HIPAA

Oct 02 2015

WPF files comments on new FERPA student health privacy guidance

The World Privacy Forum filed comments to the US Department of Education regarding its student health privacy guidance published August 18, 2015. The World Privacy Forum supports the DoE guidance, which clarifies how universities and colleges are to handle sensitive student medical records in cases of non-medical litigation. The guidance notes that educational institutions should

Feb 12 2015

Student Privacy 101: Health Privacy in Schools –What law applies?

Schools increasingly provide students with more health services. Health clinics, counselors on site, administration of drugs, and vaccinations are among the types of healthcare offered on school campuses ranging from kindergarten through graduate school. Given that schools may have sensitive health information, what law covers health record privacy for school records? The answer is important. It is also messy, because two laws can apply to this information. In some cases, no privacy law applies to the health records.

Oct 14 2014

WPF Universal Periodic Review Comments — The Right to Health Privacy: Human Rights and the Surveillance and Interception of Medical and Health Records by Security Agencies

The World Privacy Forum provided an intervention for the Civil Society Consultation on the Universal Periodic Review of the United States recommending that health information should only be disclosed for national security purposes pursuant to a judicial warrant, and that there must be procedures under which record keepers can challenge national security demands for health

Aug 28 2014

Video: Correcting and amending medical records in an HIE

HIE stands for “Health Information Exchange.” We encourage all patients to request a copy of their medical records and check for errors, whether on paper or digital. If you have received a copy of your medical record from your doctor and you find mistakes or errors, it is a good idea to correct those files as soon as possible with that health care provider. It’s also important to see if incorrect information has been circulated into a Health Information Exchange, and get it corrected there as well. See more ….

Jan 30 2014

WPF Report — Paying out of Pocket to Protect Health Privacy: A New but Complicated HIPAA Option; A Report on the HIPAA Right to Restrict Disclosure

This Jan. 30, 2014 report discusses a new right to restrict disclosure of health information under the updated HIPAA health privacy rule. The new provision called “Pay Out of Pocket,” also called the “Right to Restrict Disclosure” gives patients the right to request that their health care provider not report or disclose their information to their health plans when they pay for medical services in full. Navigating the new right will take effort and planning for patients to utilize effectively. This substance of this report is about the new patient right to restrict disclosure, and how patients can use it to protect health privacy.

New Report: Risky Analysis: Assessing and Improving AI Governance Tools

We are pleased to announce the publication of a new WPF report, “Risky Analysis: Assessing and Improving AI Governance Tools.” This report sets out a definition of AI governance tools, documents why and how these tools are critically important for trustworthy AI, and where these tools are around the world. The report also documents problems in some AI governance tools themselves, and suggests pathways to improve AI governance tools and create an evaluative environment to measure their effectiveness. AI systems should not be deployed without simultaneously evaluating the potential adverse impacts of such systems and mitigating their risks, and most of the world agrees about the need to take precautions against the threats posed. The specific tools and techniques that exist to evaluate and measure AI systems for their inclusiveness, fairness, explainability, privacy, safety and other trustworthiness issues — called in the report collectively AI governance tools – can improve such issues. While some AI governance tools provide reassurance to the public and to regulators, the tools too often lack meaningful oversight and quality assessments. Incomplete or ineffective AI governance tools can create a false sense of confidence, cause unintended problems, and generally undermine the promise of AI systems. The report contains rich background details, use cases, potential solutions to the problems discussed in the report, and a global index of AI Governance Tools.
National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.