Internet of things and data governance
•Download as PPTX, PDF•
2 likes•362 views
"internet of things" are collecting data on consumer behavior but consumers have no informed consent, no standard rules to expect, and usually no options over the licensing protocols. Borrowing from standards intellectual property agreements, we can establish norms -- "rules of engagement" -- that give consumers more control over the data they are creating. At a minimum, these should include control over who has acces rights, terms for holding and use of data, and level of identification. Examples are provided.
Report
Share
Report
Share
Recommended
Constraintsand challenges
This document discusses health-related data, including types of data, legal constraints around sharing data, and best practices for managing data. It covers:
1) Different types of health data like medical records, generated data, and acquired data. It also defines personal, identifying, and anonymized data.
2) Legal requirements for sharing data, including various acts and regulations around privacy, confidentiality, and individuals' rights to their data.
3) Best practices for managing data sharing and security, including obtaining consent, implementing access agreements, having governance committees, and separating identifiable from non-identifiable data.
Margaret Foster Riley, "Big Data, HIPAA, and the Common Rule: Time for Big Ch...
Margaret Foster Riley, "Big Data, HIPAA, and the Common Rule: Time for Big Ch...The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics
Part of the "2016 Annual Conference: Big Data, Health Law, and Bioethics" held at Harvard Law School on May 6, 2016.
This conference aimed to: (1) identify the various ways in which law and ethics intersect with the use of big data in health care and health research, particularly in the United States; (2) understand the way U.S. law (and potentially other legal systems) currently promotes or stands as an obstacle to these potential uses; (3) determine what might be learned from the legal and ethical treatment of uses of big data in other sectors and countries; and (4) examine potential solutions (industry best practices, common law, legislative, executive, domestic and international) for better use of big data in health care and health research in the U.S.
The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School 2016 annual conference was organized in collaboration with the Berkman Center for Internet & Society at Harvard University and the Health Ethics and Policy Lab, University of Zurich.
Learn more at http://petrieflom.law.harvard.edu/events/details/2016-annual-conference.Liza Dawson, "The Common Rule and Research with Data, Big and Small"
Liza Dawson, "The Common Rule and Research with Data, Big and Small"The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics
Part of the "2016 Annual Conference: Big Data, Health Law, and Bioethics" held at Harvard Law School on May 6, 2016.
This conference aimed to: (1) identify the various ways in which law and ethics intersect with the use of big data in health care and health research, particularly in the United States; (2) understand the way U.S. law (and potentially other legal systems) currently promotes or stands as an obstacle to these potential uses; (3) determine what might be learned from the legal and ethical treatment of uses of big data in other sectors and countries; and (4) examine potential solutions (industry best practices, common law, legislative, executive, domestic and international) for better use of big data in health care and health research in the U.S.
The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School 2016 annual conference was organized in collaboration with the Berkman Center for Internet & Society at Harvard University and the Health Ethics and Policy Lab, University of Zurich.
Learn more at http://petrieflom.law.harvard.edu/events/details/2016-annual-conference.POPH: Archival Research and Data Protection: Why are some archives closed? - ...
*SHARED WITH PRESENTER'S CONSENT.*
Adrienne Muir and Charles Oppenheim's presentation at the Privacy, Open Data and the Humanities Workshop, sponsored by Loughborough University’s Digital Humanities Research Group in the School of Arts, English and Drama.
Abstract:
Why do archives sometimes restrict access to archival material containing personal data? “Personal data” relates to living identified or identifiable individuals. Data protection law provides exemptions for certain uses of personal data.
One such exemption is for research purposes, allowing personal data to be recorded and subsequently be made available to third parties subject to certain conditions. The General Data Protection Regulation lays down rules for processing (i.e., storing, manipulating, or disseminating) for archiving purposes in the public interest or for research. Importantly, derogations from some user rights (such as the right to object to processing) are allowed, if such user rights are likely to render impossible or seriously impair the research. If archivists place restrictions on access to archived materials under their control, it is important to understand whether this is for data protection, or other reasons. The National Archives Code of Practice on data protection states that archives should try to assist researchers wanting to access personal data in their archive. If archival materials contain data solely relating to deceased individuals, neither data protection nor defamation laws apply. Is the purpose of blanket archival access policies, such as the application of a 100-year rule for archival records relating to individuals, purely for compliance with data protection law? If there are other reasons, this should be made clear by the archive.
