Complaint:!NHS!Data!Storage!in!the!Google!Cloud!
|
|
- Corey Goodwin
- 8 years ago
- Views:
Transcription
1 13 th March2014 ChristopherGraham, InformationCommissioner, WycliffeHouse,WaterLane, WILMSLOW,CheshireSK95AF DearChris, Complaint:NHSDataStorageintheGoogleCloud WearewritingaboutrecentdisclosuresoftheuseofNHSdatabyPAconsultingandwerequest thatyourofficeinvestigateapparentlyseriousbreachesofthedataprotectionact1998. Background Aspartofadataanalyticsproject,theNHSInformationCentre(NHSIC) apredecessorofthe Health&SocialCareInformationCentre(HSCIC) enteredintoanagreementtosharehospital EpisodeStatistics(HES)datawithPAConsultingGroup(PA)inNovember2011.Thedata sharingagreementallegedlyimposesanumberofrestrictionsonpa suseofthehesdata, includingalimitationonthenumberofpeoplethatcanaccessthedata,arestrictiononsharing thedatawiththirdparties,andanobligationtoerasethedatafollowingtheterminationofthe agreement. AccordingtoanHSCICpressstatement,theshareddatasetsinclude pseudonymised HESon allnhsinpatienttreatments,outpatientappointmentsanda&eattendancesinengland. 1 Each HESrecordgenerallycontainsabroadrangeofinformationaboutindividualNHSpatients,such asagegroup,genderandethnicity,diagnosticandtreatmentcodes,andinformationaboutthe 1 HSCIC%Statement:%Use%of%data%by%PA%consulting,3March2014,availableat: 2 See,HSCIC,What%HES%data%are%available?,availableat: 1
2 locationwherethepatientwastreatedandwherehe/shelives. 2 BydefaultHESdatacontain thepatient spostcodeanddateofbirth,whichincombinationareenoughtore_identifyabout 98%ofpatients;itisunclearwhetherthesedatawereredactedinthiscase.Evenwithoutthese data,longitudinalmedicalrecordsareoftenveryeasytore_identify. InordertoanalyseandmanipulatetheHESdata,PAdecidedtousethird_partytoolssupplied bygoogle.specifically,pauploadedthehesdatatogooglestorage,andprocesseditviaa Googleanalyticsservice,GoogleBigQuery.(GoogleBigQueryisacloudservicethatallows interactiveanalysisoflargedatasets.)whilelittleisknownabouttheagreementbetweenpa andgoogle,padidprovidenhsicwithawrittenconfirmationthatnogooglestaffwouldgain accesstothehesdataandthat accesscontinuedtoberestrictedtotheindividualsnamedin thedatasharingagreement. 3 NeitherPAnorHSCIChaveprovidedanyinformationaboutthe assurances,ifany,theyreceivedfromgoogle.itisdifficulttoseehowpacouldexcludethe possibilitythatgoogleengineersmightaccessthedata,whetheroftheirownvolitionor pursuanttoalawfulaccessrequestfromausgovernmentagency,andthisraisesthequestion ofwhetherpa sconfirmationwasanythingmorethanjustwishfulthinkingoradesperate attemptatblameavoidance. Whenthedetailsofthisdata_sharingarrangementbecamepublic,stakeholderswerehighly concerned.mpsarahwollaston,whositsonthehealthselectcommittee,tweeted:"sohes datauploadedto'google'simmensearmyofservers',whoconsentedtothat@hscic?" 4.This concernisunsurprisinggivengoogle srecordonprivacy;inrecentyears,googlewasfoundto havebreachedeudataprotectionlawbytheeu sarticle29workingparty,aswellasby regulatorsinanumberofmemberstates. Issues InrespectofthoseHESrecordsthatqualifyaspersonalhealthinformation,arangeofcomplex legalandprofessionalobligationsrestrictorprohibittheuseanddisclosureofsuchdata, includingtheukdataprotectionact1998,thecommon_lawdutyofconfidence,thehuman 2 See,HSCIC,What%HES%data%are%available?,availableat: 3 HSCIC%Statement,%supran ComplainttoICOregardinguseofNHSdata 2
3 RightsAct1998,theNHSConfidentialityCodeofPractice,andtheInformationSecurityNHS CodeofPractice. 5 AlthoughPA spressstatementclaimsthattheshareddatasetdoesnotcontainanyinformation thatcouldbelinkedaspecificindividual, 6 itisquiteunclearhowthatstatementcouldbe correct.evenifthehesdatasetstoredingoogle scloudservicesdoesnotcontainapatient s nameornhsnumber,thedatatheremaybeeasytolinktoaspecificindividualandhencewill oftenconstitutesensitivepersonaldata.arecordofacatheterablationprocedureat HammersmithHospitalonOctober19th2003canbelinkedwithhighprobabilitytoTonyBlair onthebasisofpressreportsofhistreatmentforatrialfibrillation,andifthedatasetpermits episodesrelatingtohimtobelinked,thensensitivepersonalinformationrelatingtohisother treatmentepisodesmaybeveryeasytofind.alargeresearchliteraturegoingbacktothelate 1970sexploresthesubstantialriskthatindividualsmaybere_identifiedfrompseudonymised datasets. 