Personal health data - Privacy policy harmonization and global enforcement

This workshop is jointly organized by EFMI Working Groups Security, Safety and Ethics and Personal Portable Devices in cooperation with IMIA Working Group "Security in Health Information Systems". In contemporary healthcare and personal health management the collection and use of personal health information takes place in different contexts and jurisdictions. Global use of health data is also expanding. The approach taken by different experts, health service providers, data subjects and secondary users in understanding privacy and the privacy expectations others may have is strongly context dependent. To make eHealth, global healthcare, mHealth and personal health management successful and to enable fair secondary use of personal health data, it is necessary to find a practical and functional balance between privacy expectations of stakeholder groups. The workshop will highlight these privacy concerns by presenting different cases and approaches. Workshop participants will analyse stakeholder privacy expectations that take place in different real-life contexts such as portable health devices and personal health records, and develop a mechanism to balance them in such a way that global protection of health data and its meaningful use is realized simultaneously. Based on the results of the workshop, initial requirements for a global healthcare information certification framework will be developed.

Enhancing the trust of location acquisition systems for critical applications and location-based security services

This paper identifies a number of critical infrastructure applications that are reliant on location services from cooperative location technologies such as GPS and GSM. We show that these location technologies can be represented in a general location model, such that the model components can be used for vulnerability analysis. We perform a vulnerability analysis on these components of GSM and GPS location systems as well as a number of augmentations to these systems.

Electronic workplace surveillance and employee privacy : a comparative analysis of privacy protection in Australia and the United States

More than a century ago in their definitive work “The Right to Privacy” Samuel D. Warren and Louis D. Brandeis highlighted the challenges posed to individual privacy by advancing technology. Today’s workplace is characterised by its reliance on computer technology, particularly the use of email and the Internet to perform critical business functions. Increasingly these and other workplace activities are the focus of monitoring by employers. There is little formal regulation of electronic monitoring in Australian or United States workplaces. Without reasonable limits or controls, this has the potential to adversely affect employees’ privacy rights. Australia has a history of legislating to protect privacy rights, whereas the United States has relied on a combination of constitutional guarantees, federal and state statutes, and the common law. This thesis examines a number of existing and proposed statutory and other workplace privacy laws in Australia and the United States. The analysis demonstrates that existing measures fail to adequately regulate monitoring or provide employees with suitable remedies where unjustifiable intrusions occur. The thesis ultimately supports the view that enacting uniform legislation at the national level provides a more effective and comprehensive solution for both employers and employees. Chapter One provides a general introduction and briefly discusses issues relevant to electronic monitoring in the workplace. Chapter Two contains an overview of privacy law as it relates to electronic monitoring in Australian and United States workplaces. In Chapter Three there is an examination of the complaint process and remedies available to a hypothetical employee (Mary) who is concerned about protecting her privacy rights at work. Chapter Four provides an analysis of the major themes emerging from the research, and also discusses the draft national uniform legislation. Chapter Five details the proposed legislation in the form of the Workplace Surveillance and Monitoring Act, and Chapter Six contains the conclusion.

Open and trusted information systems/health informatics access control (OTHIS/HIAC)

Information and Communications Technologies globally are moving towards Service Oriented Architectures and Web Services. The healthcare environment is rapidly moving to the use of Service Oriented Architecture/Web Services systems interconnected via this global open Internet. Such moves present major challenges where these structures are not based on highly trusted operating systems. This paper argues the need of a radical re-think of access control in the contemporary healthcare environment in light of modern information system structures, legislative and regulatory requirements, and security operation demands in Health Information Systems. This paper proposes the Open and Trusted Health Information Systems (OTHIS), a viable solution including override capability to the provision of appropriate levels of secure access control for the protection of sensitive health data.