So why are some archives kept dark? Arguably, the anonymised results of statistical analysis pose no threat to individuals if there is no possibility of combining the results with other data to re-identify them. Should there be restrictions on access to archived materials for this type of research? Does data protection law prevent research about living identifiable individuals and should it? If not, are access restrictions imposed for other legal, ethical or practical reasons?
Standards of dental informatics, security issues
The document discusses standards, security, privacy, and costs related to dental informatics. It notes that standards promote consistent naming, allow better use of data, and enhance system integration. Benefits include interoperability, while limitations can include stifling innovation. Security issues include ownership of information, informed consent, and conflicts between privacy and business interests. Costs of informatics include health IT costs and return on investment, with payback periods averaging 2.5 years when systems are fully used and have supportive cultures.
Healthcare Privacy
This document discusses several data breaches that have exposed the personal information of millions of individuals. It also discusses how over 12 million Americans have shared their DNA data with companies like 23andMe and AncestryDNA. While this can help medical research, it also raises privacy concerns about potential genetic discrimination and challenges with informed consent. The document provides recommendations for patients, practitioners, and stakeholders to help address these privacy challenges through practices like informing patients, limiting data use, ensuring accountability, and identifying risks.
Healthcare Privacy
Modern Privacy
Call for action for stakeholders to ensure privacy in healthcare solutions
Presented during the Modern Privacy Symposium at Bentley University in Boston on June 10th, 2019
Wayne richard - pia risk management - atlseccon2011
This document provides an overview of privacy impact assessments (PIAs). It defines a PIA as an analysis of how information is handled to ensure legal and policy compliance and evaluate privacy risks. The document outlines when PIAs are required, their typical anatomy, and how they fit into the project life cycle. A PIA assesses the collection, use, disclosure and security of personal information and makes recommendations to address any risks to privacy compliance.
Recommended
Constraintsand challenges
This document discusses health-related data, including types of data, legal constraints around sharing data, and best practices for managing data. It covers:
1) Different types of health data like medical records, generated data, and acquired data. It also defines personal, identifying, and anonymized data.
2) Legal requirements for sharing data, including various acts and regulations around privacy, confidentiality, and individuals' rights to their data.
3) Best practices for managing data sharing and security, including obtaining consent, implementing access agreements, having governance committees, and separating identifiable from non-identifiable data.
Margaret Foster Riley, "Big Data, HIPAA, and the Common Rule: Time for Big Ch...
Margaret Foster Riley, "Big Data, HIPAA, and the Common Rule: Time for Big Ch...The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics
Part of the "2016 Annual Conference: Big Data, Health Law, and Bioethics" held at Harvard Law School on May 6, 2016.
This conference aimed to: (1) identify the various ways in which law and ethics intersect with the use of big data in health care and health research, particularly in the United States; (2) understand the way U.S. law (and potentially other legal systems) currently promotes or stands as an obstacle to these potential uses; (3) determine what might be learned from the legal and ethical treatment of uses of big data in other sectors and countries; and (4) examine potential solutions (industry best practices, common law, legislative, executive, domestic and international) for better use of big data in health care and health research in the U.S.
The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School 2016 annual conference was organized in collaboration with the Berkman Center for Internet & Society at Harvard University and the Health Ethics and Policy Lab, University of Zurich.
Learn more at http://petrieflom.law.harvard.edu/events/details/2016-annual-conference.Liza Dawson, "The Common Rule and Research with Data, Big and Small"
Liza Dawson, "The Common Rule and Research with Data, Big and Small"The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics
Part of the "2016 Annual Conference: Big Data, Health Law, and Bioethics" held at Harvard Law School on May 6, 2016.
This conference aimed to: (1) identify the various ways in which law and ethics intersect with the use of big data in health care and health research, particularly in the United States; (2) understand the way U.S. law (and potentially other legal systems) currently promotes or stands as an obstacle to these potential uses; (3) determine what might be learned from the legal and ethical treatment of uses of big data in other sectors and countries; and (4) examine potential solutions (industry best practices, common law, legislative, executive, domestic and international) for better use of big data in health care and health research in the U.S.
The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School 2016 annual conference was organized in collaboration with the Berkman Center for Internet & Society at Harvard University and the Health Ethics and Policy Lab, University of Zurich.
Learn more at http://petrieflom.law.harvard.edu/events/details/2016-annual-conference.POPH: Archival Research and Data Protection: Why are some archives closed? - ...
*SHARED WITH PRESENTER'S CONSENT.*
Adrienne Muir and Charles Oppenheim's presentation at the Privacy, Open Data and the Humanities Workshop, sponsored by Loughborough University’s Digital Humanities Research Group in the School of Arts, English and Drama.