7 ThedatasenttotheGoogleCloudmustthereforebetreatedaspersonaldata,and indeedassensitivepersonaldata,forthepurposesofeuropeanandukdataprotectionlaw evenifpostcodesanddatesofbirthwereinfactremoved.wenotethatneitherhscicnorpa hassofarclaimedthatpostcodeswereremoved. Werequestthatyouconductaninvestigationtodeterminewhetherthepersonalhealth informationofnhspatients,includingthesignatoriestothisletter,wasuploadedtogoogle systems. Ifso,storingandprocessingsuchdatawouldprobablybreachnumerousrulesandregulations. Inparticular: Personalhealthinformationshouldnotbedisclosedtothirdpartiesexceptinvery limitedcircumstances.thedata_sharingagreementbetweennhsicandparestricts thenumberofindividualswhocanhaveaccesstothehesdata;pahasmadeaspecific commitmenttonhsicnottoallowgooglestafftoaccessthedata.yetitisunclearthat theygotadequateassurancesfromgoogle. 5 TheUKDepartmentofHealthhasdevelopedanonlineInformationGovernanceToolkit(IGT)thatconsolidatesall applicablelegalrulesandcentraldohguidanceasasetofinformationgovernance(ig)requirements.theigt enablesnhsorganisationsandthirdpartiesprovidingservicestonhsorganizationstoassesstheircompliance withcurrentlegislation,governmentpolicyandnationalguidance. 6 %PA%Consulting%Group%statement:%use%of%HSCIC%data,3March2014,availableat: /. 7 It has been clearly established (and has long since been known amongst academics, researchers and practitioners) that such minimal "de-identification" does not prevent data from large databases from being re-identifiable. ComplainttoICOregardinguseofNHSdata 3
4 ThepurposesforwhichpersonalinformationofNHSpatientscanbeusedarerestricted. Asageneralrule,unlessthereisalegalbasisfortheuseofdataforotherpurposes(e.g., patient sexpressconsent),personalinformationofpatientsmayonlybeusedto providecareservicesandforrelatedpurposes(e.g.,toimprovethequalityofhealthcare managementorservicedelivery).inparticular,theuseofpatienthealthinformationfor commercialpurposes,includingtheprovisionofadvertising,isprohibited.butgoogle s cloud_serviceagreementsallowgoogletoprocesscustomers dataforopen_endedand vaguepurposes,whichleavesopenthepossibilitythatgooglemaybeprocessing personalhealthinformationforitscommercialbenefitandinparticulartooptimisethe provisionofadvertising. Detailedsecuritystandardsapplytotheprocessingandstorageofhealthinformation. Amongotherobligations,theUKDepartmentofHealth(DoH)haspublisheddetailed guidanceonsuitableencryptionalgorithmsfornhspatientdata. 8 Itisunclearthatthe securitymeasuresgoogleappliestoitscloudservicesarecompliant.wereferyouin particulartorecentdisclosuresbyedwardsnowdentotheeffectthatforeign intelligenceagencieswereroutinelyharvestingpersonalinformationofgoogle customersontheunencryptedbackbonelinksbetweenitsdatacentres,andthatgchq didnotinsistonminimisationofpersonalinformationofukcitizenswithin5eyes (unlikethecsewhichinsistedonsuchminimisationforcanadiancitizens). ThetransferofNHSpatients personalinformationoutsidetheukisheavilyrestricted. Inparticular,theDoHguidancemakesclearthatsuchinformationmustnotbe transferredoutsidetheukunlessanappropriateassessmentofriskhasbeen undertakenandappropriatecontrolsimplemented;thetransferisnotifiedtoyour office;thedecisiontotransferthedatahasbeentakenbyaseniormanagerwiththe requiredauthority;anassurancestatementisobtainedfromthirdpartiesthatprocess thedataoverseas;and inmostcases thepatientstowhomthedatarelateshave beennotifiedaboutthetransfer.asgooglehasnodatacentresintheuk,andtakesthe positionthatitscustomers datamaybestoredinanyofitsdatacentres 9,managers contemplatingtheuseofgoogleservicesforpersonalhealthinformationshouldhave properlyfollowedtheprocedureforsendingsuchinformationoverseas. 8 See,NHSInformationGovernance,Guidelines%on%Use%of%Encryption%to%Protect%Person%Identifiable%and%Sensitive% Information,2008,availableat: 9 See,ITNews,Google:%Who%cares%where%your%data%is?,9June2011,quotingChiefsecurityofficerforGoogleApps, EranFeigenbaum,availableat: is.aspx. 4 ComplainttoICOregardinguseofNHSdata