The mandatory notification of data breaches : issues arising for Australian and EU legal developments

Public and private sector organisations are now able to capture and utilise data on a vast scale, thus heightening the importance of adequate measures for protecting unauthorised disclosure of personal information. In this respect, data breach notification has emerged as an issue of increasing importance throughout the world. It has been the subject of law reform in the United States and in other jurisdictions. This article reviews US, Australian and EU legal developments regarding the mandatory notification of data breaches. The authors highlight areas of concern based on the extant US experience that require further consideration in Australia and in the EU.

A matter of confidence : privacy compliance for connected-up enterprises

Governments around the world are increasingly investing in information and communications technology (ICT) as a means of improving service delivery to citizens. Government ICT adoption is also being driven by a desire to streamline information accessibility and information flows within government - both between different levels of government and between different departments at the same level. Increasing the availability of information internally and to citizens has clear and compelling benefits but it also carries risks that must be carefully managed. This talk will examine the implications of such E-government initiatives for a range of compliance obligations, with a focus on information privacy. It will review recent developments in the area of systems-based enforcement of privacy policies and the particular privacy challenges presented by the aggregation of geospatial information.

Ceremony analysis : strengths and weaknesses

We investigate known security flaws in the context of security ceremonies to gain an understanding of the ceremony analysis process. The term security ceremonies is used to describe a system of protocols and humans which interact for a specific purpose. Security ceremonies and ceremony analysis is an area of research in its infancy, and we explore the basic principles involved to better understand the issues involved.We analyse three ceremonies, HTTPS, EMV and Opera Mini, and use the information gained from the experience to establish a list of typical flaws in ceremonies. Finally, we use that list to analyse a protocol proven secure for human use. This leads to a realisation of the strengths and weaknesses of ceremony analysis.

Urban Informatics Research and Insights for Libraries, Cultural Industries and Innovation Systems

Over less than a decade, we have witnessed a seismic shift in the way knowledge is produced and exchanged. This is opening up new opportunities for civic and community engagement, entrepreneurial behaviour, sustainability initiatives and creative practices. It also has the potential to create fresh challenges in areas of privacy, cyber-security and misuse of data and personal information. The field of urban informatics focuses on the use and impacts of digital media technology in urban environments. Urban informatics is a dynamic and cross-disciplinary area of inquiry that encapsulates social media, ubiquitous computing, mobile applications and location-based services. Its insights suggest the emergence of a new economic force with the potential for driving innovation, wealth and prosperity through technological advances, digital media and online networks that affect patterns of both social and economic development. Urban informatics explores the intersections between people, place and technology, and their implications for creativity, innovation and engagement. This paper examines how the key learnings from this field can be used to position creative and cultural institutions such as galleries, libraries, archives and museums (GLAM) to take advantage of the opportunities presented by these changing social and technological developments. This paper introduces the underlying principles, concepts and research areas of urban informatics, against the backdrop of modern knowledge economies. Both theoretical ideas and empirical examples are covered in this paper. The first part discusses three challenges: a. People, and the challenge of creativity: The paper explores the opportunities and challenges of urban informatics that can lead to the design and development of new tools, methods and applications fostering participation, the democratisation of knowledge, and new creative practices. b. Technology, and the challenge of innovation: The paper examines how urban informatics can be applied to support user-led innovation with a view to promoting entrepreneurial ideas and creative industries. c. Place, and the challenge of engagement: The paper discusses the potential to establish place-based applications of urban informatics, using the example of library spaces designed to deliver community and civic engagement strategies. The discussion of these challenges is illustrated by a review of projects as examples drawn from diverse fields such as urban computing, locative media, community activism, and sustainability initiatives. The second part of the paper introduces an empirically grounded case study that responds to these three challenges: The Edge, the Queensland Government’s Digital Culture Centre which is an initiative of the State Library of Queensland to explore the nexus of technology and culture in an urban environment. The paper not only explores the new role of libraries in the knowledge economy, but also how the application of urban informatics in prototype engagement spaces such as The Edge can provide transferable insights that can inform the design and development of responsive and inclusive new library spaces elsewhere. To set the scene and background, the paper begins by drawing the bigger picture and outlining some key characteristics of the knowledge economy and the role that the creative and cultural industries play in it, grasping new opportunities that can contribute to the prosperity of Australia.

