Using Lessons from Health Care to Protect the Privacy of Library Users: Guidelines for the De-Identification of Library Data based on HIPAA

While libraries have employed policies to protect the data about use of their services, these policies are rarely specific or standardized. Since 1996 the U.S. healthcare system has been grappling with the Health Insurance Portability and Accountability Act (HIPAA), which is designed to provide those handling personal health information with standardized, definitive instructions as to the protection of data. In this work, the authors briefly discuss the present situation of privacy policies about library use data, outline the HIPAA guidelines to understand parallels between the two, and finally propose methods to create a de-identified library data warehouse based on HIPAA for the protection of user privacy

Hybrid Software Development Approaches in Practice: A European Perspective

Agile and traditional development approaches are used in combination in todays software development. To improve the understanding and to provide better guidance for selecting appropriate development approaches, it is important to analyze such combinations in practice. Results obtained from an online survey strongly confirm that hybrid development approaches are widely used in industry. Our results show that hybrid development approaches: (i) have become reality for nearly all companies; (ii) are applied to specific projects even in the presence of company-wide policies for process usage; (iii) are neither planned nor designed but emerge from the evolution of different work practices; and, (iv) are consistently used regardless of company size or industry secto

PEPFAR Public Health Evaluation-Care and Support -Phase I Kenya

Phase 1, a survey of 120 care facilities in Kenya and Uganda, found that over 90% of facilities provided some level of clinical, psychological,and preventive care. Pain control was very limited with paracetamol often the only analgesic. In focus group discussions, patients appreciated free care and positive attitudes from staff, but said that services would be improved by more staff, shorter queues, and reliable drug supplies

Finding the Fit: A Review of Three Intervention Models for Working with HIV/AIDS Impacted Substance Users who are Homeless

This report reflects research on three different models of services for people living with Human Immunodeficiency Virus (HIV) or Acquired Immunodeficiency Syndrome (AIDS) who are also low-income, substance users and are homeless or at risk of becoming homeless. This review of intervention modalities is intended to document what is being done in Chicago to serve this population, illuminate what is known about outcomes for those receiving services and suggest areas for further investigation

Using Blockchain Technology for The Organ Procurement and Transplant Network

The organ donation system in the United States is centralized and difficult to audit by the general public. This centralized approach may lead to data integrity issues in the future. The Organ Procurement and Transplant Network (OPTN) was built and maintained by a non-governmental organization called the United Network for Organ Sharing (UNOS) under its proprietary UNet(SM) umbrella platform. This platform is made up of proprietary closed source software and does not provide the general public easy access to the organ transplant data for auditing. This study investigates the feasibility, challenges, and advantages of a blockchain-based OPTN. A prototype of a blockchain-based OPTN was created using the Hyperledger Fabric framework. The policies and guidelines issued by the United States Department of Health and Human Services for UNOS and the OPTN were used as the basis of this prototype. Four factors were identified to have a direct effect on the performance of this system, viz. max batch time out, max block size, endorsement policy, and transaction rate. Additionally, two variants of the blockchain chaincode were also developed. The first variant performed the organ-candidate matching inside the blockchain (Scheme A), and the second variant performed it outside the blockchain (Scheme B). Analysis of these data showed that Scheme A outperformed Scheme B in all experiments for write-operations. However, the read operations remained unaffected by any of the experiment variables in the given environment. Based on these results, it is recommended to perform the organ-candidate matching on the blockchain with the max batch time out close to the transaction rate

