953 resultados para Data Protection
Resumo:
In its recent Schrems judgment the Luxembourg Court annulled Commission Decision 2000/520 according to which US data protection rules are sufficient to satisfy EU privacy rules regarding EU-US transfers of personal data, otherwise known as the ‘Safe Harbour’ framework. What does this judgment mean and what are its main implications for EU-US data transfers? In this paper the authors find that this landmark judgment sends a strong message to EU and US policy-makers about the need to ensure clear rules governing data transfers, so that people whose personal data is transferred to third countries have sufficient legal guarantees. Without such rules there is legal uncertainty and mistrust. Any future arrangement for the transatlantic transfer of data will therefore need to be firmly anchored in a framework of protection commensurate to the EU Charter of Fundamental Rights and the EU data protection architecture.
Resumo:
L’évolution continue des besoins d’apprentissage vers plus d’efficacité et plus de personnalisation a favorisé l’émergence de nouveaux outils et dimensions dont l’objectif est de rendre l’apprentissage accessible à tout le monde et adapté aux contextes technologiques et sociaux. Cette évolution a donné naissance à ce que l’on appelle l'apprentissage social en ligne mettant l'accent sur l’interaction entre les apprenants. La considération de l’interaction a apporté de nombreux avantages pour l’apprenant, à savoir établir des connexions, échanger des expériences personnelles et bénéficier d’une assistance lui permettant d’améliorer son apprentissage. Cependant, la quantité d'informations personnelles que les apprenants divulguent parfois lors de ces interactions, mène, à des conséquences souvent désastreuses en matière de vie privée comme la cyberintimidation, le vol d’identité, etc. Malgré les préoccupations soulevées, la vie privée en tant que droit individuel représente une situation idéale, difficilement reconnaissable dans le contexte social d’aujourd’hui. En effet, on est passé d'une conceptualisation de la vie privée comme étant un noyau des données sensibles à protéger des pénétrations extérieures à une nouvelle vision centrée sur la négociation de la divulgation de ces données. L’enjeu pour les environnements sociaux d’apprentissage consiste donc à garantir un niveau maximal d’interaction pour les apprenants tout en préservant leurs vies privées. Au meilleur de nos connaissances, la plupart des innovations dans ces environnements ont porté sur l'élaboration des techniques d’interaction, sans aucune considération pour la vie privée, un élément portant nécessaire afin de créer un environnement favorable à l’apprentissage. Dans ce travail, nous proposons un cadre de vie privée que nous avons appelé « gestionnaire de vie privée». Plus précisément, ce gestionnaire se charge de gérer la protection des données personnelles et de la vie privée de l’apprenant durant ses interactions avec ses co-apprenants. En s’appuyant sur l’idée que l’interaction permet d’accéder à l’aide en ligne, nous analysons l’interaction comme une activité cognitive impliquant des facteurs contextuels, d’autres apprenants, et des aspects socio-émotionnels. L'objectif principal de cette thèse est donc de revoir les processus d’entraide entre les apprenants en mettant en oeuvre des outils nécessaires pour trouver un compromis entre l’interaction et la protection de la vie privée. ii Ceci a été effectué selon trois niveaux : le premier étant de considérer des aspects contextuels et sociaux de l’interaction telle que la confiance entre les apprenants et les émotions qui ont initié le besoin d’interagir. Le deuxième niveau de protection consiste à estimer les risques de cette divulgation et faciliter la décision de protection de la vie privée. Le troisième niveau de protection consiste à détecter toute divulgation de données personnelles en utilisant des techniques d’apprentissage machine et d’analyse sémantique.
Resumo:
Much has been written about Big Data from a technical, economical, juridical and ethical perspective. Still, very little empirical and comparative data is available on how Big Data is approached and regulated in Europe and beyond. This contribution makes a first effort to fill that gap by presenting the reactions to a survey on Big Data from the Data Protection Authorities of fourteen European countries and a comparative legal research of eleven countries. This contribution presents those results, addressing 10 challenges for the regulation of Big Data.