Abstract:
Why do archives sometimes restrict access to archival material containing personal data? “Personal data” relates to living identified or identifiable individuals. Data protection law provides exemptions for certain uses of personal data.
One such exemption is for research purposes, allowing personal data to be recorded and subsequently be made available to third parties subject to certain conditions. The General Data Protection Regulation lays down rules for processing (i.e., storing, manipulating, or disseminating) for archiving purposes in the public interest or for research. Importantly, derogations from some user rights (such as the right to object to processing) are allowed, if such user rights are likely to render impossible or seriously impair the research. If archivists place restrictions on access to archived materials under their control, it is important to understand whether this is for data protection, or other reasons. The National Archives Code of Practice on data protection states that archives should try to assist researchers wanting to access personal data in their archive. If archival materials contain data solely relating to deceased individuals, neither data protection nor defamation laws apply. Is the purpose of blanket archival access policies, such as the application of a 100-year rule for archival records relating to individuals, purely for compliance with data protection law? If there are other reasons, this should be made clear by the archive.
So why are some archives kept dark? Arguably, the anonymised results of statistical analysis pose no threat to individuals if there is no possibility of combining the results with other data to re-identify them. Should there be restrictions on access to archived materials for this type of research? Does data protection law prevent research about living identifiable individuals and should it? If not, are access restrictions imposed for other legal, ethical or practical reasons?
Standards of dental informatics, security issues
The document discusses standards, security, privacy, and costs related to dental informatics. It notes that standards promote consistent naming, allow better use of data, and enhance system integration. Benefits include interoperability, while limitations can include stifling innovation. Security issues include ownership of information, informed consent, and conflicts between privacy and business interests. Costs of informatics include health IT costs and return on investment, with payback periods averaging 2.5 years when systems are fully used and have supportive cultures.
Healthcare Privacy
This document discusses several data breaches that have exposed the personal information of millions of individuals. It also discusses how over 12 million Americans have shared their DNA data with companies like 23andMe and AncestryDNA. While this can help medical research, it also raises privacy concerns about potential genetic discrimination and challenges with informed consent. The document provides recommendations for patients, practitioners, and stakeholders to help address these privacy challenges through practices like informing patients, limiting data use, ensuring accountability, and identifying risks.
Healthcare Privacy
Modern Privacy
Call for action for stakeholders to ensure privacy in healthcare solutions
Presented during the Modern Privacy Symposium at Bentley University in Boston on June 10th, 2019
Wayne richard - pia risk management - atlseccon2011
This document provides an overview of privacy impact assessments (PIAs). It defines a PIA as an analysis of how information is handled to ensure legal and policy compliance and evaluate privacy risks. The document outlines when PIAs are required, their typical anatomy, and how they fit into the project life cycle. A PIA assesses the collection, use, disclosure and security of personal information and makes recommendations to address any risks to privacy compliance.
Legal challenges of big data
“Big Data is a term that describes large volumes of high velocity, complex, and variable data that requires advanced techniques and technologies to enable the capture, storage, distribution, management, and analysis of the information.” - TechAmerican Foundation.
Key Legal Concerns:
-Data privacy and security
-Compliance issues
-Service levels
-Reliability and other warranties
-Indemnification and Limitations of Liability
week 7.pptx
This document outlines the course roadmap for a data analytics course. It includes 12 topics covered over 15 weeks, with flexibility weeks built in. The topics include data exploration and visualization, predictive analytics, research design and experimentation, and data communication. Workshops are included to provide hands-on learning opportunities. The learning objectives focus on key principles of data ethics like ethical decision making, technical approaches to prevent issues, and risk management for data ethics.
Sharing Confidential Data in ICPSR
Prof George Alter, UMich, ICPSR, presenting at the Managing and publishing sensitive data in the Social Sciences webinar on 29/3/17.
FULL webinar recording: https://youtu.be/7wxfeHNfKiQ
Webinar description:
2) Prof George Alter, (Research Professor, ICPSR and Visiting Professor, ANU) George will share the benefit of over 50 years of experience in managing sensitive social science data in the ICPSR: https://www.icpsr.umich.edu/icpsrweb/
More about ICPSR: -- ICPSR (USA) maintains a data archive of more than 250,000 files of research in the social and behavioral sciences. It hosts 21 specialized collections of data in education, aging, criminal justice, substance abuse, terrorism, and other fields. -- ICPSR collaborates with a number of funders, including U.S. statistical agencies and foundations, to create thematic collections: see https://www.icpsr.umich.edu/icpsrweb/content/about/thematic-collections.html
EU Medical Device Clinical Research under the General Data Protection Regulation
Presentation about medical devices patient data management under the EU General Data Protection Regulation at the Medical Device Clinical Research Conference in November 2015
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...
