WPF to testify before NCVHS on emerging privacy concerns in health privacy — Beyond Digitization: Artificial Intelligence, APIs, and health privacy

WPF Executive Director Pam Dixon will testify before the full committee of the National Committee on Vital and Health Statistics (NCVHS) regarding emerging privacy concerns in the healthcare environment, including the role of artificial intelligence, patient authorizations, and automated access to patient health information.

The NCVHS is the statutory [42 U.S.C. 242k(k)] public advisory body to the Secretary of Health and Human Services (HHS) for health data, statistics, privacy, and national health information policy and HIPAA. The Committee advises the HHS Secretary and reports regularly to Congress on HIPAA implementation.

WPF has a long history of work in health privacy. In ED Pam Dixon’s first testimony before NCVHS in 2005, when asked to testify about risks in electronic health care systems, she discovered the issue of medical identity theft, coined the term, and subsequent to her NCVHS testimony, wrote the first known report about the crime of medical identity theft and its consequences to patients. Following the publication of the WPF medical identity theft report, in which WPF recommended medical data breach notifications to patients, California passed a medical data breach law based on the report recommendation. A few years later, HIPAA was updated to include medical data breach notification.

The 2019 NCVHS testimony will take place Wednesday, Nov. 13 before the full committee as well as the Office of the National Coordinator of HHS.

Relevant Documents and Meeting Information:

NCVHS Meeting details:
https://ncvhs.hhs.gov/meetings/full-committee-meeting-2/
WPF 2005 NCVHS testimony https://www.worldprivacyforum.org/2005/08/public-comments-testimony-before-the-national-committee-on-vital-and-health-statistics-ncvhs-subcommittee-on-privacy-and-confidentiality/
Patient’s Guide to HIPAA (updated 2019) https://www.worldprivacyforum.org/2019/03/hipaa/
WPF Medical ID theft reports:
- Medical Identity Theft (2006) https://www.worldprivacyforum.org/2006/05/report-medical-identity-theft-the-information-crime-that-can-kill-you/
- The Geography of Medical Identity Theft (2017) https://www.worldprivacyforum.org/2017/12/new-report-the-geography-of-medical-identity-theft/
WPF work on AI: WPF served as a delegate to the OECD AI Expert Group, and assisted in writing and finalizing the OECD Principles on AI, which were ratified as soft law in 2019 by OECD member countries. http://www.oecd.org/going-digital/ai/principles/

Posted November 12, 2019 in AI, Data Breach, Electronic Health Records, Health Privacy, Health Records, HIPAA, Human Subject Research Protection, Identity, Machine Learning, Medical Identity Theft, National Committee on Vital and Health Statistics (NCVHS)

New Report: Risky Analysis: Assessing and Improving AI Governance Tools

We are pleased to announce the publication of a new WPF report, “Risky Analysis: Assessing and Improving AI Governance Tools.” This report sets out a definition of AI governance tools, documents why and how these tools are critically important for trustworthy AI, and where these tools are around the world. The report also documents problems in some AI governance tools themselves, and suggests pathways to improve AI governance tools and create an evaluative environment to measure their effectiveness. AI systems should not be deployed without simultaneously evaluating the potential adverse impacts of such systems and mitigating their risks, and most of the world agrees about the need to take precautions against the threats posed. The specific tools and techniques that exist to evaluate and measure AI systems for their inclusiveness, fairness, explainability, privacy, safety and other trustworthiness issues — called in the report collectively AI governance tools – can improve such issues. While some AI governance tools provide reassurance to the public and to regulators, the tools too often lack meaningful oversight and quality assessments. Incomplete or ineffective AI governance tools can create a false sense of confidence, cause unintended problems, and generally undermine the promise of AI systems. The report contains rich background details, use cases, potential solutions to the problems discussed in the report, and a global index of AI Governance Tools.
National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.

WPF to testify before NCVHS on emerging privacy concerns in health privacy — Beyond Digitization: Artificial Intelligence, APIs, and health privacy

Relevant Documents and Meeting Information:

NCVHS Meeting details:

https://ncvhs.hhs.gov/meetings/full-committee-meeting-2/

WPF 2005 NCVHS testimony https://www.worldprivacyforum.org/2005/08/public-comments-testimony-before-the-national-committee-on-vital-and-health-statistics-ncvhs-subcommittee-on-privacy-and-confidentiality/

Patient’s Guide to HIPAA (updated 2019) https://www.worldprivacyforum.org/2019/03/hipaa/

WPF Medical ID theft reports:

Medical Identity Theft (2006) https://www.worldprivacyforum.org/2006/05/report-medical-identity-theft-the-information-crime-that-can-kill-you/

The Geography of Medical Identity Theft (2017) https://www.worldprivacyforum.org/2017/12/new-report-the-geography-of-medical-identity-theft/

WPF work on AI: WPF served as a delegate to the OECD AI Expert Group, and assisted in writing and finalizing the OECD Principles on AI, which were ratified as soft law in 2019 by OECD member countries. http://www.oecd.org/going-digital/ai/principles/