World Privacy Forum Publishes Red Flag Rule Suggestions for Hospitals and Providers; new FTC-enforced rules go into effect Nov. 1, can apply to health care providers

WORLD PRIVACY FORUM
PRESS RELEASE
For immediate release Sept. 24, 2008

(Report) World Privacy Forum Publishes Red Flag Rule Suggestions for Hospitals and Providers; new FTC-enforced rules go into effect Nov. 1, can apply to health care providers

SAN DIEGO, Ca., Sept. 24 — The World Privacy Forum’s latest report, Red Flag and Address Discrepancy Requirements: Suggestions for Health Care Providers, discusses the applicability of the new FTC regulations to the health care sector along with suggestions for providers. The report addresses newly issued regulations by the Federal Trade Commission that require financial institutions and creditors to develop and implement written identity theft prevention programs. Health care providers – whether they are for-profit, non-profit, or governmental entities – may have obligations under the new rules.

Medical identity theft is a real concern in the health care sector, and is included expressly in the Red Flag Rules Guidelines. The possibility of medical identity theft gives rise to a duty to monitor for the potential that patients may be victims, among other duties outlined by the new regulations. The regulations take effect November 1, 2008, and will be enforced by the Federal Trade Commission.

“The Red Flag Rules are an important opportunity for the health care sector to protect consumers and patients from the impacts of medical identity theft,” said World Privacy Forum executive director Pam Dixon. “If implemented correctly, the new regulations could ease some of the problems consumers have been experiencing with the impacts of this crime.”

The World Privacy Forum published the first major report on medical identity theft and brought that crime to national attention for the first time. To read the Red Flag report visit https://www.worldprivacyforum.org. Visit the World Privacy Forum’s Medical Identity Theft page for more information, and to sign up for the latest medical ID theft news: https://www.worldprivacyforum.org/medicalidentitytheft.html.

The World Privacy Forum is a nonprofit, non-partisan 501(c)(3) public interest research group. The organization is focused on redefining privacy in a modern digital era by means of conducting in-depth research, analysis, and consumer education. The World Privacy Forum’s groundbreaking work has documented and brought national attention to critical new areas, some for the first time – including medical identity theft. Areas of focus for the World Privacy Forum include health care, technology, and the financial sector. The California-based World Privacy Forum was founded in 2003 and works both nationally and internationally. www.worldprivacyforum.org.

Posted September 24, 2008 in Health Privacy, Medical Identity Theft, News, Press, and Media, Red Flag Rule, Report Announcement, U.S. Department of Health and Human Services

New Report: Risky Analysis: Assessing and Improving AI Governance Tools

We are pleased to announce the publication of a new WPF report, “Risky Analysis: Assessing and Improving AI Governance Tools.” This report sets out a definition of AI governance tools, documents why and how these tools are critically important for trustworthy AI, and where these tools are around the world. The report also documents problems in some AI governance tools themselves, and suggests pathways to improve AI governance tools and create an evaluative environment to measure their effectiveness. AI systems should not be deployed without simultaneously evaluating the potential adverse impacts of such systems and mitigating their risks, and most of the world agrees about the need to take precautions against the threats posed. The specific tools and techniques that exist to evaluate and measure AI systems for their inclusiveness, fairness, explainability, privacy, safety and other trustworthiness issues — called in the report collectively AI governance tools – can improve such issues. While some AI governance tools provide reassurance to the public and to regulators, the tools too often lack meaningful oversight and quality assessments. Incomplete or ineffective AI governance tools can create a false sense of confidence, cause unintended problems, and generally undermine the promise of AI systems. The report contains rich background details, use cases, potential solutions to the problems discussed in the report, and a global index of AI Governance Tools.
National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.