5 Personalhealthinformationmustbedeletedwhenitisnolongerrequiredforaspecific purpose.thiscommitmenthasapparentlybeenrepeatedinthedatasharingagreement betweennhsicandpa,sothatpaissupposedtodeletethehesdataoncethe agreementterminates.butitisunclearthatgoogleissubjecttosimilarrestrictions. Indeed,inthepastGooglehasfailedtoprovidestrongcommitmentstoitscloud customerstodeletedataduringprovisionandafterterminationoftheservice. ThestorageoflargeamountsofsensitivepersonalhealthinformationinaUScloudserviceis particularlyconcerningbecauseoftheprecedentitmayset.googlemayadvertiseamottoof don tbeevil andsomeofusindividuallymaybepreparedtoacceptassurancesfromthem (oneofus Anderson isaformergoogleemployee).howevernotallukdatasubjectswillbe preparedtoacceptsuchassurances noteveryoneusesgmail.furthermore,therearemany otherserviceproviderswitharangeofcorporatecultures.someoverseasserviceprovidersare verymuchlesstrustworthy,andfallcompletelyoutsideyourregulatoryscopeastheyhaveno UKpresence;weareconcernedthatourpersonalhealthinformationwillenduptherenext.Yet thisneednothappen;therearemanyukandeuserviceproviderswhofallcompletelywithin thescopeofthedataprotectiondirective,andwenotethatevenmicrosoftwillnowstore personaldataintheeuifcustomersdemandit. Questions WerequestthatyouinvestigatethepotentialbreachesofUKlawsandregulationsresulting fromtheuploadingofpatientdatatogoogle scloudservices.thisrelatesnotjusttothedata ProtectionAct1998directly,buttotherelevantNHSregulationsandtherelevanthuman_rights law(includingivfinland)astheseallsetthereasonableexpectationsthatpatientshadwhen theysuppliedtheirinformationtothenhs,andthusarefundamentalforfairprocessing. Amongthequestionsthatmustbeasked: PreciselywhichpatientdatawerestoredoutsidetheUK?Didtheyrelatetosingle episodesorlinkedrecords?didtheycontainpostcode,dateofbirth,nhsnumber,ora pseudonymsuchanencryptednhsnumber?thestatementsfrompaandhscicdeny thatanameorfulladdresswasincluded,andpadeniedtherewasafulldateofbirth. Neitherhasdeniedpostcode,oryearofbirth,ortheuseofapseudonymthatwould enableepisoderecordstobelinked.hscicmentions pseudonymised data,which suggestsapseudonym.weaspatientsanddatasubjects(aswellasadvocates)would liketoknowthedetails. ComplainttoICOregardinguseofNHSdata 5
6 WhatkindofprivacyriskassessmentwascarriedoutbyPAandNHSICpriortodeciding tostore,ortoconsenttothestorageof,thedataingoogle scloudservices? IfdataweretransferredunderSafeHarbor(asonemightexpect),theControllerstill needsanart.17contractgoverningsecurityofprocessing.doesthiscontractexist,and ifso,haveitsadequacyandlawfulnessbeenverified?canweseeit? HowareHESdataprotectedagainstaccessbyunauthorisedparties,includingGoogle engineers?wereanyencryptionmethodsusedtoprotectthedata(otherthanthetls encryptionusedtoprotectthelinkfromtheclienttothegooglefrontend)andwho hasaccesstotheencryptionkeys? WhatassuranceswereobtainedthattheHESdatacouldonlybeusedforhealthcare purposes?inparticular,hasgooglemadeanycommitmentsnottousethedataforits owncommercialpurposes,suchastargetingadvertsoranalytics? AsthedataweretransferredtoserversoutsidetheUK,havetherequirementsunder thedataprotectionact1998andthedohguidancebeencompliedwith? WhatmeasureshavethepartiestakentoensurethattheHESdatacannotbeaccessed byforeigngovernmentagenciesusingtheirlocalpowers,ratherthanhavingtogo throughuklawful_accessprocedures? WereadequatearrangementsmadetoensurethatGoogle sdataprocessingactivities canbeaudited? HasthespecificcommitmenttoerasetheHESdataoncethedatasharingagreement terminatesbeenextendedtogoogle? Weaskyoutoinvestigatetheseissuesasamatterofurgency. ComplainttoICOregardinguseofNHSdata 6
7 Yourssincerely, RossAnderson Chair, FoundationforInformationPolicyResearch PhilBooth Coordinator, medconfidential NickPickles Director, BigBrotherWatch ComplainttoICOregardinguseofNHSdata 7
Complaint: NHS Data Storage in the Google Cloud
13 th March 2014 Christopher Graham, Information Commissioner, Wycliffe House, Water Lane, WILMSLOW, Cheshire SK9 5AF Dear Chris, Complaint: NHS Data Storage in the Google Cloud We are writing about recent
More informationProgramme Update. Eve Roodhouse Programme Director, care.data
Programme Update Eve Roodhouse Programme Director, care.data 1 2 Care.data: What is it? Increased demand for data and information about what and how care is delivered across care pathways and geographies
More informationDe-identification of Data using Pseudonyms (Pseudonymisation) Policy
De-identification of Data using Pseudonyms (Pseudonymisation) Policy Version: 2.0 Page 1 of 7 Partners in Care This is a controlled document. It should not be altered in any way without the express permission
More informationA Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No!