Resumo:
Les nouvelles technologies et l’arrivée de l’Internet ont considérablement facilité les échanges transnationaux de données entre les entreprises publiques et/ou privées et également entre les personnes elles-mêmes. Cependant cette révolution numérique n’a pas été sans conséquences sur l’utilisation de nos données personnelles puisque cette abondance de données à la portée de tiers peut conduire à des atteintes : la commercialisation des données personnelles sans le consentement de l’intéressé par des entreprises ou encore la diffusion de sa photographie, de son nom, de son prénom à son insu en sont des exemples. La question qui vient alors se poser est en cas de litige, c’est-à-dire en cas d’atteintes au droit à la protection de nos données personnelles, présentant un ou des éléments d’extranéité, quels tribunaux pouvons-nous saisir ? Et quelle est la loi qui sera applicable ? Les droits québécois, de l’Union européenne, et suisse présentent différents critères de rattachement intéressants et adaptés à des situations prenant place hors et sur internet. Le droit commun de chacun de ces systèmes est envisagé, puis appliqué aux données personnelles dans le cadre d’une situation normale, et ensuite à internet si la situation diffère. La doctrine est également analysée dans la mesure où certaines solutions sont tout à fait intéressantes, et cela notamment sur internet. Un premier chapitre est consacré à la compétence internationale des tribunaux et aux critères de rattachement envisageables en droit commun à savoir notamment : le tribunal de l’État de survenance du préjudice, le tribunal de l’État de la faute ou encore le tribunal du domicile de la victime. Et ceux prévus ou non par la doctrine tels que l’accessibilité et le ciblage par exemple. Les conflits de lois sont étudiés dans un deuxième chapitre avec également l’énumération les différents facteurs de rattachement envisageables en droit commun comme la loi de l’État du préjudice, la loi de l’État de la faute ou encore la loi de l’État favorisant la victime. Et également ceux prévus par la doctrine : la loi de l’État « offrant la meilleure protection des données à caractère personnel » ou encore la loi de l’État où est établi le « maître du fichier ». Le tribunal le plus compétent au regard des principes généraux de droit international privé en cas d’atteintes au droit de la protection des données personnelles hors et sur internet est le tribunal de l’État du domicile de la victime. Et la meilleure loi applicable est la loi de l’État du domicile ou de la résidence principale du demandeur et du défendeur à l’instance, et dans le cas où la situation ne présente pas d’éléments d’extranéité, la meilleure loi est la loi favorisant la victime.
Resumo:
Healthcare systems have assimilated information and communication technologies in order to improve the quality of healthcare and patient's experience at reduced costs. The increasing digitalization of people's health information raises however new threats regarding information security and privacy. Accidental or deliberate data breaches of health data may lead to societal pressures, embarrassment and discrimination. Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance. This thesis consists of publications contributing to mHealth security and privacy in various ways: with a comprehensive literature review about mHealth in Brazil; with the design of a security framework for MDCSs (SecourHealth); with the design of a MDCS (GeoHealth); with the design of Privacy Impact Assessment template for MDCSs; and with the study of ontology-based obfuscation and anonymisation functions for health data.
Resumo:
Les nouvelles technologies et l’arrivée de l’Internet ont considérablement facilité les échanges transnationaux de données entre les entreprises publiques et/ou privées et également entre les personnes elles-mêmes. Cependant cette révolution numérique n’a pas été sans conséquences sur l’utilisation de nos données personnelles puisque cette abondance de données à la portée de tiers peut conduire à des atteintes : la commercialisation des données personnelles sans le consentement de l’intéressé par des entreprises ou encore la diffusion de sa photographie, de son nom, de son prénom à son insu en sont des exemples. La question qui vient alors se poser est en cas de litige, c’est-à-dire en cas d’atteintes au droit à la protection de nos données personnelles, présentant un ou des éléments d’extranéité, quels tribunaux pouvons-nous saisir ? Et quelle est la loi qui sera applicable ? Les droits québécois, de l’Union européenne, et suisse présentent différents critères de rattachement intéressants et adaptés à des situations prenant place hors et sur internet. Le droit commun de chacun de ces systèmes est envisagé, puis appliqué aux données personnelles dans le cadre d’une situation normale, et ensuite à internet si la situation diffère. La doctrine est également analysée dans la mesure où certaines solutions sont tout à fait intéressantes, et cela notamment sur internet. Un premier chapitre est consacré à la compétence internationale des tribunaux et aux critères de rattachement envisageables en droit commun à savoir notamment : le tribunal de l’État de survenance du préjudice, le tribunal de l’État de la faute ou encore le tribunal du domicile de la victime. Et ceux prévus ou non par la doctrine tels que l’accessibilité et le ciblage par exemple. Les conflits de lois sont étudiés dans un deuxième chapitre avec également l’énumération les différents facteurs de rattachement envisageables en droit commun comme la loi de l’État du préjudice, la loi de l’État de la faute ou encore la loi de l’État favorisant la victime. Et également ceux prévus par la doctrine : la loi de l’État « offrant la meilleure protection des données à caractère personnel » ou encore la loi de l’État où est établi le « maître du fichier ». Le tribunal le plus compétent au regard des principes généraux de droit international privé en cas d’atteintes au droit de la protection des données personnelles hors et sur internet est le tribunal de l’État du domicile de la victime. Et la meilleure loi applicable est la loi de l’État du domicile ou de la résidence principale du demandeur et du défendeur à l’instance, et dans le cas où la situation ne présente pas d’éléments d’extranéité, la meilleure loi est la loi favorisant la victime.