This document summarizes a presentation on using data analytics for compliance, due diligence, and investigations. The presentation features four speakers: Raul Saccani of Deloitte, Dave Stewart of SAS Institute, John Walsh of SightSpan, and John Walsh of SAS Institute. It discusses challenges related to big data including volume, variety, and velocity of data. It provides examples of how financial institutions have used analytics for anti-money laundering model tuning and illicit network analysis. It also outlines the analytics lifecycle and considerations for adopting a proactive analytics strategy.
Privacy In The Digital Age
Computers and the Internet-Of-Things generate data about our every move, passing thought or feeling. There is also a comprehensive set of data on our life’s context: our whereabouts, connections, physiological state, patterns of movement, and deeply ingrained subconscious behaviors. While that information may not be immediately visible or easy to learn from, it is created, collected and saved. Over time, the pile of data grows. The processing technologies become more sophisticated and powerful. No data is ever “forgotten”. In this session we will look at data that’s currently collected by popular services, the implications of cross-processing streams of data from different sources, and the power of metadata. There are no more secrets. Based on “Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World” by Bruce Schneier.
Confidentiality Privacy and Security.ppt
This presentation talks about the confidentiality privacy and security. What are the difference between confidentiality, privacy and security.
Confidential data management_key_concepts
This document provides an overview of key concepts in confidential data management. It discusses how easily identifiable private information can be from data like birthdate and zipcode. It covers concepts like privacy, confidentiality, identifiability and sensitivity. It also discusses legal constraints around data sharing and anonymization. The document outlines techniques for reducing risk in data collection, storage, partitioning and dissemination while maintaining data utility, such as suppressing direct identifiers and adding noise.
Privacy and Data Security: Risk Management and Avoidance
The document discusses data security breach risk management and response planning. It provides statistics on data breaches in 2012, the average costs of breaches, and common types of breaches. It also discusses why a response plan is needed, what constitutes a data security breach under various state laws, and outlines steps to take in responding to a breach, including investigating the incident, understanding notification laws, notifying affected parties, answering inquiries, issuing press releases, and offering assistance.
Legal challenges for big data companies
The document discusses several key legal concerns for big data companies, including data privacy and security, compliance issues, service levels and warranties, and indemnification. It notes that big data involves large volumes of complex and variable data from sources like tweets, trade events, and video feeds. Ensuring proper data handling and security is crucial, as is clearly defining responsibilities and liability between data companies and their customers.
Data Protection: We\'re In This Together
The document discusses protecting personally identifiable information (PII) in accordance with new data protection regulations. It outlines the types of data that are at risk, how data can be exposed through accidents or attacks, and steps individuals and departments should take. These include minimizing collection of sensitive data, securely destroying data, using strong passwords, and talking to IT about tools and processes for securing data.
Surveillance and security.pptx
This document discusses the ethics of surveillance and security. It covers various ethical approaches, security concepts, types of surveillance, hacking techniques, legal frameworks, privacy concepts, stakeholders, social factors, and ethical dilemmas related to information security and privacy. Key topics include utilitarianism, deontology, virtue ethics, rights-based ethics, social contract theory, encryption, firewalls, intrusion detection, authentication, CCTV, data mining, internet monitoring, wiretapping, facial recognition, penetration testing, social engineering, phishing, vulnerability assessments, GDPR, CFAA, FISMA, the right to be forgotten, consent decrees, anonymity, data minimization, opt-in vs opt-out, information lifec
Gdpr for business full
This document provides an overview of key aspects of the General Data Protection Regulation (GDPR) for businesses:
1) It outlines the six principles of GDPR for processing personal data, including lawfulness, transparency, purpose limitation, data minimization, accuracy, and storage limitation.
2) It explains that GDPR applies to any organization that processes personal data of EU individuals, including data controllers and processors.
3) It defines personal data and sensitive personal data, and outlines the legal bases for processing each type of data, including consent, contractual obligations, and legitimate interests.
4) It provides guidance on complying with GDPR requirements such as conducting a data inventory, managing consent and privacy notices,
BMS _ 1. Biometrics and privacy.ppt
The document discusses biometrics and privacy. It notes that biometric measures themselves do not contain personal information, and some measures like fingerprints cannot be used to identify a person without an existing database. It also states that biometric measures are not generally useful for linking records or tracking movements in the way credit cards and phone numbers can be. While some limited government databases of biometrics exist, there are no large public databases that could be used to look up a person's identity from their biometrics.
