The World Privacy Forum filed comments today with the US Customs and Border Protection agency regarding a proposal to request social media account information from arriving and departing travelers on entry/exit forms. WPF urged CBP to drop its proposal to request social media profile information from travelers on these key ...
This coming Thursday, WPF Executive Director Pam Dixon will give a keynote speech on health privacy and security, "The New Healthcare Fraud Continuum." Based on her latest research in health privacy, this talk will be Dixon's first talk about the new fraud continuum, what it is, how it operates, what ...
We have updated our popular Top Ten Opt Outs page for consumers. All of the links are fresh, and we have updated the text where it had gotten stale. I am frequently asked which of the opt outs is the most important. Really, that will depend on what is important ...
This new World Privacy Forum report reviews privacy law applicable to the Precision Medicine Initiative (PMI), and the large medical information and biospecimen database at its center. The HIPAA health privacy rule and its protections for individuals will not apply to PMI research activities. The key privacy concerns raised by the PMI are the lack of applicable law to govern its collection and use of individuals’ health data, the potential waiver of the patient-physician legal privilege that can shield data from disclosure through litigation, and the possibility of law enforcement access to patient records held in the PMI.
FOR IMMEDIATE RELEASE: San Diego — The World Privacy Forum today published a report finding that the Precision Medicine Initiative has laudable goals, but that many core privacy questions are unaddressed and unanswered. President Obama’s Precision Medicine Initiative (PMI) is an ambitious program with a goal of gathering the freely volunteered health and biospecimen data of over a million people to facilitate medical research. According to World Privacy Forum’s analysis of the PMI documents and plans, the 1 million planned volunteers may be getting more exposure than they bargained for after they donate their medical records and biospecimens to the volunteer research effort.
The World Privacy Forum submitted comments to the Food and Drug Administration in response to its request for public input on its draft guidance on the cybersecurity of medical devices. The privacy considerations for medical devices is significant. Because there are a large number of stakeholders in the life cycle ...
This substance of this analysis is about the new EU-US Privacy Shield, with contextual background and an analysis of how this new proposal compares to the old EU-US Safe Harbor agreement. The analysis includes a discussion of winners and losers in Privacy Shield, and discusses its potential future.
The World Privacy Forum commented on an important proposal to make changes to the existing rules regarding the confidentiality of alcohol and drug abuse patient records. The proposal is from the Substance Abuse and Mental Health Services Administration (SAMHSA), part of the US Department of Health and Human Services. These ...
Elder financial abuse is a terrible crime, and it has not gotten nearly the attention it deserves. Today the Consumer Financial Protection Bureau (CFPB) issued a important report to financial institutions about what they can do to spot this issue. The World Privacy Forum has testified about senior identity theft ...
Pam Dixon will be presenting a one-hour seminar on privacy standards and developments and what they mean for digital signage at the Digital Signage Expo (DSE) in Las Vegas. DSE is the largest gathering of digital signage experts in the world. The privacy seminar will cover key US laws, new ...
The World Privacy Forum has joined the Amazon Smile program. Now, you can select World Privacy Forum as one of the registered 501 c 3 charities you would like your shopping dollars to benefit. There is no cost to you. WPF will receive .5% of the purchase price of eligible ...
This week a judge ordered that the approximately 10 million records of California students held by the California Department of Education will not be turned entirely over to a group of community nonprofits in the Morgan Hill case. Instead, the judge ordered that several smaller databases may be turned over ...
The US and the European Commission have released details about the proposed Privacy Shield program, formerly known as the "EU-US Safe Harbor Framework." A key takeaway on US side is that the program will still rely on self-certification, although with improved verification and monitoring mechanisms. For its part, the US ...
Update for March 3, 2016: This week a judge has ordered that the approximately 10 million records of California students held by the California Department of Education will not be turned entirely over to a group of community nonprofits in the Morgan Hill case. Instead, the judge ordered that several ...
Today The Guardian published an op-ed I wrote about employer-sponsored wellness programs. You can find that op-ed here . I have researched and written about HIPAA, health plans, wellness, predictive analytics, and big data for years now. A lot of my work coalesced together when Robert Gellman and I researched ...
Update for February 29, 2016: The US and the European Commission have released new details about the proposed Privacy Shield program. We have published a new post about this release here . Briefly, the US Department of Commerce has released a 132-page package containing the program principles, letters from the ...
The closely watched Safe Harbor talks to craft new privacy rules for transatlantic data flows between the US and the EU have resulted in some preliminary signals today, although a final outcome is still pending. Commissioner Jourova, speaking before the Committee on Civil Liberties, Justice, and Home Affairs, said that ...
The World Privacy Forum has filed extensive comments on the proposed changes to how the Genetic Information Nondiscrimination Act will be interpreted. Our comments focus on how the proposal will impact wellness program privacy, as well as family and spousal privacy. In our comments, we discuss our concerns with a variety of aspects of wellness program privacy, including the fact that much data from wellness programs falls outside of HIPAA protections. We also have strongly urged the EEOC to not allow employers to purchase genetic information about employees from third parties without consent, among other items related to this issue.
The Nuremberg Code, an extraordinary document around ethics and research on human subjects written after the research abuses that took place during World War II, is akin to a global Emancipation Proclamation for human research subjects. The Nuremberg Code's 10 principles remain a timeless rendering of thought on what should be in place prior to any entity conducting research on human subjects, and this code forms the philosophical foundation of a regulation in the US known as the Common Rule. We have written extensive comments on the US proposal that will update the Common Rule...
Every other year, the US Federal Trade Commission issues a report about the national Do Not Call registry to Congress. The FTC has recently released its newest report , and by all measures, the Do Not Call registry is still strong and growing. It is not without its snags, however. ...
After four years of negotiations, the EU Commission, Parliament, and Council have reached a final agreement on the General Data Protection Regulation (GDPR). The GDPR is an omnibus data protection law which sets arguably the most extensive data protection laws globally, along with strong enforcement authority. The new law contains ...
WPF's Executive Director Pam Dixon has been in Beijing, China this week giving a seminar and keynote on predictive analytics and scoring to the CCRC and other institutions, as well as journalists. In her keynote, Dixon discussed WPF's Scoring of America report and ongoing research in the area. "Scoring in ...
The World Privacy Forum filed comments today on the Office of Management and Budget's proposed revision to a document that advises Federal agencies on how to handle the information they store. The document, OMB Circular A-130, Managing Information as a Strategic Resource , establishes policies for the management of federal ...
WPF's Congressional testimony of Nov. 3, 2015 before the US Senate Judiciary Committee is now available online. Please visit the Senate download site here to access the written testimony. The testimony focuses on data brokers, information security, and regulatory controls. A video of the actual hearing is also available from ...
WPF Executive Director Pam Dixon will testify before the Senate Judiciary this Tuesday, Nov. 3. The hearing is on data broker security, with Chairman Flake presiding. Hearing details: Data Brokers – Is Consumers’ Information Secure? Subcommittee on Privacy, Technology and the Law Date: Tuesday, November 3, 2015 Time: 2:30 pm ...