Resumo:
On May 25, 2018, the EU introduced the General Data Protection Regulation (GDPR) that offers EU citizens a shelter for their personal information by requesting companies to explain how people’s information is used clearly. To comply with the new law, European and non-European companies interacting with EU citizens undertook a massive data re-permission-request campaign. However, if on the one side the EU Regulator was particularly specific in defining the conditions to get customers’ data access, on the other side, it did not specify how the communication between firms and consumers should be designed. This has left firms free to develop their re-permission emails as they liked, plausibly coupling the informative nature of these privacy-related communications with other persuasive techniques to maximize data disclosure. Consequently, we took advantage of this colossal wave of simultaneous requests to provide insights into two issues. Firstly, we investigate how companies across industries and countries chose to frame their requests. Secondly, we investigate which are the factors that influenced the selection of alternative re-permission formats. In order to achieve these goals, we examine the content of a sample of 1506 re-permission emails sent by 1396 firms worldwide, and we identify the dominant “themes” characterizing these emails. We then relate these themes to both the expected benefits firms may derive from data usage and the possible risks they may experience from not being completely compliant to the spirit of the law. Our results show that: (1) most firms enriched their re-permission messages with persuasive arguments aiming at increasing consumers’ likelihood of relinquishing their data; (2) the use of persuasion is the outcome of a difficult tradeoff between costs and benefits; (3) most companies acted in their self-interest and “gamed the system”. Our results have important implications for policymakers, managers, and customers of the online sector.
Resumo:
The chapters of the thesis focus on a limited variety of selected themes in EU privacy and data protection law. Chapter 1 sets out the general introduction on the research topic. Chapter 2 touches upon the methodology used in the research. Chapter 3 conceptualises the basic notions from a legal standpoint. Chapter 4 examines the current regulatory regime applicable to digital health technologies, healthcare emergencies, privacy, and data protection. Chapter 5 provides case studies on the application deployed in the Covid-19 scenario, from the perspective of privacy and data protection. Chapter 6 addresses the post-Covid European regulatory initiatives on the subject matter, and its potential effects on privacy and data protection. Chapter 7 is the outcome of a six-month internship with a company in Italy and focuses on the protection of fundamental rights through common standardisation and certification, demonstrating that such standards can serve as supporting tools to guarantee the right to privacy and data protection in digital health technologies. The thesis concludes with the observation that finding and transposing European privacy and data protection standards into scenarios, such as public healthcare emergencies where digital health technologies are deployed, requires rapid coordination between the European Data Protection Authorities and the Member States guarantee that individual privacy and data protection rights are ensured.
Resumo:
The project answers to the following central research question: ‘How would a moral duty of patients to transfer (health) data for the benefit of health care improvement, research, and public health in the eHealth sector sit within the existing confidentiality, privacy, and data protection legislations?’. The improvement of healthcare services, research, and public health relies on patient data, which is why one might raise the question concerning a potential moral responsibility of patients to transfer data concerning health. Such a responsibility logically would have subsequent consequences for care providers concerning the further transferring of health data with other healthcare providers or researchers and other organisations (who also possibly transfer the data further with others and other organisations). Otherwise, the purpose of the patients’ moral duty, i.e. to improve the care system and research, would be undermined. Albeit the arguments that may exist in favour of a moral responsibility of patients to share health-related data, there are also some moral hurdles that come with such a moral responsibility. Furthermore, the existing European and national confidentiality, privacy and data protection legislations appear to hamper such a possible moral duty, and they may need to be reconsidered to unlock the full use of data for healthcare and research.
