News, Press, and Media

– Press Releases and Privacy News: View by date in the pages below.

– World Privacy Forum in the News: Click here

– Press Contact: +1 760-712-4281 or info@www.worldprivacyforum.org.

World Privacy Forum files comments with the FTC regarding proposed rules for health care-related data breaches

Data Breach of Health Records – FTC — The World Privacy Forum filed extensive comments with the Federal Trade Commission today regarding its notice of proposed rulemaking for data breaches of information containing actual health care information or health care-related information. The FTC rulemaking will apply to a variety of record holders, especially vendors of personal health records. The Forum supported much of the FTC’s proposed rulemaking, finding the rulemaking generally thoughtful and careful. In some areas, the Forum urged the FTC to narrow and further define and strengthen the proposed rule. The World Privacy Forum urged the FTC to tighten language around scope, the definition of “personal health record,” law enforcement delays of consumer notification, and urged the FTC to further clarify the definition of what falls under the category of “de-identified data.” Citing the research of Dr. LaTanya Sweeney and others, the Forum urged the FTC to require commercial companies and others holding health care data that has been partially de-identified to still report those breaches to the FTC and the public, and to monitor for re-identification.

World Privacy Forum Publishes A Patient’s Guide to HIPAA, First Comprehensive HIPAA Privacy Guide Written Expressly For Patients

“This guide is not just a retread of what HIPAA is and does,” said Pam Dixon, executive director of the World Privacy Forum. “Our guide gives patients practical details and strategies on how they can use the law to protect their privacy and navigate the medical system. Best of all, it is easy to use.”

First International Privacy and Security Conference (IPSC2008) in Tokyo Nov. 11-12 Brings Together World Experts to Share Solutions and Information on the Privacy and Security Impact of the World Economic Crisis, Data Leakages, New Global Data Issues, and

The conference, the first of its kind to be held in Japan, bring together the world’s leading privacy and security experts from Japan, the European Union, and the United States to discuss issues in common from a global perspective. Conference experts will share their best information, policies, practices, and ideas on how to solve the pressing privacy and security issues of today and those we willface in the future, including the impact of the economic crisis on data security and privacy.

World Privacy Forum Publishes Red Flag Rule Suggestions for Hospitals and Providers; new FTC-enforced rules go into effect Nov. 1, can apply to health care providers

SAN DIEGO, Ca., Sept. 24 — The World Privacy Forum’s latest report, Red Flag and Address Discrepancy Requirements: Suggestions for Health Care Providers, discusses the applicability of the new FTC regulations to the health care sector along with suggestions for providers. The report addresses newly issued regulations by the Federal Trade Commission that require financial institutions and creditors to develop and implement written identity theft prevention programs. Health care providers – whether they are for-profit, non-profit, or governmental entities – may have obligations under the new rules.

World Privacy Forum urges more attention to the protection of research study participants

Human Subjects Research Protection (OHRP) — The World Privacy Forum filed comments today with the Office of Human Research Protection urging the office to do more to protect the privacy of people who are subjects of research. The comments urge the OHRP to focus more attention on providing privacy-specific training for boards overseeing research, which are often weak in knowledge about the breadth of privacy issues in research. The WPF also voiced its strong support for certificates of confidentiality for research involving human subjects, stating that”nearly all research that involves identifiable health data or other personal data about individuals should have a certificate of confidentiality unless a researcher can state a substantive reason why a certificate is not appropriate for the study.” OHRP will be accepting comments until Sept. 29.