New Report: Risky Analysis: Assessing and Improving AI Governance Tools
HIPAA and Reproductive Health: A companion FAQ to the Patient’s Guide to HIPAA
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

Job Application Kiosks: Consumer Tips for Using Employment Kiosks and their Related Web sites

Do not submit your SSN or date of birth to a kiosk or a Web site that does not have a privacy policy posted prominently prior to the time this information is requested of you. If you do, you truly lose control of this information.
If you have any arrests or suspended convictions in your background, you may want to think twice about agreeing to an “instant” or “national” background check online. Some (but not all) of these national credit checks that are conducted through accessing proprietary databases online pick up and report information that should not be reported, such as suspended convictions.

First International Privacy and Security Conference (IPSC2008) in Tokyo Nov. 11-12 Brings Together World Experts to Share Solutions and Information on the Privacy and Security Impact of the World Economic Crisis, Data Leakages, New Global Data Issues, and

The conference, the first of its kind to be held in Japan, bring together the world’s leading privacy and security experts from Japan, the European Union, and the United States to discuss issues in common from a global perspective. Conference experts will share their best information, policies, practices, and ideas on how to solve the pressing privacy and security issues of today and those we willface in the future, including the impact of the economic crisis on data security and privacy.

World Privacy Forum Publishes Red Flag Rule Suggestions for Hospitals and Providers; new FTC-enforced rules go into effect Nov. 1, can apply to health care providers

SAN DIEGO, Ca., Sept. 24 — The World Privacy Forum’s latest report, Red Flag and Address Discrepancy Requirements: Suggestions for Health Care Providers, discusses the applicability of the new FTC regulations to the health care sector along with suggestions for providers. The report addresses newly issued regulations by the Federal Trade Commission that require financial institutions and creditors to develop and implement written identity theft prevention programs. Health care providers – whether they are for-profit, non-profit, or governmental entities – may have obligations under the new rules.

World Privacy Forum urges more attention to the protection of research study participants

Human Subjects Research Protection (OHRP) — The World Privacy Forum filed comments today with the Office of Human Research Protection urging the office to do more to protect the privacy of people who are subjects of research. The comments urge the OHRP to focus more attention on providing privacy-specific training for boards overseeing research, which are often weak in knowledge about the breadth of privacy issues in research. The WPF also voiced its strong support for certificates of confidentiality for research involving human subjects, stating that”nearly all research that involves identifiable health data or other personal data about individuals should have a certificate of confidentiality unless a researcher can state a substantive reason why a certificate is not appropriate for the study.” OHRP will be accepting comments until Sept. 29.