DAMA Webinar: The Data Governance of Personal (PII) Data
To do effective data governance, analysts should preview the amount of data their organization is collecting and consider if it is all necessary information to run the business or just “nice to have” data. Today companies are collecting a variety of Personally identifiable information (PII), combining it with location information, and using it to both personalize their own services and to sell to advertisers for behavioral marketing. Data brokers are tracking cell phone applications and insurance companies are installing devices to monitor driving habits. At the same time, however, hackers are embedding malicious software in company computers, opening a virtual door for criminals to rifle through an organization’s valuable personal and financial information.
This presentation explores:
•What company data should be tagged as “sensitive” data?
•Who within the company has access to personal data?
•Is the company breaking any privacy laws by storing PII data?
•Is the data secure from both internal and external hackers?
•What happens if there is an external data breech?
Respect Thy Data: The Gospel
Speakers: Sheila Colclasure, Global Privacy and Public Policy Executive, Acxiom
The Digital Health Summit, produced by Living in Digital Times, convenes one of the broadest spectrum of health care and technology audiences in the world. The Summit features innovations and advancements in genomics, diagnostics, wearables, telehealth and more in the mobile health market which is expected to reach $26 billion by 2017. This is a must see event each year that takes place at the International Consumer Electronics Show (CES) in Las Vegas.
Website: Http://www.digitalhealthsummit.com
Twitter: http://www.twitter.com/dhsummit
Hashtags: #digitalhealthces #ces2016
Photos: https://www.flickr.com/digitalhealthsummit
Ethical & Legal Issues for Health IT in Thailand's Context
The document discusses several ethical and legal issues related to health information technology in Thailand. It outlines why these issues are important, including risks to patient outcomes and privacy. Key principles that guide ethics in health IT are discussed, such as non-maleficence, beneficence, justice, and respect for autonomy. The appropriate use of health IT and obligations of practitioners and developers are also covered. The document then examines privacy, security, and relevant laws including those related to HIPAA in the US and privacy in Thailand.
PERSONALISED PRICING – DE STREEL – November 2018 OECD discussion
PERSONALISED PRICING – DE STREEL – November 2018 OECD discussionOECD Directorate for Financial and Enterprise Affairs
This presentation by Alexandre DE STREEL, Professor of EU Law at UNamur, was made during the discussion “Personalised Pricing in the Digital Era” held at the Joint meeting between the Competition Committee and the Committee on Consumer Policy on 28 November 2018. More papers and presentations on the topic can be found out at oe.cd/ppd.Privacy-Enhanced Personalization
This document discusses privacy-enhanced personalization by balancing user privacy and personalized experiences online. It summarizes research showing that contextual explanations of privacy practices and personalization benefits lead users to disclose more information and have more positive perceptions of websites. While privacy-enhancing technologies can help, interaction design is also important. User trust, understanding, and control play a key role in finding the right balance between privacy and personalization. More research is still needed on factors like website reputation and the visibility of privacy information.
Universal Unique Patient Information Identifier UUPII
While there is merit to both sides of the privacy argument there is no longer any argument that could withstand scrutiny against a universal way to identify individuals longitudinal health information and to make that data available both in a de-identified fashion for global population health management efforts and an identified fashion for routine and emergent health services. This academic work will make arguments for the Universal Unique Patient Information Identifier UUPII from technology integration, financial implications, patient safety and legal perspectives supporting a combination of techniques that will provide scalability and flexibility that other national systems such as the Social Security Number could achieve. The bulk of the arguments will focus on the Risk, Compliance, and regulatory perspectives that support the rational for a safe, secure and private universal unique patient information identifier.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Skybuffer SAM4U tool for SAP license adoption
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
More Related Content
Similar to Internet of things and data governance
Legal challenges of big data
“Big Data is a term that describes large volumes of high velocity, complex, and variable data that requires advanced techniques and technologies to enable the capture, storage, distribution, management, and analysis of the information.” - TechAmerican Foundation.
Key Legal Concerns:
-Data privacy and security
-Compliance issues
-Service levels
-Reliability and other warranties
-Indemnification and Limitations of Liability
week 7.pptx
This document outlines the course roadmap for a data analytics course. It includes 12 topics covered over 15 weeks, with flexibility weeks built in. The topics include data exploration and visualization, predictive analytics, research design and experimentation, and data communication. Workshops are included to provide hands-on learning opportunities. The learning objectives focus on key principles of data ethics like ethical decision making, technical approaches to prevent issues, and risk management for data ethics.
