Complex Data Ecosystems

Oct 07 2022

WPF White House Briefing Outtakes on the New European Union – US Data Privacy Framework

7 October 2022 I was among a small handful of privacy experts present Thursday, 6 October at a White House briefing on the new European Union – US Data Privacy Framework, the replacement for the EU-US Privacy Shield agreement that was invalidated by the Schrems II decision in Europe. Today, 7 October, President Biden has

Oct 03 2022

WHO Health Data Collaborative Meeting: high level overview

Last week, the World Health Organization held an in-person meeting of its health data collaborative leadership, its first face-to-face meeting of this group in four years. WPF attended as a constituency co-chair. Attendees included: members of the Ministries of Health and partner representation from Kenya, Malawi, Cameroon, Botswana, and Nepal; regional institutes’ representatives from KEMRI Welcome

National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.
COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic

The COVID-19 pandemic strained the U.S. health ecosystem in numerous ways, including putting pressure on the HIPAA privacy and security rules. The Department of Health and Human Services adjusted the privacy and security rules for the pandemic through the use of statutory and administrative HIPAA waivers. While some of the adjustments are appropriate for the emergency circumstances, there are also some meaningful and potentially unwelcome privacy and security consequences. At an appropriate time, the use of HIPAA waivers as a response to health care emergencies needs a thorough review. This report sets out the facts, identifies the issues, and proposes a roadmap for change.