World Privacy Forum

New Report: Risky Analysis: Assessing and Improving AI Governance Tools

HIPAA and Reproductive Health: A companion FAQ to the Patient’s Guide to HIPAA

Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

prev next

Feb 15 2019

ED Pam Dixon named as Top 100 Influencer in Identity

WPF Executive Director Pam Dixon was named as a Top 100 Influencer in Identity by One World Identity. OWI describes the list as including the “Top 100 people to know in 2019: pioneers who are leading the charge to improve identity….

Feb 04 2019

Digital Identity Ecosystems

Identity is a data-rich key that acts to unlock all levels of the emerging digital ecosystem. All forms of ID carry some risk, but digital forms of ID, or “dematerialized ID,” cuts across all sectors and generates particularly copious data about people, their behaviors, financial status, associates, and potentially even political and religious views. Over time, distinct patterns emerge from the data and have in the past created new kinds of risks for individuals and groups…..

Jan 28 2019

WPF responds to HHS and urges it to keep privacy protections in HIPAA strong

WPF has written to the US Department of Health and Human Services advising them on their Request for Information (RFI) about possible changes to HIPAA privacy and security protections. The RFI has a number of suggestions that, should they become part of a formal proposal, would significantly weaken HIPAA privacy protections.

Jan 22 2019

2019 updates to Interactive Medical Data Breach Map

We have updated our medical data breach map to bring it current to January 2019. This interactive map displays the location of each medical data breach recorded at the US Department of Health and Human Services from 2009-2018. To get the most from the map, you can view breaches by year, by region, and in a simple text list.

Jan 03 2019

Health Industry Cybersecurity Practices: New consensus practices and tools from HHS

The US Department of Health and Human Services (HHS) has produced a set of cybersecurity resources for healthcare provider organizations from small to large. So far, HHS has published four documents: an overview report of cybersecurity issues and practices, two technical volumes, and a toolkit. The documents focus on what an expert multistakeholder consensus group determined to be the five most prevalent cybersecurity threats and the ten core cybersecurity practices. The practices are voluntary, and utilize the NIST cybersecurity framework. The documentation is based in reality, not conjecture, and the documents are not intended to sell any particular products for any particular vendor. This has allowed for a rich and helpful documentation of current challenges along with solutions. See our overview of the four new resources.

New Report: Risky Analysis: Assessing and Improving AI Governance Tools

We are pleased to announce the publication of a new WPF report, “Risky Analysis: Assessing and Improving AI Governance Tools.” This report sets out a definition of AI governance tools, documents why and how these tools are critically important for trustworthy AI, and where these tools are around the world. The report also documents problems in some AI governance tools themselves, and suggests pathways to improve AI governance tools and create an evaluative environment to measure their effectiveness. AI systems should not be deployed without simultaneously evaluating the potential adverse impacts of such systems and mitigating their risks, and most of the world agrees about the need to take precautions against the threats posed. The specific tools and techniques that exist to evaluate and measure AI systems for their inclusiveness, fairness, explainability, privacy, safety and other trustworthiness issues — called in the report collectively AI governance tools – can improve such issues. While some AI governance tools provide reassurance to the public and to regulators, the tools too often lack meaningful oversight and quality assessments. Incomplete or ineffective AI governance tools can create a false sense of confidence, cause unintended problems, and generally undermine the promise of AI systems. The report contains rich background details, use cases, potential solutions to the problems discussed in the report, and a global index of AI Governance Tools.
National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.

ED Pam Dixon named as Top 100 Influencer in Identity

Digital Identity Ecosystems

WPF responds to HHS and urges it to keep privacy protections in HIPAA strong

2019 updates to Interactive Medical Data Breach Map

Health Industry Cybersecurity Practices: New consensus practices and tools from HHS

Reports

Infographics

WPF in the News