Sharing Confidential Data in ICPSR
Prof George Alter, UMich, ICPSR, presenting at the Managing and publishing sensitive data in the Social Sciences webinar on 29/3/17.
FULL webinar recording: https://youtu.be/7wxfeHNfKiQ
Webinar description:
2) Prof George Alter, (Research Professor, ICPSR and Visiting Professor, ANU) George will share the benefit of over 50 years of experience in managing sensitive social science data in the ICPSR: https://www.icpsr.umich.edu/icpsrweb/
More about ICPSR: -- ICPSR (USA) maintains a data archive of more than 250,000 files of research in the social and behavioral sciences. It hosts 21 specialized collections of data in education, aging, criminal justice, substance abuse, terrorism, and other fields. -- ICPSR collaborates with a number of funders, including U.S. statistical agencies and foundations, to create thematic collections: see https://www.icpsr.umich.edu/icpsrweb/content/about/thematic-collections.html
EU Medical Device Clinical Research under the General Data Protection Regulation
Presentation about medical devices patient data management under the EU General Data Protection Regulation at the Medical Device Clinical Research Conference in November 2015
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...
This document summarizes a presentation on using data analytics for compliance, due diligence, and investigations. The presentation features four speakers: Raul Saccani of Deloitte, Dave Stewart of SAS Institute, John Walsh of SightSpan, and John Walsh of SAS Institute. It discusses challenges related to big data including volume, variety, and velocity of data. It provides examples of how financial institutions have used analytics for anti-money laundering model tuning and illicit network analysis. It also outlines the analytics lifecycle and considerations for adopting a proactive analytics strategy.
Privacy In The Digital Age
Computers and the Internet-Of-Things generate data about our every move, passing thought or feeling. There is also a comprehensive set of data on our life’s context: our whereabouts, connections, physiological state, patterns of movement, and deeply ingrained subconscious behaviors. While that information may not be immediately visible or easy to learn from, it is created, collected and saved. Over time, the pile of data grows. The processing technologies become more sophisticated and powerful. No data is ever “forgotten”. In this session we will look at data that’s currently collected by popular services, the implications of cross-processing streams of data from different sources, and the power of metadata. There are no more secrets. Based on “Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World” by Bruce Schneier.
Confidentiality Privacy and Security.ppt
This presentation talks about the confidentiality privacy and security. What are the difference between confidentiality, privacy and security.
Confidential data management_key_concepts
This document provides an overview of key concepts in confidential data management. It discusses how easily identifiable private information can be from data like birthdate and zipcode. It covers concepts like privacy, confidentiality, identifiability and sensitivity. It also discusses legal constraints around data sharing and anonymization. The document outlines techniques for reducing risk in data collection, storage, partitioning and dissemination while maintaining data utility, such as suppressing direct identifiers and adding noise.
Privacy and Data Security: Risk Management and Avoidance
The document discusses data security breach risk management and response planning. It provides statistics on data breaches in 2012, the average costs of breaches, and common types of breaches. It also discusses why a response plan is needed, what constitutes a data security breach under various state laws, and outlines steps to take in responding to a breach, including investigating the incident, understanding notification laws, notifying affected parties, answering inquiries, issuing press releases, and offering assistance.
Legal challenges for big data companies
The document discusses several key legal concerns for big data companies, including data privacy and security, compliance issues, service levels and warranties, and indemnification. It notes that big data involves large volumes of complex and variable data from sources like tweets, trade events, and video feeds. Ensuring proper data handling and security is crucial, as is clearly defining responsibilities and liability between data companies and their customers.
Data Protection: We\'re In This Together
The document discusses protecting personally identifiable information (PII) in accordance with new data protection regulations. It outlines the types of data that are at risk, how data can be exposed through accidents or attacks, and steps individuals and departments should take. These include minimizing collection of sensitive data, securely destroying data, using strong passwords, and talking to IT about tools and processes for securing data.
Surveillance and security.pptx
This document discusses the ethics of surveillance and security. It covers various ethical approaches, security concepts, types of surveillance, hacking techniques, legal frameworks, privacy concepts, stakeholders, social factors, and ethical dilemmas related to information security and privacy. Key topics include utilitarianism, deontology, virtue ethics, rights-based ethics, social contract theory, encryption, firewalls, intrusion detection, authentication, CCTV, data mining, internet monitoring, wiretapping, facial recognition, penetration testing, social engineering, phishing, vulnerability assessments, GDPR, CFAA, FISMA, the right to be forgotten, consent decrees, anonymity, data minimization, opt-in vs opt-out, information lifec
Gdpr for business full
This document provides an overview of key aspects of the General Data Protection Regulation (GDPR) for businesses:
1) It outlines the six principles of GDPR for processing personal data, including lawfulness, transparency, purpose limitation, data minimization, accuracy, and storage limitation.