Resumo:
It is not possible to imagine our lives today without technology. From the moment we get up in the morning until the time that we go to bed at night, technology is present in almost every moment, even if we are not aware of it. Some of the most basic activities we need to perform regularly could not be carried out without technology. Sociological and Philosophical Aspects of Human Interaction with Technology: Advancing Concepts presents a careful blend of conceptual, theoretical and applied research in regards to the relationship between technology and humans. This book explores the importance of these interactions, aspects related with trust, communication, data protection, usability concerning organizational change, and e-learning. The advancement of these theories and practices will benefit from this publication as it provides a voice for the users.
Resumo:
Na presente dissertação pretendemos averiguar da pertinência prática do actual modelo de protecção de dados clínicos, ou seja, se nele está devidamente consagrada a autonomia e a individualidade do utente; pretendemos ainda perceber a tendência evolutiva do sistema português de protecção de dados clínicos, nomeadamente a sua capacidade de inovação e adaptação aos sistemas internacionais, respeitando o nosso ordenamento jurídico. Concretamente, pretendemos perceber de que forma esta informação estará protegida, bem como até onde os utentes estarão consciencializados dos perigos que enfrentam. Embora este seja um problema mundial, o facto é que a Gestão do Sistema de Protecção de Dados Pessoais e Clínicos suscita polémica e interpretações diferentes, dada a sensibilidade ética do tema, a integridade humana. Além deste facto, estamos perante uma problemática que irá sempre envolver vários interesses e consequentemente um confronto de posições. Este trabalho procura ilustrar de que forma se lida com a gestão de dados pessoais no nosso país, de que modo se harmonizam os diferentes interesses e perspectivas, que prioridades se encontram na orientação governamental nesta matéria, quais as penalizações para os eventuais incumpridores e qual o futuro possível dos dados pessoais em saúde, tendo como objectivo comum uma eficácia e sustentabilidade dos mecanismos utilizados. Vamos encontrar interesses divergentes, compromissos permissivos ou restritivos de tratamento de dados, tendências que suportam interesses privados e públicos que se vão concretizar em escolhas eficientes de gestão de dados. Esta diversidade de comportamentos vai ser objecto de estudo e análise neste trabalho, procurando aferir das vantagens e desvantagens de um sistema de informação em saúde: universal com a população coberta, e integrado a fim de compartilhar informações de todos os pacientes, de todas as unidades de prestação de cuidados de saúde.
Resumo:
Trabalho realizado sob orientação do Prof. António Brandão Moniz para a disciplina “Factores Sociais da Inovação” do Mestrado Engenharia Informática realizado na Faculdade de Ciências e Tecnologia da Universidade Nova de Lisboa
Resumo:
Rationale and Objectives Computer-aided detection and diagnosis (CAD) systems have been developed in the past two decades to assist radiologists in the detection and diagnosis of lesions seen on breast imaging exams, thus providing a second opinion. Mammographic databases play an important role in the development of algorithms aiming at the detection and diagnosis of mammary lesions. However, available databases often do not take into consideration all the requirements needed for research and study purposes. This article aims to present and detail a new mammographic database. Materials and Methods Images were acquired at a breast center located in a university hospital (Centro Hospitalar de S. João [CHSJ], Breast Centre, Porto) with the permission of the Portuguese National Committee of Data Protection and Hospital's Ethics Committee. MammoNovation Siemens full-field digital mammography, with a solid-state detector of amorphous selenium was used. Results The new database—INbreast—has a total of 115 cases (410 images) from which 90 cases are from women with both breasts affected (four images per case) and 25 cases are from mastectomy patients (two images per case). Several types of lesions (masses, calcifications, asymmetries, and distortions) were included. Accurate contours made by specialists are also provided in XML format. Conclusion The strengths of the actually presented database—INbreast—relies on the fact that it was built with full-field digital mammograms (in opposition to digitized mammograms), it presents a wide variability of cases, and is made publicly available together with precise annotations. We believe that this database can be a reference for future works centered or related to breast cancer imaging.