Information accountability with policy languages for e-Health

ICT is becoming a prominent part of healthcare delivery but brings with it information privacy concerns for patients and competing concerns by the caregivers. A proper balance between these issues must be established in order to fully utilise ICT capabilities in healthcare. Information accountability is a fairly new concept to computer science which focuses on fair use of information. In this paper we investigate the different issues that need to be addressed when applying information accountability principles to manage healthcare information. We briefly introduce an information accountability framework for handling electronic health records (eHR). We focus more on digital rights management by considering data in eHRs as digital assets and how we can represent privacy policies and data usage policies as these are key factors in accountability systems.

Data breach notification law in the EU and Australia : where to now?

Mandatory data breach notification laws have been a significant legislative reform in response to unauthorized disclosures of personal information by public and private sector organizations. These laws originated in the state-based legislatures of the United States during the last decade and have subsequently garnered worldwide legislative interest. We contend that there are conceptual and practical concerns regarding mandatory data breach notification laws which limit the scope of their applicability, particularly in relation to existing information privacy law regimes. We outline these concerns here, in the light of recent European Union and Australian legal developments in this area.

Accountable-eHealth systems : the next step forward for privacy

EHealth systems promise enviable benefits and capabilities for healthcare. But, the technologies that make these capabilities possible brings with them undesirable drawback such as information security related threats which need to be appropriately addressed. Lurking in these threats are patient privacy concerns. Fulfilling these privacy concerns have proven to be difficult since they often conflict with information requirements of care providers. It is important to achieve a proper balance between these requirements. We believe that information accountability can achieve this balance. In this paper we introduce accountable-eHealth systems. We will discuss how our designed protocols can successfully address the aforementioned requirement. We will also compare characteristics of AeH systems with Australia’s PCEHR system and identify similarities and highlight the differences and the impact those differences would have to the eHealth domain.

Towards a secure human-and-computer mutual authentication protocol

We blend research from human-computer interface (HCI) design with computational based crypto- graphic provable security. We explore the notion of practice-oriented provable security (POPS), moving the focus to a higher level of abstraction (POPS+) for use in providing provable security for security ceremonies involving humans. In doing so we high- light some challenges and paradigm shifts required to achieve meaningful provable security for a protocol which includes a human. We move the focus of security ceremonies from being protocols in their context of use, to the protocols being cryptographic building blocks in a higher level protocol (the security cere- mony), which POPS can be applied to. In order to illustrate the need for our approach, we analyse both a protocol proven secure in theory, and a similar proto- col implemented by a �nancial institution, from both HCI and cryptographic perspectives.

A state-aware RFID privacy model with reader corruption

A number of security models have been proposed for RFID systems. Recent studies show that current models tend to be limited in the number of properties they capture. Consequently, models are commonly unable to distinguish between protocols with regard to finer privacy properties. This paper proposes a privacy model that introduces previously unavailable expressions of privacy. Based on the well-studied notion of indistinguishability, the model also strives to be simpler, easier to use, and more intuitive compared to previous models.

A simulation framework for smart meter security evaluation

The evolution of classic power grids to smart grids creates chances for most participants in the energy sector. Customers can save money by reducing energy consumption, energy providers can better predict energy demand and environment benefits since lower energy consumption implies lower energy production including a decrease of emissions from plants. But information and communication systems supporting smart grids can also be subject to classical or new network attacks. Attacks can result in serious damage such as harming privacy of customers, creating economical loss and even disturb the power supply/demand balance of large regions and countries. In this paper, we give an overview about the German smart measuring architecture, protocols and security. Afterwards, we present a simulation framework which enables researchers to analyze security aspects of smart measuring scenarios.