2) It explains that GDPR applies to any organization that processes personal data of EU individuals, including data controllers and processors.
3) It defines personal data and sensitive personal data, and outlines the legal bases for processing each type of data, including consent, contractual obligations, and legitimate interests.
4) It provides guidance on complying with GDPR requirements such as conducting a data inventory, managing consent and privacy notices,
BMS _ 1. Biometrics and privacy.ppt
The document discusses biometrics and privacy. It notes that biometric measures themselves do not contain personal information, and some measures like fingerprints cannot be used to identify a person without an existing database. It also states that biometric measures are not generally useful for linking records or tracking movements in the way credit cards and phone numbers can be. While some limited government databases of biometrics exist, there are no large public databases that could be used to look up a person's identity from their biometrics.
DAMA Webinar: The Data Governance of Personal (PII) Data
To do effective data governance, analysts should preview the amount of data their organization is collecting and consider if it is all necessary information to run the business or just “nice to have” data. Today companies are collecting a variety of Personally identifiable information (PII), combining it with location information, and using it to both personalize their own services and to sell to advertisers for behavioral marketing. Data brokers are tracking cell phone applications and insurance companies are installing devices to monitor driving habits. At the same time, however, hackers are embedding malicious software in company computers, opening a virtual door for criminals to rifle through an organization’s valuable personal and financial information.
This presentation explores:
•What company data should be tagged as “sensitive” data?
•Who within the company has access to personal data?
•Is the company breaking any privacy laws by storing PII data?
•Is the data secure from both internal and external hackers?
•What happens if there is an external data breech?
Respect Thy Data: The Gospel
Speakers: Sheila Colclasure, Global Privacy and Public Policy Executive, Acxiom
The Digital Health Summit, produced by Living in Digital Times, convenes one of the broadest spectrum of health care and technology audiences in the world. The Summit features innovations and advancements in genomics, diagnostics, wearables, telehealth and more in the mobile health market which is expected to reach $26 billion by 2017. This is a must see event each year that takes place at the International Consumer Electronics Show (CES) in Las Vegas.
Website: Http://www.digitalhealthsummit.com
Twitter: http://www.twitter.com/dhsummit
Hashtags: #digitalhealthces #ces2016
Photos: https://www.flickr.com/digitalhealthsummit
Ethical & Legal Issues for Health IT in Thailand's Context
The document discusses several ethical and legal issues related to health information technology in Thailand. It outlines why these issues are important, including risks to patient outcomes and privacy. Key principles that guide ethics in health IT are discussed, such as non-maleficence, beneficence, justice, and respect for autonomy. The appropriate use of health IT and obligations of practitioners and developers are also covered. The document then examines privacy, security, and relevant laws including those related to HIPAA in the US and privacy in Thailand.
PERSONALISED PRICING – DE STREEL – November 2018 OECD discussion
PERSONALISED PRICING – DE STREEL – November 2018 OECD discussionOECD Directorate for Financial and Enterprise Affairs
This presentation by Alexandre DE STREEL, Professor of EU Law at UNamur, was made during the discussion “Personalised Pricing in the Digital Era” held at the Joint meeting between the Competition Committee and the Committee on Consumer Policy on 28 November 2018. More papers and presentations on the topic can be found out at oe.cd/ppd.Privacy-Enhanced Personalization
This document discusses privacy-enhanced personalization by balancing user privacy and personalized experiences online. It summarizes research showing that contextual explanations of privacy practices and personalization benefits lead users to disclose more information and have more positive perceptions of websites. While privacy-enhancing technologies can help, interaction design is also important. User trust, understanding, and control play a key role in finding the right balance between privacy and personalization. More research is still needed on factors like website reputation and the visibility of privacy information.
Universal Unique Patient Information Identifier UUPII
While there is merit to both sides of the privacy argument there is no longer any argument that could withstand scrutiny against a universal way to identify individuals longitudinal health information and to make that data available both in a de-identified fashion for global population health management efforts and an identified fashion for routine and emergent health services. This academic work will make arguments for the Universal Unique Patient Information Identifier UUPII from technology integration, financial implications, patient safety and legal perspectives supporting a combination of techniques that will provide scalability and flexibility that other national systems such as the Social Security Number could achieve. The bulk of the arguments will focus on the Risk, Compliance, and regulatory perspectives that support the rational for a safe, secure and private universal unique patient information identifier.
