaningful Privacy kpmg.be From predicting criminal behavior to medical breakthroughs, from location-based restaurant recommendations to customer churn predictions, the
More informationBest Practices for Consumer Wearables & Wellness Apps & Devices
Best Practices for Consumer Wearables & Wellness Apps & Devices August 17, 2016 The Best Practices for Consumer Wearables & Wellness Apps & Devices was produced with support from the Robert Wood Johnson
More informationwww.veriato.com Implementing a User Activity & Behavior Monitoring program
www.veriato.com Implementing a User Activity & Behavior Monitoring program Decision Point: Why Monitor Employee Activity and Behavior? The Reactive Decision The Proactive Decision Decision Point: What
More informationGuidance on Relationships with the Media
Guidance on Relationships with the Media May 2013 APP Reference Material Relationships with the Media NOT PROTECTIVELY MARKED Contents 1 Introduction..3 2 Key principles..4 3 Engaging with the media..5
More informationHow To Notify Of A Security Breach In Health Care Records
CHART YOUR HIPAA COURSE... HHS ISSUES SECURITY BREACH NOTIFICATION RULES PUBLISHED IN FEDERAL REGISTER 8/24/09 EFFECTIVE 9/23/09 The Department of Health and Human Services ( HHS ) has issued interim final
More informationCASRO Digital Research Conference Data Security: Don t Risk Being the Weak Link
CASRO Digital Research Conference Data Security: Don t Risk Being the Weak Link Peter Milla CASRO Technical Consultant/CIRQ Technical Advisor peter@petermilla.com Background CASRO and Standards CASRO takes
More informationBig data companies beware: the FTC plans to boost enforcement in your industry
AUGUST 29, 2013 Big data companies beware: the FTC plans to boost enforcement in your industry By Linn Foster Freedman and Kathryn M. Sylvia On August 19, 2013, at the Technology Policy Institute s Annual
More informationRe: Request for Comment: Big Data and Consumer Privacy in the Internet Economy
Microsoft Corporation Tel 425 882 8080 One Microsoft Way Fax 425 936 7329 Redmond, WA 98052-6399 http://www.microsoft.com/ August 5, 2014 Mr. John Morris National Telecommunications and Information Administration
More informationSynapse Privacy Policy
Synapse Privacy Policy Last updated: April 10, 2014 Introduction Sage Bionetworks is driving a systems change in data-intensive healthcare research by enabling a collective approach to information sharing
More informationPolicy Brief: Protecting Privacy in Cloud-Based Genomic Research
Policy Brief: Protecting Privacy in Cloud-Based Genomic Research Version 1.0 July 21 st, 2015 Suggested Citation: Adrian Thorogood, Howard Simkevitz, Mark Phillips, Edward S Dove & Yann Joly, Policy Brief:
More informationCybercrime: Protecting Your Digital Assets in Today's Threat Landscape
Cybercrime: Protecting Your Digital Assets in Today's Threat Landscape Presented by Rachel Ratcliff OM03 Saturday, 10/5/2013 9:30 AM - 10:45 AM Cybercrime: Protecting Your Digital Assets in Today s Threat
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ) is by and between ( Covered Entity )and CONEX Med Pro Systems ( Business Associate ). This Agreement has been attached to,
More informationIntroduction to HIPAA Privacy
Introduction to HIPAA Privacy is published by HCPro, Inc. Copyright 2003 HCPro, Inc. All rights reserved. Printed in the United States of America. No part of this publication may be reproduced, in any
More informationBuilding Privacy-by- Design at Criteo.
Building Privacy-by- Design at Criteo. JUNE 2016 Executive Overview With the soaring rise of smartphones and consumer technology services, safeguarding data privacy and security to maintain the trust of
More informationA Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No!
A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No! Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada THE AGE OF
More informationSurviving a HIPAA violation One Agency s Experience Presented by: Roger Shindell. Topics Covered Part One. Topics Covered Part Two.
Surviving a HIPAA violation One Agency s Experience Presented by: Roger Shindell President & CEO Carosh Compliance Solutions & Liz Mayer, RHIA Director, Organizational Integrity HCI Care Services and VNS
More informationHow can Content Aware Identity and Access Management give me the control I need to confidently move my business forward?
