Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974
Patient’s Guide to HIPAA: How to Use the Law to Guard your Health Privacy

WHO Health Data Collaborative Meeting: high level overview

Last week, the World Health Organization held an in-person meeting of its health data collaborative leadership, its first face-to-face meeting of this group in four years. WPF attended as a constituency co-chair. Attendees included: members of the Ministries of Health and partner representation from Kenya, Malawi, Cameroon, Botswana, and Nepal; regional institutes’ representatives from KEMRI Welcome

How New Procedural Controls Using the Privacy Act of 1974 Can Improve the Protections of Reproductive Health Information Held by Federal Agencies

September 2022 By Robert Gellman and Pam Dixon Download this Report Executive Summary This report suggests specific procedural and substantive ways that the Executive Branch can revise implementation of the Privacy Act of 1974 to restrict and more carefully administer some disclosures of reproductive health information by federal agencies to federal, state, and local law

Identity ecosystems are a central aspect of global digitalization; the principle of Do No Harm must be a policy priority and commitment

Identity is a data-rich resource that acts as a key to connect all levels of emerging digital ecosystems. All forms of ID carry some risk, but digital forms of ID, or “dematerialized ID,” cuts across all sectors and links copious data about individuals, their behaviors, financial status, associates, and potentially even political and religious views. Over time, distinct patterns emerge from the linked data and create new kinds of risks for individuals and groups. As the world becomes increasingly and intensely digitalized, we can expect challenges in the identity space to grow apace unless proactive attention is given to identifying and mitigating the current and future risks.

WPF advises Secretary’s Advisory Committee on Human Research Protection regarding its proposed AI Framework

WPF recently reviewed and provided recommendations regarding a proposed AI Framework meant to apply to medical research involving human subjects. The issue of human subject research is a critically important one. In the US, The Common Rule (45 CFR subpart A) is a key regulation that protects people from unethical medical research. As research utilizing tools such as AI and SaMD — software as a medical device — grows in use, there is an urgent need to determine the proper ethical, legal, and regulatory framework for the use of these tools in the human subject research context. For this reason, WPF was pleased to review and provide recommendations to the Secretary’s Advisory Committee on Human Research Protections, SACHRP, on its proposed AI Framework.

WPF advises FTC regarding proposed changes to the Telemarketing Sales Rule

The World Privacy Forum provided comments to the FTC regarding its proposed substantive amendments to the Telemarketing Sales Rule (part 310), 87 FR 33677. Generally, WPF supports nearly all of the proposed changes in the Notice of Proposed Rulemaking. However, we are concerned about three specific areas: The expansion of consumer records kept by telemarketers