Legal Solutions in Health Reform: Privacy and Health Information Technology

Identifies gaps in the federal health privacy standard and proposes options for strengthening the legal framework for privacy protections in order to build public trust in health information technology. Presents arguments for and against each option

Privacy and Health Information Technology

The increased use of health information technology (health IT) is a common element of nearly every health reform proposal because it has the potential to decrease costs, improve health outcomes, coordinate care, and improve public health. However, it raises concerns about security and privacy of medical information. This paper examines some of the “gaps” in privacy protections that arise out of the current federal health privacy standard, the Health Insurance Portability and Accountability (HIPAA) Privacy Rule, the main federal law which governs the use and disclosure of health information. Additionally, it puts forth a range of possible solutions, accompanied by arguments for and against each. The solutions provide some options for strengthening the current legal framework of privacy protections in order to build public trust in health IT and facilitate its use for health reform. The American Recovery and Reinvestment Act (ARRA) enacted in February 2009 includes a number of changes to HIPAA and its regulations, and those changes are clearly noted among the list of solutions (and ARRA is indicated in the Executive Summary and paper where the Act has a relevant provision)

Cross-Border Canada/U.S. Cooperation in Investigations and Enforcement Actions

crossborder investigation and enforcement--Canada and United State

The Law and Politics of Ransomware

What do Lady Gaga, the Royal Zoological Society of Scotland, the city of Valdez in Alaska, and the court system of the Brazilian state of Rio Grande do Sul all have in common? They have all been victims of ransomware attacks, which are growing both in number and severity. In 2016, hackers perpetrated roughly four thousand ransomware attacks a day worldwide, a figure which was already alarming. By 2020, however, ransomware attacks reached a staggering number, between 20,000 and 30,000 per day in the United States alone. That is a ransomware attack every eleven seconds, each of which cost victims on average nineteen days of network downtime and a payout of over $230,000. In 2021 global costs associated with ransomware recovery exceeded$20 billion.This Article offers an account of the regulatory challenges associated with ransomware prevention. Situated within the broader literature on underenforcement, the Article explores the core causes for the limited criminalization, prosecution, and international cooperation that have exacerbated this wicked cybersecurity problem. In particular, the Article examines the forensic, managerial, jurisdictional, informational, and resource allocation challenges that have plagued the fight against digital extortions in the global commons.To address these challenges, the Article makes the case for the international criminalization of ransomware. Relying on existing international regimes––namely, the 1979 Hostage Taking Convention, the 2000 Convention Against Transnational Crime, and the customary prohibition against the harboring of terrorists––the Article makes the claim that most ransomware attacks are already criminalized under existing international law. In fact, the Article draws on historical analysis to portray the criminalization of ransomware as a “fourth generation” in the outlawry of Hostis Humani Generis (enemies of mankind).The Article demonstrates the various opportunities that could arise from treating ransomware gangs as international criminals subject to universal jurisdiction. The Article focuses on three immediate consequences that could arise from such international criminalization: (1) Expanding policies for naming and shaming harboring states, (2) Authorizing extraterritorial cyber enforcement and prosecution, and (3) Advancing strategies for strengthening cybersecurity at home

Competition Clauses in Bilateral Trade Treaties - Analysing the Issues in the Context of India’s Future Negotiating Strategy

There is a recent trend towards trade agreements that include trade related competition provisions. However there are large differences across these trade agreements in terms of how the competition provisions are addressed. In this context, this research report tries to analyze the competition provisions in few selected FTAs and draw lessons for India, which is also following the path of entering into trade agreements. The analysis suggests that cooperation in implementing competition laws is immensely helpful. However, at this moment, India can follow the EU style of agreements with competition provisions such as cooperation, exchange of non-confidential information, technical assistance and consultation.trade, India, Competition Clauses