Thanks to David Lacey for highlighting that the Information Commissioner’s Office has just published a detailed Guide to Data Protection that is an excellent, well presented piece of work.
You know today is a pretty special day. It is exactly one month since my daughter Ivy checked-out and joined us, pappa and myself in this exciting world. Exciting because it feels today as though we have come over a challenging and most beautiful month and feel a real achievement. We are learning how Ivy likes things and Ivy is getting quite at home with the way we run things.
Other things linked to privacy have been interesting since Ivy’s birth.
1. I have during the pregnancy and afterwards needed to provide blood tests on many occasions and each time need to remember to ‘opt-out’ of them holding my blood in a blood bank somewhere. I am sure I forgot to do the opt-out once, and I need to check this. This was quite annoying.
2. In my book Virtual Shadows I said that all new-borns in Sweden provide a ‘blood-spot’ that is used in research for PKU. My experience now shows that this is the case although what I didn’t know before is that you can opt-out. This is what we did with Ivy.
3. Ivy got a personal ID number assigned which arosed a conflict of emotions both as a parent and privacy avocate. As a parent a sense of pride that my Ivy really existed as a Swedish citizen in the system, as a privacy avocate.. well no explanation needed there.
4. We bought a ‘child-alarm’ as we live in a big house and we could chose between audio or audio/video. I am dismayed that I chose the latter option. My need for Ivy’s safety in the case of Ivy seems to have overriden her need for privacy. Having said that the video stores nothing, and in practice I think it was a waste of money, we normally hear her crying before the video switches itself on anyhow triggered by the noise. I still think an audio version is a good choice. The video just gives a false sense of security.
5. Sweden has centralised their health records a little like what the U.K. has been trying to do against massive public resistance. I am in principle against this, but it does have its benefits so long as you trust the data holding authorities. The benefits became apparent when access to my medical records were needed urgently when I became very ill (that led to an early arrival for my daughter :-)). Again I am faced with the conflict of my safety vs. the right for privacy, and the need to trust those holding my private information. I have no choice but to trust the Swedish authorities, but I am not sure I would trust the British authorities centralisation efforts. Here we are looking at consolidation of 64m (living) health records not just 9 million as in Sweden. Even if you did trust the British authorities to have the right intentions, in practice if the business processes are not working today, how can technologies applied to flawed business processes be expected to protect the confidentality and integrity of your personal data?
The question is how anonymous is your data once stripped of ‘personal identifying information’ (PII) when used by data aggregation companies for analysis. PII can include name, postcode, etc. I made a couple of blog posts in 2008 concerning this. According to a study led by the Children’s Hospital of Eastern Ontario, previously anonymised data were able to be correlated again from patient prescription records rending the anonymising process ineffective and a threat to patient privacy.
Interesting report from the Privacy Advisor (The International Association of Privacy Professionals), should we have an expectation of privacy?
The National Institutes of Health (NIH) has awarded $538,595 to the Center for Applied Cybersecurity Research to support a two-year project titled “Protecting Privacy in Health Research.”
The group specifically intends to address the Health Insurance Portability and Accountability Act’s (HIPAA) “Privacy Rule,” which they contend falls short of adequately protecting privacy, yet impedes medical research by placing unreasonable burdens upon life scientists. Full article here.
Another article that I’ve had published in 2009, although this one is available to all online. Name of the article is Get to know your plumbing: Protecting your organisation from leaking soft information. Enjoy 🙂
Facebook has agreed to let third party advertisers use your posted pictures without your permission. To prevent this intrusion:
1. Click on “Settings” up at the top where you see the “Logout” link.
2. Select “Privacy”.
3. Then select “News Feed and Wall”.
4. Next, select the tab that reads “Facebook Ads”. In the drop down box, select “No One”.
5. Then save your changes.