World Privacy Forum

Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

Patient’s Guide to HIPAA: How to Use the Law to Guard your Health Privacy

prev next

Sep 16 2022

Identity ecosystems are a central aspect of global digitalization; the principle of Do No Harm must be a policy priority and commitment

Identity is a data-rich resource that acts as a key to connect all levels of emerging digital ecosystems. All forms of ID carry some risk, but digital forms of ID, or “dematerialized ID,” cuts across all sectors and links copious data about individuals, their behaviors, financial status, associates, and potentially even political and religious views. Over time, distinct patterns emerge from the linked data and create new kinds of risks for individuals and groups. As the world becomes increasingly and intensely digitalized, we can expect challenges in the identity space to grow apace unless proactive attention is given to identifying and mitigating the current and future risks.

Aug 31 2022

WPF advises Secretary’s Advisory Committee on Human Research Protection regarding its proposed AI Framework

WPF recently reviewed and provided recommendations regarding a proposed AI Framework meant to apply to medical research involving human subjects. The issue of human subject research is a critically important one. In the US, The Common Rule (45 CFR subpart A) is a key regulation that protects people from unethical medical research. As research utilizing tools such as AI and SaMD — software as a medical device — grows in use, there is an urgent need to determine the proper ethical, legal, and regulatory framework for the use of these tools in the human subject research context. For this reason, WPF was pleased to review and provide recommendations to the Secretary’s Advisory Committee on Human Research Protections, SACHRP, on its proposed AI Framework.

Aug 03 2022

WPF advises FTC regarding proposed changes to the Telemarketing Sales Rule

The World Privacy Forum provided comments to the FTC regarding its proposed substantive amendments to the Telemarketing Sales Rule (part 310), 87 FR 33677. Generally, WPF supports nearly all of the proposed changes in the Notice of Proposed Rulemaking. However, we are concerned about three specific areas: The expansion of consumer records kept by telemarketers

Jul 08 2022

HIPAA and Reproductive Health: A companion FAQ to the Patient’s Guide to HIPAA

July 2022 Download a PDF The World Privacy Forum publishes and maintains A Patient’s Guide to HIPAA, which is a plain language explanation of how to use the law to guard your health privacy. This companion FAQ on HIPAA is focused on reproductive health privacy in response to the many questions we are receiving from

Jun 10 2022

Regulatory techniques and risk-based approaches in AI and machine learning

WPF has been invited to speak before the Brazilian Senate on the topic of the challenge of regulatory models for AI and machine learning systems. WPF Executive Director Pam Dixon will be testifying as an expert in this informational session; she was a delegate in creating the OECD AI Guidelines, and she currently co-leads the

National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.
COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic

The COVID-19 pandemic strained the U.S. health ecosystem in numerous ways, including putting pressure on the HIPAA privacy and security rules. The Department of Health and Human Services adjusted the privacy and security rules for the pandemic through the use of statutory and administrative HIPAA waivers. While some of the adjustments are appropriate for the emergency circumstances, there are also some meaningful and potentially unwelcome privacy and security consequences. At an appropriate time, the use of HIPAA waivers as a response to health care emergencies needs a thorough review. This report sets out the facts, identifies the issues, and proposes a roadmap for change.

Identity ecosystems are a central aspect of global digitalization; the principle of Do No Harm must be a policy priority and commitment

WPF advises Secretary’s Advisory Committee on Human Research Protection regarding its proposed AI Framework

WPF advises FTC regarding proposed changes to the Telemarketing Sales Rule

HIPAA and Reproductive Health: A companion FAQ to the Patient’s Guide to HIPAA

Regulatory techniques and risk-based approaches in AI and machine learning

Reports

Infographics

WPF in the News