The Taxation of Capital and Labor Through the Self-Employment Tax

[Excerpt] Since 1950, self-employed individuals have been covered by the Social Security system. In many regards, their obligation to pay Self-Employment Contributions Act (SECA) taxes into the Old-Age, Survivors, and Disability Insurance (OASDI) and Hospital Insurance (HI) trust funds and their entitlement to Social Security and Medicare benefits parallel those of workers who are not self-employed and who thus are covered under the Federal Insurance Contributions Act (FICA). In both cases, the OASDI tax base is limited to income below a certain threshold, and the HI tax base is not constrained by any income ceiling. The two systems, however, diverge in an important way: The FICA tax is based solely on income from labor, but the SECA tax is based on net business income, which can also include income from capital. Such a difference in the tax code (say, among businesses providing the same goods and services) can prompt people to make choices that they would not otherwise make about self-employment or the organizational form of a business, thereby reducing the efficient allocation of resources. For this analysis, the Congressional Budget Office (CBO) decomposed the SECA tax bases for HI and OASDI into their labor and capital components, but the discussion focuses on the HI tax base because it is unconstrained by the income ceiling of the OASDI tax. CBO estimates that approximately 40 percent of the SECA-HI tax base (the amount of self-employment income subject to the HI tax) derives from capital, and the remainder derives from labor. Furthermore, more than half of the labor income of self-employed people—that is, the portion of their business income that would be subject to the FICA-HI tax if the business was incorporated instead of being a sole proprietorship or a partnership—is not included in the SECA-HI tax base. That occurs because when net income from all of a taxpayer’s businesses is less than the labor income from those businesses, the excess labor income is excluded from the SECA tax base. There is no similar exclusion from the FICA tax base. With both the taxed capital income and the excluded labor income accounted for, the total SECA-HI tax base is roughly three-quarters of the amount of income that would be taxable under the FICA-HI rules. Lawmakers could change the SECA tax base to try to align it more closely with the rules governing the FICA tax base. CBO analyzed three options for alignment that would modify the SECA tax base by either reducing the share of capital income or increasing the share of labor income included in that base. No option by itself would accomplish both of those objectives when applied to both sole proprietorships and partnerships, but one option would do so if applied only to partnerships. Two of the options would reduce the size of the SECA tax base—in one case by more than half—whereas the third option would increase the SECA tax base by a little

Mesmerizer: A Effective Tool for a Complete Peer-to-Peer Software Development Life-cycle

In this paper we present what are, in our experience, the best practices in Peer-To-Peer(P2P) application development and how we combined them in a middleware platform called Mesmerizer. We explain how simulation is an integral part of the development process and not just an assessment tool. We then present our component-based event-driven framework for P2P application development, which can be used to execute multiple instances of the same application in a strictly controlled manner over an emulated network layer for simulation/testing, or a single application in a concurrent environment for deployment purpose. We highlight modeling aspects that are of critical importance for designing and testing P2P applications, e.g. the emulation of Network Address Translation and bandwidth dynamics. We show how our simulator scales when emulating low-level bandwidth characteristics of thousands of concurrent peers while preserving a good degree of accuracy compared to a packet-level simulator

A comparison of proposals to restructure the U.S. financial system

Banking law ; Banking structure ; Bank holding companies

Scalable discovery of hybrid process models in a cloud computing environment

Process descriptions are used to create products and deliver services. To lead better processes and services, the first step is to learn a process model. Process discovery is such a technique which can automatically extract process models from event logs. Although various discovery techniques have been proposed, they focus on either constructing formal models which are very powerful but complex, or creating informal models which are intuitive but lack semantics. In this work, we introduce a novel method that returns hybrid process models to bridge this gap. Moreover, to cope with today’s big event logs, we propose an efficient method, called f-HMD, aims at scalable hybrid model discovery in a cloud computing environment. We present the detailed implementation of our approach over the Spark framework, and our experimental results demonstrate that the proposed method is efficient and scalabl

Measuring and mitigating AS-level adversaries against Tor

The popularity of Tor as an anonymity system has made it a popular target for a variety of attacks. We focus on traffic correlation attacks, which are no longer solely in the realm of academic research with recent revelations about the NSA and GCHQ actively working to implement them in practice. Our first contribution is an empirical study that allows us to gain a high fidelity snapshot of the threat of traffic correlation attacks in the wild. We find that up to 40% of all circuits created by Tor are vulnerable to attacks by traffic correlation from Autonomous System (AS)-level adversaries, 42% from colluding AS-level adversaries, and 85% from state-level adversaries. In addition, we find that in some regions (notably, China and Iran) there exist many cases where over 95% of all possible circuits are vulnerable to correlation attacks, emphasizing the need for AS-aware relay-selection. To mitigate the threat of such attacks, we build Astoria--an AS-aware Tor client. Astoria leverages recent developments in network measurement to perform path-prediction and intelligent relay selection. Astoria reduces the number of vulnerable circuits to 2% against AS-level adversaries, under 5% against colluding AS-level adversaries, and 25% against state-level adversaries. In addition, Astoria load balances across the Tor network so as to not overload any set of relays.Comment: Appearing at NDSS 201