A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No! Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada THE AGE OF
More informationPrivacy Committee. Privacy and Open Data Guideline. Guideline. Of South Australia. Version 1
Privacy Committee Of South Australia Privacy and Open Data Guideline Guideline Version 1 Executive Officer Privacy Committee of South Australia c/o State Records of South Australia GPO Box 2343 ADELAIDE
More informationNATIONAL HEALTH SERVICE, ENGLAND
D I R E C T I O N S NATIONAL HEALTH SERVICE, ENGLAND The Health and Social Care Information Centre (Establishment of Information Systems for NHS Services: Collection and Analysis of Primary Care Data)
More information37.5 (core office hours are 9:00am 5:30pm Monday to Friday)
Job description Job title: Reporting to: Data Analyst Senior Data Analyst Salary: L13, 37,584 Hours per week: 37.5 (core office hours are 9:00am 5:30pm Monday to Friday) The Health Foundation The Health
More informationSecondary use and de-identification through safe havens. Clive Thomas NIGB Workshop 6 th June 2011
Secondary use and de-identification through safe havens Clive Thomas NIGB Workshop 6 th June 2011 The context and (some of) the story so far. Common Law of Confidentiality Professional responsibilities
More informationThe EDGE 2014 User Conference Information Governance Workshop
The EDGE 2014 User Conference Information Governance Workshop Monday 17 th March 2014 Debbie Terry Agenda What is Information Governance? New developments in legislation Your questions answered Caldicott
More informationObservations on international efforts to develop frameworks to enhance privacy while realising big data s benefits
Big Data, Key Challenges: Privacy Protection & Cooperation Observations on international efforts to develop frameworks to enhance privacy while realising big data s benefits Seminar arranged by the Office
More informationBOARD PAPER - NHS ENGLAND. Title: Publication of Directions to Health and Social Care Information Centre for the collection of primary care data
Paper NHSE130903 BOARD PAPER - NHS ENGLAND Title: Publication of Directions to Health and Social Care Information Centre for the collection of primary care data Clearance: Tim Kelsey, Director of Patients
More informationHow to De-identify Data. Xulei Shirley Liu Department of Biostatistics Vanderbilt University 03/07/2008
How to De-identify Data Xulei Shirley Liu Department of Biostatistics Vanderbilt University 03/07/2008 1 Outline The problem Brief history The solutions Examples with SAS and R code 2 Background The adoption
More informationAnonymisation Standard for Publishing Health and Social Care Data Specification
Title Anonymisation Standard for Publishing Health and Social Care Data Specification (Process Standard) Document ID ISB1523 Amd 20/2010 Sponsor Phil Walker Status Final Developer Clare Sanderson & Malcolm
More informationMarket Research / Audience Measurement
Market Research / Audience Measurement This document begins with the options discussed for aggregate reporting in the working group in October 2012. It then provides links and key text on audience measurement
More informationHSCIC Post Audit Review of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project / Work Data Sharing Audits Status Final Acting Director Chris Roebuck Version 1.0 Owner Rob Shaw Version issue date 16-Jun-2015 HSCIC Post Audit
More informationData Management Strategy
Scope Data Management Strategy (v1.0, February 2015) 1. This document focuses primarily on the internal data management objectives of the CCG over the next three years. Due to the evolving nature of legislation
More informationProfessional Practice Board. Guidelines on the use of Electronic Health Records
Professional Practice Board Guidelines on the use of Electronic Health Records October 2011 The British Psychological Society 2011 The British Psychological Society St Andrews House, 48 Princess Road East,
More informationDe-Identification of Clinical Data
De-Identification of Clinical Data Sepideh Khosravifar, CISSP Info Security Analyst IV Tyrone Grandison, PhD Manager, Privacy Research, IBM TEPR Conference 2008 Ft. Lauderdale, Florida May 17-21, 2008
More informationHealth and Social Care Information Centre
Health and Social Care Information Centre Information Governance Assessment Customer: Clinical Audit Support Unit of the Health and Social Care Information Centre under contract to the Royal College of
More informationInformation Governance
Attach 8 Information Governance CCG Accredited Safe Haven Application Information Governance CCG Accredited Safe Haven Application 1 1. Introduction 1.1. From the 1st April 2013 new information governance
More informationFoundation Working Group
Foundation Working Group Proposed Recommendations on De-identifying Information for Disclosure to Third Parties The Foundation Working Group (FWG) engaged in discussions around protecting privacy while
More informationUCL Data Safe Haven (IDHS) User Group Town Hall Meeting
UCL Data Safe Haven (IDHS) UCL Data Safe Haven (IDHS) User Group Town Hall Meeting 16 th October 2014 Agenda Welcome Service Update Current software and services Usage statistics Project update Discussion:
More informationDegrees of De-identification of Clinical Research Data
Vol. 7, No. 11, November 2011 Can You Handle the Truth? Degrees of De-identification of Clinical Research Data By Jeanne M. Mattern Two sets of U.S. government regulations govern the protection of personal
More informationConsidering De-Identification? Legacy Data. Kymberly Lee 16-Jul-2015
Considering De-Identification? Legacy Data Kymberly Lee 16-Jul-2015 Introduction This presentation provides an overview of Clinical data sharing, clinical data privacy, and clinical transparency. Discuss
More informationGlobal Alliance for Genomics & Health Data Sharing Lexicon
Global Alliance for Genomics & Health Data Sharing Lexicon Preamble The Global Alliance for Genomics and Health ( GA4GH ) is an international, non-profit coalition of individuals and organizations working
More informationScience Europe Position Statement. On the Proposed European General Data Protection Regulation MAY 2013
Science Europe Position Statement On the Proposed European General Data Protection Regulation MAY 2013 Science Europe Position Statement on the Proposal for a Regulation of the European Parliament and
More informationGPES Independent Advisory Group Minutes
Meeting date: Thursday 13 December 2012 Location: Ambassadors Bloomsbury, 12 Upper Woburn Place, London WC1H 0HX Members in attendance: Name Neil Serougi Angus Dawson Joanne Bailey Eve Sariyiannidou MacDonald
More informationPrivacy Impact Assessment: care.data
High quality care for all, now and for future generations Document Control Document Purpose Document Name Information Version 1.0 Publication Date 15/01/2014 Description Associated Documents Issued by
More informationOpen Data Platform Requirements Workshop 24 th February 2012
Open Data Platform Requirements Workshop 24 th February 2012 Workshop Agenda Objectives: To discuss outline scope To gather short and longer term requirements/benefits To identify some success measures
More informationThe collection, linking and use of data in biomedical research and health care: ethical issues
NUFFIELD COUNCIL ON BIOETHICS 1 The collection, linking and use of data in biomedical research and health care: ethical issues a guide to the report Contents Pages Introduction 1 Data opportunities and
More informationCouncil of the European Union Brussels, 15 January 2015 (OR. en) NOTE German delegation Working Party on Information Exchange and Data Protection
Council of the European Union Brussels, 15 January 2015 (OR. en) Interinstitutional File: 2012/0011 (COD) 14705/1/14 REV 1 LIMITE DATAPROTECT 146 JAI 802 MI 805 DRS 135 DAPIX 150 FREMP 178 COMIX 568 CODEC
More informationADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION ISSUED 24 SEPTEMBER 2013
ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION ISSUED 24 SEPTEMBER 2013 REVISED 16 MAY 2014 PART I: INTRODUCTION AND OVERVIEW...
