.

 

What's New

 

New Consumer Resource: A Patient's Guide to HIPAA

A Patient's Guide to HIPAA is a comprehensive look at how to use HIPAA in practical, strategic ways to protect privacy. The guide is user-friendly, direct, and easy to navigate. Published March 31, 2009.

 

Major reports:

Privacy in the Clouds

The World Privacy Forum's newest report examines the privacy and confidentiality issues of cloud computing that have been largely overlooked to date. It is a thorough analysis with policy findings. Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing was written by Robert Gellman for the World Privacy Forum. Cloud computing tips for consumers are also available. Published February 23, 2009.

 

Medical ID Theft

The World Privacy Forum researched and published the first major report about medical identity theft and brought this crime to the attention of the public for the first time. Our May 2006 report documents and discusses medical identity theft and what makes it unique. While the financial forms of identity theft are well-known at this point, the medical forms of ID theft are not. The medical forms if ID theft have unique harms associated with them, and under HIPAA victims have gaps in recourse for help recovering from the crime. The World Privacy Forum has also published substantial resources for victims in the form of a groundbreaking FAQ for victims, again, the first to be published on this issue.

Our medical identity theft page contains the report, FAQ for victims, consumer tips, and best practices for healthcare providers. See also: Red Flag Rules report, which is available on the medical identity theft page.

 

Personal Health Records

The World Privacy Forum has published a substantive legal analysis that looks at what happens when health care files and medical records are kept at businesses not subject to the Federal medical privacy rule, HIPAA. This analysis is the first the WPF is aware of on this particular issue. The report was published February 2008 and is available on our Personal Health Record page: http://www.worldprivacyforum.org/personal_health_records.html and here.

 

Online Behavioral Advertising

The World Privacy Forum issued a new report on the Network Advertising Initiative November 2, 2007. The report documents and analyzes the history and operations of the 7-year old NAI self-regulatory initiative, which was designed to allow consumers to opt-out of tracking by behavioral advertisers. The report is available here, and at the FTC web site.

 

Other news or new content:
 
January 2010

WPF files comments on genetic discrimination

Today WPF filed comments on genetic discrimination regulations with the Department of Labor. Read the comments here. See the WPF genetic privacy page here.

 

December 2009
12/07/2009 FTC Privacy Roundtable

WPF executive director Pam Dixon will testify at the FTC Privacy Roundtable about information brokers and commercial data practices and they impact consumers. Dixon will be discussing the business models of data brokers, issues with smart grids, and opt-out problems, among other issues.

See the WPF written comments to the FTC | Related: WPF FTC petition re: data broker opt-outs | Related: Smart Grids and Privacy

 

12/04/2009 GINA regulations

WPF filed comments with the Department of Health and Human Services regarding the Genetic Information Non-Discrimination Act rulemaking. Comments will be available online shortly.

 

11/19/2009 Congressional testimony

WPF executive director Pam Dixon testified at a joint subcommittee hearing focused on privacy and the collection and use of online and offline consumer information. Dixon's testimony focused on the new "modern permanent record" and how it is used and created. Dixon said "The merging of offline and online data is creating highly personalized, granular profiles of consumers that affect consumers’ opportunities in the marketplace and in their lives. Consumers are largely unaware of these profiles and their consequences, and they have insufficient legal rights to change things even if they did know." The testimony explored concrete examples of problematic consumer profiling activities.

Read the full testimony (PDF)

 

 

November 2009

 

WPF to speak at FTC Roundtable

The World Privacy Forum has been invited to speak at the Federal Trade Commission's first Privacy Roundtable, to be held December 7, 2009 in Washington DC.

More on the FTC Exploring Privacy Roundtables | See the WPF comments to the FTC for the Roundtable (First filing).

 

WPF files comments for FTC Roundtables on privacy standards, consumer expectations of privacy

The World Privacy Forum filed comments last week for the FTC Privacy Roundtables, the first of which will be held December 7, 2009. The WPF comments urged the FTC to consider the Fair Credit Reporting Act as a key privacy model to apply to additional areas, to use the full version of Fair Information Practices, and discussed how a rights-based framework was the key to advancing consumers' interests. The comments discussed list brokers at length, and explained how even the most informationally cautious consumer will land on numerous marketing lists and databases. The WPF comments noted that not all marketing lists are used to target ads to consumers; some lists and databases are used to deny consumers goods and services. The comments contain a detailed section on privacy frameworks, a section on direct marketing, and an appendix with supporting information.

See WPF's FTC comments | Related: WPF Intro to Fair Information Practices page

 

 

 

Upcoming Events:

 

WPF will be speaking at the following events:

 

  • Digital Signage Expo, Las Vegas Convention Center, February 25, 2010. Panel on digital signage and privacy.
  • Federal Trade Commission Privacy Roundtable, January 28, 2010, Berkeley, California.
  • CalPSAB, January 13, 2010, San Francisco.
  • Federal Trade Commission Privacy Roundtable, December 7, 2009, Washington DC.
  • Congressional Testimony, November 19, 2009, Executive Director Pam Dixon.
  • Annual ID Theft Passport Advisory Council Meeting, (I-PAC), Presentation/briefing on medical identity theft, Sacramento, Nov. 5, 2009.
  • Center for Ethics in Science and Technology, Identity theft trends and news, Reuben H. Fleet Science Center, San Diego, Nov. 4, 2009, panel.
  • New York University Law School, October 2, 2009. Panel on safe harbors and online privacy.
  • CalPSAB, September 16, 2009, Sacramento.
  • California Bar Annual Meeting, September 12, 2009, San Diego. Panel on global privacy issues.
  • NNEDV Training of Teachers, August 2009, San Francisco. Workshops.
  • CalPSAB, June 29, 2009.
  • Trans Atlantic Consumer Dialog, June 7-10 2009, Brussels, Belgium. Presentation on Cloud Computing.
  • California Western School of Law, April 2, 2009, San Diego, class lecture on health information technology and privacy.
  • Health Privacy Summit, April 2009, Los Angeles.
  • NNEDV, March 2009, San Antonio Texas.
  • CalPSAB, March 2009, Oakland, California.
  • World Congress, February 23 2009, La Costa, California.
  • Congressional Internet Caucus, Jan. 14, 2009, Washington DC.
  • More WPF events ....

 

Miscellaneous new items of note:

 

  • HIPAA Updates: Courtesy of the Health Information Privacy/Security Alert, HIPAA enforcement updates are available free of charge at the web site <http://www.melamedia.com/>.