SOLUTION BRIEF Content Aware Identity and Access Management May 2010 How can Content Aware Identity and Access Management give me the control I need to confidently move my business forward? we can CA Content
More informationE-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY
E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY Oana Dolea 7 th Annual Leg@l.IT Conference March 26th, 2013 Montreal, Canada INTRODUCTION Mobile e-commerce vs. E-commerce Mobile e-commerce:
More informationTop Signs You re Prime for a Data Breach in 2014
Hacking Into Your Healthcare Systems Series Top Signs You re Prime for a Data Breach in 2014 PRESENTED BY: IronBox Data Protection Website: www.goironbox.com Email: contactus@goironbox.com About IronBox
More informationData Masking. Cost-Effectively Protect Data Privacy in Production and Nonproduction Systems. brochure
Data Masking Cost-Effectively Protect Data Privacy in Production and Nonproduction Systems brochure How Can Your IT Organization Protect Data Privacy? The High Cost of Data Breaches It s estimated that
More informationNine Cyber Security Trends for 2016
Nine Cyber Security Trends for 2016 12-17-15 Boxborough, MA 2016 will see an increasing number of attacks and the emergence of new targets; the complexity and sophistication of attacks, initiated by increasingly
More informationHow To Respond To The Nti'S Request For Comment On Big Data And Privacy
Submission to the National Telecommunications and Information Administration (NTIA), U.S. Department of Commerce Docket No. 140514424 4424 01 RIN 0660 XC010 Comments of the Information Technology Industry
More informationBUSINESS ASSOCIATE PRIVACY AND SECURITY ADDENDUM RECITALS
BUSINESS ASSOCIATE PRIVACY AND SECURITY ADDENDUM This Business Associate Addendum ( Addendum ), effective, 20 ( Effective Date ), is entered into by and between University of Southern California, ( University
More informationData Masking Best Practices
Data Masking Best Practices 1 Information Security Risk The risk that sensitive information becomes public 2 Information Security Risk Government systems store a huge amount of sensitive information Vital
More information1.2: DATA SHARING POLICY. PART OF THE OBI GOVERNANCE POLICY Available at: http://www.braininstitute.ca/brain-code-governance. 1.2.
1.2: DATA SHARING POLICY PART OF THE OBI GOVERNANCE POLICY Available at: http://www.braininstitute.ca/brain-code-governance 1.2.1 Introduction Consistent with its international counterparts, OBI recognizes
More informationWhat is required of a compliant Risk Assessment?
What is required of a compliant Risk Assessment? ACR 2 Solutions President Jack Kolk discusses the nine elements that the Office of Civil Rights requires Covered Entities perform when conducting a HIPAA
More informationHIPAA (Health Insurance Portability and Accountability Act) Awareness Training for Volunteers and Interns
HIPAA (Health Insurance Portability and Accountability Act) Awareness Training for Volunteers and Interns Boulder County Public Health Volunteer/Intern Services 3450 Broadway Boulder, CO 80304 1 Boulder
More informationKEY LEGAL ISSUES IN TODAY S MOBILE MARKETING:
KEY LEGAL ISSUES IN TODAY S MOBILE MARKETING: Emerging Trends in Mobile Technology, Location-Based Services, and Mobile Commerce Mark Bisard, American Express Nate Hole, Loeb & Loeb LLP Brian Nixon, Loeb
More informationPREPARED STATEMENT OF THE FEDERAL TRADE COMMISSION. Protecting Personal Consumer Information from Cyber Attacks and Data Breaches.
PREPARED STATEMENT OF THE FEDERAL TRADE COMMISSION on Protecting Personal Consumer Information from Cyber Attacks and Data Breaches Before the COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION UNITED
More informationPassword Management Evaluation Guide for Businesses
Password Management Evaluation Guide for Businesses White Paper 2016 Executive Summary Passwords and the need for effective password management are at the heart of the rise in costly data breaches. Various
More informationQuorum Privacy Policy
Quorum Privacy Policy Quorum Analytics Inc. ( Quorum") has created this website (the "Website" or the "Site") to provide an online analytical tool that Subscribers can use to generate Derived Analytics
More informationPreparing for the HIPAA Security Rule
A White Paper for Health Care Professionals Preparing for the HIPAA Security Rule Introduction The Health Insurance Portability and Accountability Act (HIPAA) comprises three sets of standards transactions
More informationRisk management, information security and privacy compliance. new meeting of minds or ships in the night?