Similar to Internet of things and data governance (20)
EU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection Regulation
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...
Privacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and Avoidance
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) Data
Ethical & Legal Issues for Health IT in Thailand's Context
Ethical & Legal Issues for Health IT in Thailand's Context
PERSONALISED PRICING – DE STREEL – November 2018 OECD discussion
PERSONALISED PRICING – DE STREEL – November 2018 OECD discussion
Universal Unique Patient Information Identifier UUPII
Universal Unique Patient Information Identifier UUPII
Recently uploaded
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Skybuffer SAM4U tool for SAP license adoption
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Northern Engraving | Nameplate Manufacturing Process - 2024
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
HCL Notes and Domino License Cost Reduction in the World of DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Dmitrii Kamaev, PhD
Senior Product Owner - QIAGEN
The Microsoft 365 Migration Tutorial For Beginner.pptx
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
Astute Business Solutions | Oracle Cloud Partner |
Your goto partner for Oracle Cloud, PeopleSoft, E-Business Suite, and Ellucian Banner. We are a firm specialized in managed services and consulting.
Introduction of Cybersecurity with OSS at Code Europe 2024
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
June Patch Tuesday
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Tomaz Bratanic
Graph ML and GenAI Expert - Neo4j
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...Edge AI and Vision Alliance
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
JavaLand 2024: Application Development Green Masterplan
My presentation slides I used at JavaLand 2024
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Programming Foundation Models with DSPy - Meetup Slides
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays, June 2024 with Maria Copot 20
Recently uploaded (20)
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Internet of things and data governance
- 1. The governance of data in the age of the internet of things Melissa A. Schilling New York University
- 2. Privacy concerns from internet of things • Devices collect data that could lead to: • Loss of autonomy, individuality, and personhood • Discrimination (price, social, employment, etc.) • Predation (financial, physical, social) • Consumers should have control over “opt in” and standard rules for times when rules are not specified (e.g., public surveillance)
- 3. Types of Data – Benefits and Risks Data Type Biological/ Medical Consumer Preferences Financial Geographic Social/Emotional Examples Lab tests Prescription data Fitness trackers Purchase history Browsing history Bank records Taxes Credit/Debt GPS on phone GPS on car Tolls Social media posts Alexa, Siri, etc. Browsing history Benefits/ Risks **/*** Health alerts Science Employment risk Insurance risk **/** Targeted ads Innovation Price discrimination Inf. for other cats. */*** Targeted offers Discrimination ID Theft & Fraud Predation ***/*** Targeted offers Safety services Price discrimination Predation */*** Science Discrimination Emotional harm
- 4. Data Governance • Data is intellectual property; consumer produces the data and thus should own the data and control the license rights • Standard license terms could make the licensing process simpler and safer • License should specify at a minimum the following: • Level of user access restriction, including: • who has access • rights or prohibitions regarding transfer of data to others • Identification level of the data, e.g., • Anonymous • Anonymous with identifier code (to match data sets) • Identified • Time window for data holding and use • Instant flush • Medium term window (0-3 years) • Long term window (3-10 years) • Permanent
- 5. Level of User Access Restrictions • Should have standardized access-level restrictions, e.g., • Public • Passive licensing (any users with limits of use) • Restricted licensing (specified users with limits of use) • Restricted licensing to specified bonded and licensed professionals • No access
- 6. Identification Level Protocols • Should have standard identification protocols, e.g., • Authenticated ID • Anonymized with code for data concordance • Guaranteed anonymous (no ID)
- 7. Data Holding and Use Periods • All license should have specified data holding/use period restrictions, similar to standard license agreements, e.g., • Permanent • Long window (3 - 10 years) • Medium window (1 - 3 years) • Short window (<1 year) • Instant flush
- 8. Some Data Examples and Suggested License Standards Biological/ Medical Consumer Preferences Financial Geographic Social/ Emotional Highest restriction (bonded licensed professionals) with user consent; 5 year window Consumer can license; anonymized with code, 1-3 year time window Highest restriction (bonded licensed professionals) with user consent; 5 year window Consumer can license; ID or anonymous with code, <1 year window Highest restriction (default: no access) Instant flush
- 9. Thanks! • Questions & comments: mschilli@stern.nyu.edu