More informationNHS England Medical Appraisal Policy. Annex J: References Annex K: Glossary Annex L: Working group
NHS England Medical Appraisal Policy Annex J: References Annex K: Glossary Annex L: Working group Annexes J, K & L Page 1 NHS England INFORMATION READER BOX Directorate Medical Operations Patients and
More informationYale-Medtronic Experience. Richard Kuntz, MD MSc Chief Scientific, Clinical and Regulatory Officer Medtronic
Yale-Medtronic Experience Richard Kuntz, MD MSc Chief Scientific, Clinical and Regulatory Officer Medtronic Medtronic INFUSE (rhbmp-2) Evidence and Reporting Challenge Background (1) INFUSE approved by
More informationHIPAA-Compliant Research Access to PHI
HIPAA-Compliant Research Access to PHI HIPAA permits the access, disclosure and use of PHI from a HIPAA Covered Entity s or HIPAA Covered Unit s treatment, payment or health care operations records for
More informationDe-identification, defined and explained. Dan Stocker, MBA, MS, QSA Professional Services, Coalfire
De-identification, defined and explained Dan Stocker, MBA, MS, QSA Professional Services, Coalfire Introduction This perspective paper helps organizations understand why de-identification of protected
More informationThe Impact of Sustainability in Manufacturing Companies Globally
The Impact of Sustainability in Manufacturing Companies Globally Lotta Penttilä 2.12.2015 Sustainability & Business 2 1 Research Questions 1. How widely has sustainability adoption spread in manufacturing
More informationTools for De-Identification of Personal Health Information
Tools for De-Identification of Personal Health Information Prepared for the Pan Canadian Health Information Privacy (HIP) Group Authored by: Ross Fraser and Don Willison, September 2009 Executive Summary
More informationDe-Identification of Health Data under HIPAA: Regulations and Recent Guidance" " "
De-Identification of Health Data under HIPAA: Regulations and Recent Guidance" " " D even McGraw " Director, Health Privacy Project January 15, 201311 HIPAA Scope Does not cover all health data Applies
More informationComments of the World Privacy Forum To: Office of Science and Technology Policy Re: Big Data Request for Information. Via email to bigdata@ostp.
3108 Fifth Avenue Suite B San Diego, CA 92103 Comments of the World Privacy Forum To: Office of Science and Technology Policy Re: Big Data Request for Information Via email to bigdata@ostp.gov Big Data
More informationBEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE
GUIDANCE 1 TITLE: INFORMATION GOVERNANCE FRAMEWORK 2 POLICY AREA: INFORMATION GOVERNANCE 3 ACCOUNTABLE DIRECTOR FOR POLICY AREA: DIRECTOR OF QUALITY AND GOVERNANCE 4 GUIDANCE DRAFTED BY: INTEGRATED GOVERNANCE
More informationStrengthening Public Sector Transparency and Privacy
Strengthening Public Sector Transparency and Privacy Renee Barrette Director of Policy Information and Privacy Commissioner of Ontario AMCTO 2015 Municipal Information Access and Privacy Forum October
More informationPUBLIC CONSULTATION ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION
PUBLIC CONSULTATION ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION PROPOSED ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS 05 FEBRUARY 2013 PART I: INTRODUCTION AND OVERVIEW...
