36,323 research outputs found
CHORUS Deliverable 3.3: Vision Document - Intermediate version
The goal of the CHORUS vision document is to create a high level vision on audio-visual search engines in order to give guidance to the future R&D work in this area (in line with the mandate of CHORUS as a Coordination Action).
This current intermediate draft of the CHORUS vision document (D3.3) is based on the previous CHORUS vision documents D3.1 to D3.2 and on the results of the six CHORUS Think-Tank meetings held in March, September and November 2007 as well as in April, July and October 2008, and on the feedback from other CHORUS events.
The outcome of the six Think-Thank meetings will not just be to the benefit of the participants which are stakeholders and experts from academia and industry – CHORUS, as a coordination action of the EC, will feed back the findings (see Summary) to the projects under its purview and, via its website, to the whole community working in the domain of AV content search.
A few subjections of this deliverable are to be completed after the eights (and presumably last) Think-Tank meeting in spring 2009
Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier
As universities recognize the inherent value in the data they collect and
hold, they encounter unforeseen challenges in stewarding those data in ways
that balance accountability, transparency, and protection of privacy, academic
freedom, and intellectual property. Two parallel developments in academic data
collection are converging: (1) open access requirements, whereby researchers
must provide access to their data as a condition of obtaining grant funding or
publishing results in journals; and (2) the vast accumulation of 'grey data'
about individuals in their daily activities of research, teaching, learning,
services, and administration. The boundaries between research and grey data are
blurring, making it more difficult to assess the risks and responsibilities
associated with any data collection. Many sets of data, both research and grey,
fall outside privacy regulations such as HIPAA, FERPA, and PII. Universities
are exploiting these data for research, learning analytics, faculty evaluation,
strategic decisions, and other sensitive matters. Commercial entities are
besieging universities with requests for access to data or for partnerships to
mine them. The privacy frontier facing research universities spans open access
practices, uses and misuses of data, public records requests, cyber risk, and
curating data for privacy protection. This paper explores the competing values
inherent in data stewardship and makes recommendations for practice, drawing on
the pioneering work of the University of California in privacy and information
security, data governance, and cyber risk.Comment: Final published version, Sept 30, 201
Enhanced privacy governance in Health Information Systems through business process modelling and HL7
© 2019 The Authors. Published by Elsevier B.V. Medical data privacy is nowadays an alarming issue thanks to the technological revolution witnessed in the medical field and the ease of data access and exchange leveraged by newly implemented Hospital Information Systems (HIS). In order to help protect patient data while offering them the required medical procedures, many computerized techniques could be made available to be implemented in HIS since an early stage of their design. Those techniques should be applied throughout the rolling of clinical pathways to preserve medical data privacy and security in order to enhance privacy governance within Hospitals. When considered as processes, and because of their complexity and multidisciplinary nature, clinical pathways should be modelled in a simple way paying attention to medical tasks and the underlining shared clinical data. It is important to highlight the data with higher protection and sensitivity level. These data characteristics will influence many governance and security decisions of each process. This work aims to present a methodology to model clinical pathway specifications for data driven clinical processes, distinguishing sensitive data from other data and identifying personal data protection principles and the Protected Health Information (PHI). In this context, we precise for each clinical task potentially involving data processing and sharing, the level of protection the data requires through the use of privacy tags and labels added to data elements predefined using the HL7 standard. This method of tagging would help mapping extracted data, classified into categories, to a set of privacy requirements as needed by the HIPAA legislation. Hence data protection and privacy governance are leveraged in a seamless and highly transparent way. The use of HL7 allowed better data discovery and parsing which facilitates the definition of medical data protection measures at a later stage
Is There an App for That? Electronic Health Records (EHRs) and a New Environment of Conflict Prevention and Resolution
Katsh discusses the new problems that are a consequence of a new technological environment in healthcare, one that has an array of elements that makes the emergence of disputes likely. Novel uses of technology have already addressed both the problem and its source in other contexts, such as e-commerce, where large numbers of transactions have generated large numbers of disputes. If technology-supported healthcare is to improve the field of medicine, a similar effort at dispute prevention and resolution will be necessary