Risk management, information security and privacy compliance new meeting of minds or ships in the night? Peter Leonard September 2015 page 1 ships in the night + narrowly focussed conversations reasonable
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationCybersecurity: Safeguarding Your Business in the Digital Age
Cybersecurity: Safeguarding Your Business in the Digital Age Introduction The digitization of our society has had a powerful impact on the ways in which organizations work and relate to their customers
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT Please complete the following and return signed via Fax: 919-785-1205 via Mail: Aesthetic & Reconstructive Plastic Surgery, PLLC 2304 Wesvill Court Suite 360 Raleigh, NC 27607
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This Agreement, dated as of, 2015 ("Agreement"), by and between, on its own behalf and on behalf of all entities controlling, under common control with or controlled
More informationCyber Security Evolved
Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are
More informationWHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.
WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. A guide for IT security from BIOS The Problem SME s, Enterprises and government agencies are under virtually constant attack today. There
More informationHIPAA-Compliant Research Access to PHI
HIPAA-Compliant Research Access to PHI HIPAA permits the access, disclosure and use of PHI from a HIPAA Covered Entity s or HIPAA Covered Unit s treatment, payment or health care operations records for
More information10 Hidden IT Risks That Might Threaten Your Law Firm
(Plus 1 Fast Way to Find Them) Your law firm depends on intelligence. But can you count on your technology? You may not be in the intelligence technology business, but it s probably impossible to imagine
More informationI. INTRODUCTION. Voluntary Best Practices for UAS Privacy, Transparency, and Accountability
I. INTRODUCTION The benefits of commercial and private unmanned aircraft systems (UAS) are substantial. Technology has moved forward rapidly, and what used to be considered toys are quickly becoming powerful
More informationUser Agreement. Quality. Value. Efficiency.
User Agreement Quality. Value. Efficiency. Welcome to QVuE, the Leaders Network on Quality, Value and Efficiency website sponsored by The Medicines Company. The information provided in this Webinar Series
More informationData Breach, Electronic Health Records and Healthcare Reform
Data Breach, Electronic Health Records and Healthcare Reform (This presentation is for informational purposes only and it is not intended, and should not be relied upon, as legal advice.) Overview of HIPAA
More informationPersonal Data Protection Policy
Personal Data Protection Policy Please take a moment to read the following Policy. If there is anything you do not understand then please contact us. We are committed to protecting privacy. This Personal
More informationACA is committed to protecting your privacy. ACA ( we, us or our ) safeguards your personal information to maintain member trust.
Privacy Policy Introduction Your access to the ACA site is subject to the privacy policy as well as all applicable laws. By accessing and using the ACA site, you accept and agree to this Privacy Policy
More informationPersonalization is a hot topic among digital marketers
Personalization is a hot topic among digital marketers today and for good reason. Customers are bombarded by far more marketing messages than ever before across a broader breadth of channels. Fortunately,
More informationInformation Protection Framework: Data Security Compliance and Today s Healthcare Industry
Information Protection Framework: Data Security Compliance and Today s Healthcare Industry Executive Summary Today s Healthcare industry is facing complex privacy and data security requirements. The movement
More informationHow To Understand The Privacy Shield
The Privacy Shield and EU GDP Regulation- A Data Safekeeping Revolution? SCCE Webinar May 24, 2016 Presenter: Dan Cotter dcotter@butlerrubin.com 312-696-4497 Agenda - What is the Privacy Shield - What
More informationBUSINESS ASSOCIATE AGREEMENT BETWEEN AND COMMISSION ON ACCREDITATION, AMERICAN PSYCHOLOGICAL ASSOCIATION
BUSINESS ASSOCIATE AGREEMENT BETWEEN AND COMMISSION ON ACCREDITATION, AMERICAN PSYCHOLOGICAL ASSOCIATION This Agreement governs the provision of Protected Health Information ("PHI") (as defined in 45 C.F.R.