More informationPopulation Health Informatics & Delivering the Transforming Services Together programme. Luke Readman, CIO
Population Health Informatics & Delivering the Transforming Services Together programme Luke Readman, CIO Luke Readman 1 ;Kambiz Boomla 3,4,7, Charles Gutteridge 2, Isabel Hodkinson 3, Cathy Kelly 4, Bhupinder
More informationThe deployment & role of physician assistants/associates in practice
Clinical informatics & health outcomes research group The deployment & role of physician assistants/associates in practice Simon de Lusignan Professor of Primary Care & Clinical Informatics Chair & Head
More informationDATA MINING - 1DL105, 1DL025
DATA MINING - 1DL105, 1DL025 Fall 2009 An introductory class in data mining http://www.it.uu.se/edu/course/homepage/infoutv/ht09 Kjell Orsborn Uppsala Database Laboratory Department of Information Technology,
More informationHow To Respond To The Nti'S Request For Comment On Big Data And Privacy
Submission to the National Telecommunications and Information Administration (NTIA), U.S. Department of Commerce Docket No. 140514424 4424 01 RIN 0660 XC010 Comments of the Information Technology Industry
More information(Big) Data Anonymization Claude Castelluccia Inria, Privatics
(Big) Data Anonymization Claude Castelluccia Inria, Privatics BIG DATA: The Risks Singling-out/ Re-Identification: ADV is able to identify the target s record in the published dataset from some know information
More informationARTICLE 29 DATA PROTECTION WORKING PARTY
ARTICLE 29 DATA PROTECTION WORKING PARTY 0829/14/EN WP216 Opinion 05/2014 on Anonymisation Techniques Adopted on 10 April 2014 This Working Party was set up under Article 29 of Directive 95/46/EC. It is
More informationIDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - De-identification of PHI 10030
IDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - De-identification of PHI 10030 POLICY INFORMATION Major Functional Area (MFA): MFA X - Office of General Counsel & Compliance Policy
More informationHIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS
HIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS SCOPE OF POLICY: What Units Are Covered by this Policy?: This policy applies to the following units
More informationProtecting Health and Care Information. A consultation on proposals to introduce new Regulations
Protecting Health and Care Information A consultation on proposals to introduce new Regulations June 2014 Title: Protecting Health and Care Information Author: Information Goverance / Information and Transparency
More informationAdministrative Services
Policy Title: Administrative Services De-identification of Client Information and Use of Limited Data Sets Policy Number: DHS-100-007 Version: 2.0 Effective Date: Upon Approval Signature on File in the
More informationLOBLAW COMPANIES LIMITED MANDATE OF THE BOARD OF DIRECTORS
LOBLAW COMPANIES LIMITED MANDATE OF THE BOARD OF DIRECTORS LOBLAW COMPANIES LIMITED MANDATE OF THE BOARD OF DIRECTORS 1. ROLE The role of the Board is to provide governance and stewardship to the Corporation.
More informationBoard Self-Evaluation Questionnaire
Board Self-Evaluation Questionnaire A Tool for Improving Governance Practice For Voluntary and Community Organizations Name (optional) For period from to Non-Profit Sector Leadership Program College of
More informationIAPT Data Standard. Frequently Asked Questions
IAPT Data Standard Frequently Asked Questions Version 1.0 March 2012 IAPT FAQs 1.0-1 - Contents Section 1: About the IAPT Data Standard.. 3 Section 2: Who is responsible for doing what?. 5 Section 3: How
More informationRecap of Thursday. Toya Paynter, Chair
Recap of Thursday Toya Paynter, Chair Economic Development & Workforce Challenges in Summit County Summit County Commissioner Karn Stiegelmeier Workforce System Performance Dashboards Tony Anderson, Business
More informationHIPAA Basics for Clinical Research
HIPAA Basics for Clinical Research Audio options: Built-in audio on your computer OR Separate audio dial-in: 415-930-5229 Toll-free: 1-877-309-2074 Access Code: 960-353-248 Audio PIN: Shown after joining
More informationPrinciples and Best Practices for Sharing Data from Environmental Health Research: Challenges Associated with Data-Sharing: HIPAA De-identification
Principles and Best Practices for Sharing Data from Environmental Health Research: Challenges Associated with Data-Sharing: HIPAA De-identification Daniel C. Barth-Jones, M.P.H., Ph.D Assistant Professor
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 20/04/2016 HSCIC Audit of Data Sharing
More informationATOMISATION: THE CROWN JEWELS OF THE IDEAL CYBER SECURITY MODEL
ATOMISATION: THE CROWN JEWELS OF THE IDEAL CYBER SECURITY MODEL INSTEAD OF FOCUSING SOLELY ON MAKING INFORMATION DIFFICULT TO STEAL, INFORMATION SECURITY SHOULD FOCUS ON MEASURES THAT MAKE IT DIFFICULT
More informationSESSION DEPENDENT DE-IDENTIFICATION OF ELECTRONIC MEDICAL RECORDS
SESSION DEPENDENT DE-IDENTIFICATION OF ELECTRONIC MEDICAL RECORDS A Thesis Presented in Partial Fulfillment of the Requirements for the Degree Bachelor of Science with Honors Research Distinction in Electrical
More informationPrivacy Challenges in the Internet of Things (IoT) a European Perspective
Privacy Challenges in the Internet of Things (IoT) a European Perspective Alicja Gniewek, PhD Student Interdisciplinary Centre for Security, Reliability and Trust Weicker Building, Université du Luxembourg
More informationNewsletter July, 2007