An Activity Theory Approach to Leak Detection and Mitigation in Personal Health Information (PHI)
The migration to Electronic Health Records (EHR) has raised issues with respect to security and privacy. One such issue that has become a concern for the healthcare providers, insurance companies and pharmacies is Patient Health Information (PHI) leak. Borrowing from Document Control Domain (DCD) literature, in this paper, we develop a methodology for detection and mitigation of PHI leaks by employing Activity Theory to elucidate the complex activities in the transitive workflow
ECHO Information sharing models
As part of the ECHO project, the Early Warning System (EWS) is one of four technologies under development. The E-EWS will provide the capability to share information to provide up to date information to all constituents involved in the E-EWS. The development of the E-EWS will be rooted in a comprehensive review of information sharing and trust models from within the cyber domain as well as models from other domains
Confidential Informants in Private Litigation: Balancing Interests in Anonymity and Disclosure
Heightened pleading standards and limits on discovery in private securities fraud actions make confidential informants crucial in many cases. While courts have widely recognized the importance of confidential informants and the need to protect them from retaliation, they have not applied consistent standards for how informants must be identified in pleadings, and have failed to take into account substantial bodies of relevant caselaw when deciding whether to require that informants’ names be disclosed in discovery.
This article offers a framework for when and how confidential informants should be identified, taking into account the competing interests in anonymity and disclosure. It offers a refined standard for identifying informants at the pleading stage that focuses on how the employee came to have the information pleaded, rather than on the employee’s job title or duties. It also proposes use of in camera review of witness statements.
At the discovery stage, this article criticizes the use of the attorney work product doctrine as a basis for protecting informant identities. It argues that courts should perform a balancing analysis that directly weighs public policy and privacy interests in favor of informant anonymity against defendants’ legitimate needs for disclosure. This approach is supported by numerous cases protecting the identities of informants and other types of witnesses under Fed. R. Civ. P. 26(c), and also finds support in the many cases construing the formal privilege applicable to government informants.
Finally, this article encourages plaintiffs to seek protective orders for informants early in litigation and briefly discusses protection for witness interview notes
Dwarna : a blockchain solution for dynamic consent in biobanking
Dynamic consent aims to empower research partners and facilitate active participation in the research process. Used within
the context of biobanking, it gives individuals access to information and control to determine how and where their
biospecimens and data should be used. We present Dwarna—a web portal for ‘dynamic consent’ that acts as a hub
connecting the different stakeholders of the Malta Biobank: biobank managers, researchers, research partners, and the
general public. The portal stores research partners’ consent in a blockchain to create an immutable audit trail of research
partners’ consent changes. Dwarna’s structure also presents a solution to the European Union’s General Data Protection
Regulation’s right to erasure—a right that is seemingly incompatible with the blockchain model. Dwarna’s transparent
structure increases trustworthiness in the biobanking process by giving research partners more control over which research
studies they participate in, by facilitating the withdrawal of consent and by making it possible to request that the biospecimen
and associated data are destroyed.peer-reviewe
The Data Breach Dilemma: Proactive Solutions for Protecting Consumers’ Personal Information
Data breaches are an increasingly common part of consumers’ lives. No institution is immune to the possibility of an attack. Each breach inevitably risks the release of consumers’ personally identifiable information and the strong possibility of identity theft.
Unfortunately, current solutions for handling these incidents are woefully inadequate. Private litigation like consumer class actions and shareholder lawsuits each face substantive legal and procedural barriers. States have their own data security and breach notification laws, but there is currently no unifying piece of legislation or strong enforcement mechanism.
This Note argues that proactive solutions are required. First, a national data security law—setting minimum data security standards, regulating the use and storage of personal information, and expanding the enforcement role of the Federal Trade Commission—is imperative to protect consumers’ data. Second, a proactive solution requires reconsidering how to minimize the problem by going to its source: the collection of personally identifiable information in the first place. This Note suggests regulating companies’ collection of Social Security numbers, and, eventually, using a system based on distributed ledger technology to replace the ubiquity of Social Security numbers
- …