More informationRe: Big Data: A Tool for Inclusion or Exclusion? Workshop Project No. P145406
October 30, 2014 Federal Trade Commission Office of the Secretary Room H 113 (Annex X) 600 Pennsylvania Avenue NW Washington, DC 20580 Re: Big Data: A Tool for Inclusion or Exclusion? Workshop Project
More informationCOOKIES A SIMPLE GUIDE TO WHAT YOU NEED TO DO
COOKIES A SIMPLE GUIDE TO WHAT YOU NEED TO DO ACTION: FOLLOW THESE STEPS BEFORE 26 MAY 2012 Step One Step Two What To Do Work out whether your website(s) use cookies Audit: Review what the cookies do How
More informationVendor Management Challenge Doing More with Less
Vendor Management Challenge Doing More with Less Megan Hertzler Assistant General Counsel Director of Data Privacy Xcel Energy Boris Segalis Partner InfoLawGroup LLP Session ID: GRC-402 Insert presenter
More informationIs a Personal Health Record Right for You? Considerations for Californians
CONSUMER INFORMATION SHEET 13 September 2012 Is a Personal Health Record Right for You? Considerations for Californians This information is meant to give you an overall picture of Personal Health Records
More informationHEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT BUSINESS ASSOCIATE TERMS AND CONDITIONS
COVERYS RRG, INC. HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT BUSINESS ASSOCIATE TERMS AND CONDITIONS WHEREAS, the Administrative Simplification section of the Health Insurance Portability and
More informationOctober 27, 2010. The Honorable John Berry Director Office of Personnel Management 1900 E Street, NW Washington, DC 20415. Dear Director Berry:
October 27, 2010 The Honorable John Berry Director Office of Personnel Management 1900 E Street, NW Washington, DC 20415 Dear Director Berry: We are writing to express our concerns about the Health Claims
More informationProtecting personally identifiable information: What data is at risk and what you can do about it
Protecting personally identifiable information: What data is at risk and what you can do about it Virtually every organization acquires, uses and stores personally identifiable information (PII). Most
More informationBEFORE THE UNITED STATES FEDERAL TRADE COMMISSION WASHINGTON, DC
BEFORE THE UNITED STATES FEDERAL TRADE COMMISSION WASHINGTON, DC ) COMMENTS OF THE FUTURE OF PRIVACY FORUM ) ) RE - SPRING PRIVACY SERIES: ) CONSUMER GENERATED AND CONTROLLED ) HEALTH DATA, PROJECT NO.
More informationTHE 2014 THREAT DETECTION CHECKLIST. Six ways to tell a criminal from a customer.
THE 2014 THREAT DETECTION CHECKLIST Six ways to tell a criminal from a customer. Telling criminals from customers online isn t getting any easier. Attackers target the entire online user lifecycle from
More informationUNITED STATES OF AMERICA FEDERAL TRADE COMMISSION
UNITED STATES OF AMERICA FEDERAL TRADE COMMISSION 122 3095 COMMISSIONERS: Edith Ramirez, Chairwoman Julie Brill Maureen K. Ohlhausen Joshua D. Wright In the Matter of GMR TRANSCRIPTION SERVICES, INC.,
More informationOE Cloud Standard Terms of Service
OE Cloud Standard Terms of Service Version 1.0 Last update: 29th May 2014 These terms of service ("Terms") cover your use and access to the services of OE Cloud, and websites ("Services") provided by Ecometrica
More informationIBM Connections Cloud Security
IBM Connections White Paper September 2014 IBM Connections Cloud Security 2 IBM Connections Cloud Security Contents 3 Introduction 4 Security-rich Infrastructure 6 Policy Enforcement Points Provide Application
More informationAchieve. Performance objectives
Achieve Performance objectives Performance objectives are benchmarks of effective performance that describe the types of work activities students and affiliates will be involved in as trainee accountants.
More informationSpecial Edition. I. What is "Big Data"? April 2013
Special Edition April 2013 For further information please contact: Brian Hengesbaugh Partner, Chicago Tel +1 312 861 3077 brian.hengesbaugh @bakermckenzie.com Amy de La Lama Associate, Chicago Tel +1 312
More information