Psychology Program Newsletter July, 2007 Chair s Report By most measures, the 2006/07 academic year was a success for our Program. Psychology graduated 46 students this spring, our student numbers held
More informationHow To Protect Your Health Data From Being Used For Research
Big Data: Research Ethics, Regulation and the Way Forward Tia Powell, MD AAIC Washington, DC, 2015 1854 Broad Street Cholera Outbreak Federal Office of Personnel Management Data Breach, 2015 Well-known
More informationVALUE ANALYSIS TEAM (FORMERLY KNOWN AS MATERIALS USE EVALUATION MUE) POLICY
VALUE ANALYSIS TEAM (FORMERLY KNOWN AS MATERIALS USE EVALUATION MUE) POLICY PURPOSE The purpose of this policy is to define the structure and operation of the Value Analysis Team process, through active
More informationExecutive Diploma in Big Data Management & Analytics
Executive Diploma in Big Data Management & Analytics Achieve More We encourage our students to challenge their thinking, to extend their boundaries, to strive for excellence. We create a positive environment
More informationThe Research Capability Programme. Peter Knight, Group Programme Director
The Research Capability Programme Peter Knight, Group Programme Director 11/03/2010 RESEARCH FOR PATIENT BENEFIT WORKING PARTY FINAL REPORT For us, science and research constitute a front-line service,
More informationAnalysis of Variance (ANOVA) Using Minitab
Analysis of Variance (ANOVA) Using Minitab By Keith M. Bower, M.S., Technical Training Specialist, Minitab Inc. Frequently, scientists are concerned with detecting differences in means (averages) between
More informationRe: Guidance for Industry Fees for Human Drug Compounding Outsourcing Facilities Under The Federal Food, Drug and Cosmetic Act
May 30, 2014 Division of Dockets Management (HFA-305) Food and Drug Administration Department of Health and Human Services 5630 Fishers Lane, Room. 1061 Rockville, Maryland 20852 [Docket No. FDA-2014-D-0329]
More informationSTELLENBOSCH UNIVERSITY DEPARTMENT OF CIVIL ENGINEERING POST GRADUATE STUDIES AT THE CHAIR IN CONSTRUCTION ENGINEERING AND MANAGEMENT
STELLENBOSCH UNIVERSITY DEPARTMENT OF CIVIL ENGINEERING POST GRADUATE STUDIES AT THE CHAIR IN CONSTRUCTION ENGINEERING AND MANAGEMENT The construction industry needs creative and innovative graduates who
More informationEPSRC Cross-SAT Big Data Workshop: Well Sorted Materials
EPSRC Cross-SAT Big Data Workshop: Well Sorted Materials 5th August 2015 Contents Introduction 1 Dendrogram 2 Tree Map 3 Heat Map 4 Raw Group Data 5 For an online, interactive version of the visualisations
More informationPrivacy Techniques for Big Data
Privacy Techniques for Big Data The Pros and Cons of Syntatic and Differential Privacy Approaches Dr#Roksana#Boreli# SMU,#Singapore,#May#2015# Introductions NICTA Australia s National Centre of Excellence
More informationINCOSE Enterprise Working Group (ESWG) Charter
1 PURPOSE 2 GOAL The purpose of the working group is to advance and promote the application of Systems Engineering to understanding and managing the enterprise as a system. Enterprises are highly complex
More informationComments of the EDPS in response to the public consultation on
Comments of the EDPS in response to the public consultation on the planned guidelines on recommended standard licences, datasets and charging for the reuse of public sector information initiated by the
More informationAbstract. It s peace of mind knowing that we ve done everything that is possible to meet industry standards for de-identification. Dr.
Abstract In this presentation I will discuss the adoption of the Privacy Analytics Risk Assessment Tool (PARAT) by the Institute for Clinical Evaluative Sciences (ICES), for the Ontario Cancer Data Linkage
More informationBig Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers
Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers March 2013 How Target Knew a High School Girl Was Pregnant Before Her Parents Did just because you can,
More informationOnline Behavioral Advertising (OBA) Forum
Online Behavioral Advertising (OBA) Forum Speakers Paul Fisher, Chief Executive Officer, IAB Australia Samantha Yorke, Legal Director Asia Pacific, Yahoo! Jenny Duxbury, Compliance, Regulatory & Corporate
More information1.2: DATA SHARING POLICY. PART OF THE OBI GOVERNANCE POLICY Available at: http://www.braininstitute.ca/brain-code-governance. 1.2.
1.2: DATA SHARING POLICY PART OF THE OBI GOVERNANCE POLICY Available at: http://www.braininstitute.ca/brain-code-governance 1.2.1 Introduction Consistent with its international counterparts, OBI recognizes
More informationFrom metabiobanks to translational research platforms: Integrating Big Data through CRIP Tools
From metabiobanks to translational research platforms: Integrating Big Data through CRIP Tools 4 th Munich Biomarker Conference, November 26, 2014 christina.schroeder@izi-bb.fraunhofer.de Access to goods
More informationData Quality Policy SH NCP 2. Version: 5. Summary:
SH NCP 2 Summary: Keywords (minimum of 5): (To assist policy search engine) Target Audience: The Trust provides a framework to ensure all data that is recorded by the Trust is accurate and complies to
More informationDepartment of Human Services Health Services Committee Senator Judy Lee, Chair August 18, 2015
Department of Human Services Health Services Committee Senator Judy Lee, Chair August 18, 2015 Chairman Lee, members of the Health Services Committee, I am Maggie Anderson, Executive Director of the Department
More informationAnn Cavoukian, Ph.D.
Protecting Privacy in an Era of Electronic Health Records Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario Barrie and Community Family Health Team Royal Victoria Hospital Georgian College
More informationPseudonymisation Implementation Project (PIP) Reference Paper 4
Pseudonymisation Implementation Project (PIP) Reference Paper 4 Pseudonymisation Technical White Paper - Design and MS-SQL FV2 24 th March 2010 Without Prejudice Programme NPFIT Document Record ID Key
More informationThe collection, linking and use of data in biomedical research and health care: ethical issues
The collection, linking and use of data in biomedical research and health care: ethical issues Nuffield Council on Bioethics Professor Jonathan Montgomery (Chair) Professor Simon Caney Professor Bobbie
More informationD-CRIS Information Governance Assurance
D-CRIS Information Governance Assurance Date: 05 08 2013 Version: 1.0 Author: Murat Soncul Contents 1. Introduction... 3 2. CRIS Security Model... 3 3. SLaM Information Governance Framework... 4 4. Roles
More informationBetter Access to Medicare Mental Health Items and Psychology Providers
Better Access to Medicare Mental Health Items and Psychology Providers The issue of ease of access by the community to the new mental health items is central to its success. This paper attempts to examine
More informationPrivacy and EHR Information Flows in Canada. EHIL Webinar Series. Presented by: Joan Roch, Chief Privacy Strategist, Canada Health Infoway
Privacy and EHR Information Flows in Canada EHIL Webinar Series Presented by: Joan Roch, Chief Privacy Strategist, Canada Health Infoway March 1, 2011 Outline 1. Background 2. Infoway s privacy mandate
More informationTraining for de-identifying human subjects data for sharing: a viable library service
Training for de-identifying human subjects data for sharing: a viable library service David S. Fearon JHU Data Management Services Jennifer Darragh Sheridan Library GIS & Data Services Johns Hopkins University
More informationRisk management, information security and privacy compliance. new meeting of minds or ships in the night?
Risk management, information security and privacy compliance new meeting of minds or ships in the night? Peter Leonard September 2015 page 1 ships in the night + narrowly focussed conversations reasonable
More informationSynapse Privacy Policy
Synapse Privacy Policy Last updated: April 10, 2014 Introduction Sage Bionetworks is driving a systems change in data-intensive healthcare research by enabling a collective approach to information sharing
More informationThe Health Foundation is an independent charity working to improve the quality of healthcare in the UK.
Job description Job title: Reporting to: Salary: Intern in Data Analytics (six months fixed term contract) Data Manager 17,843 per annum (pro rata) Hours per week: 37.5 The Health Foundation The Health
More informationData De-identification and Anonymization of Individual Patient Data in Clinical Studies A Model Approach
Data De-identification and Anonymization of Individual Patient Data in Clinical Studies A Model Approach Background TransCelerate BioPharma Inc. is a non-profit organization of biopharmaceutical companies
More informationForeword by Prof. Sir Kenneth Calman and Mr David Ardron... 4. Introduction... 5. 1. Background... 5. 2. Aim... 5. 3. Scope and Applicability...
Table of Contents Foreword by Prof. Sir Kenneth Calman and Mr David Ardron... 4 Introduction... 5 1. Background... 5 2. Aim... 5 3. Scope and Applicability... 5 4. Structure and use of the template document...
More informationNorth West London Whole Systems Integrated Care Information Sharing and Hosting Agreement
Dated 1 st October 2014 / amended 10 th February 2015 (1) NHS BRENT CLINICAL COMMISSIONING GROUP (Data Processor on behalf of Provider Partners as defined in this Agreement) - and - (2) SIGNATORY PARTNERS
More informationInformation Governance in Dental Practices. Summary of findings from ICO reviews. September 2015
Information Governance in Dental Practices Summary of findings from ICO reviews September 2015 Executive summary The Information Commissioner s Office (ICO) is the regulator responsible for ensuring that
More informationCODE of PRACTICE on SECONDARY USE of MEDICAL DATA in SCIENTIFIC RESEARCH PROJECTS
CODE of PRACTICE on SECONDARY USE of MEDICAL DATA in SCIENTIFIC RESEARCH PROJECTS TABLE OF CONTENTS VERSION HISTORY... 3 DISCLAIMER... 4 INTRODUCTION... 5 CONTRIBUTORS... 6 DEFINITION OF TERMS... 8 ARTICLE
More informationACEA PRINCIPLES OF DATA PROTECTION IN RELATION TO CONNECTED VEHICLES AND SERVICES
ACEA PRINCIPLES OF DATA PROTECTION IN RELATION TO CONNECTED VEHICLES AND SERVICES September 2015 INTRODUCTION We, the member companies of ACEA, are committed to providing our customers with a high level
More informationSelecting Statistical Software for Six Sigma
Selecting Statistical Software for Six Sigma Anyone who has been exposed to the fundamental concepts of Six Sigma knows the importance that statistical methods play in quantifying improvements in process
More informationWinthrop-University Hospital
Winthrop-University Hospital Use of Patient Information in the Conduct of Research Activities In accordance with 45 CFR 164.512(i), 164.512(a-c) and in connection with the implementation of the HIPAA Compliance
More information