Resumo:
ABSTRACT - The authors’ main purpose is to present ideas on defining Health Law by highlighting the particularities of the field of Health Law as well as of the teaching of this legal branch, hoping to contribute to the maturity and academic recognition of Health Law, not only as a very rich legal field but also as a powerful social instrument in the fulfillment of fundamental human rights. The authors defend that Health Law has several characteristics that distinguish it from traditional branches of law such as its complexity and multidisciplinary nature. The study of Health Law normally covers issues such as access to care, health systems organization, patients’ rights, health professionals’ rights and duties, strict liability, healthcare contracts between institutions and professionals, medical data protection and confidentiality, informed consent and professional secrecy, crossing different legal fields including administrative, antitrust, constitutional, contract, corporate, criminal, environmental, food and drug, intellectual property, insurance, international and supranational, labor/employment, property, taxation, and tort law. This is one of the reasons why teaching Health Law presents a challenge to the teacher, which will have to find the programs, content and methods appropriate to the profile of recipients which are normally non jurists and the needs of a multidisciplinary curricula. By describing academic definitions of Health Law as analogous to Edgewood, a fiction house which has a different architectural style in each of its walls, the authors try to describe which elements should compose a more comprehensive definition. In this article Biolaw, Bioethics and Human Rights are defined as complements to a definition of Health Law: Biolaw because it is the legal field that treats the social consequences that arise from technological advances in health and life sciences; Bioethics which evolutions normally influence the shape of the legal framework of Health; and, finally Human Rights theory and declarations are outlined as having always been historically linked to medicine and health, being the umbrella that must cover all the issues raised in the area of Health Law. To complete this brief incursion on the definition on Health Law the authors end by giving note of the complex relations between this field of Law and Public Health. Dealing more specifically on laws adopted by governments to provide important health services and regulate industries and individual conduct that affect the health of the populations, this aspect of Health Law requires special attention to avoid an imbalance between public powers and individual freedoms. The authors conclude that public trust in any health system is essentially sustained by developing health structures which are consistent with essential fundamental rights, such as the universal right to access health care, and that the study of Health Law can contribute with important insights into both health structures and fundamental rights in order to foster a health system that respects the Rule of Law.-------------------------- RESUMO – O objectivo principal dos autores é apresentar ideias sobre a definição de Direito da Saúde, destacando as particularidades desta área do direito, bem como do ensino deste ramo jurídico, na esperança de contribuir para a maturidade e para o reconhecimento académico do mesmo, não só como um campo juridicamente muito rico, mas, também, como um poderoso instrumento social no cumprimento dos direitos humanos fundamentais. Os autores defendem que o Direito da Saúde tem diversas características que o distinguem dos ramos tradicionais do direito, como a sua complexidade e natureza multidisciplinar. O estudo do Direito da Saúde abrangendo normalmente questões como o acesso aos cuidados, a organização dos sistemas de saúde, os direitos e deveres dos doentes e dos profissionais de saúde, a responsabilidade civil, os contratos entre instituições de saúde e profissionais, a protecção e a confidencialidade de dados clínicos, o consentimento informado e o sigilo profissional, implica uma abordagem transversal de diferentes áreas legais, incluindo os Direitos contratual, administrativo, antitrust, constitucional, empresarial, penal, ambiental, alimentar, farmacêutico, da propriedade intelectual, dos seguros, internacional e supranacional, trabalho, fiscal e penal. Esta é uma das razões pelas quais o ensino do Direito da Saúde representa um desafio para o professor, que terá de encontrar os programas, conteúdos e métodos adequados ao perfil dos destinatários, que são normalmente não juristas e às necessidades de um currículo multidisciplinar. Ao descrever as várias definições académicas de Direito da Saúde como análogas a Edgewood, uma casa de ficção que apresenta um estilo arquitectónico diferente em cada uma de suas paredes, os autores tentam encontrar os elementos que deveriam compor uma definição mais abrangente. No artigo, Biodireito, Bioética e Direitos Humanos são descritos como complementos de uma definição de Direito da Saúde: o Biodireito, dado que é o campo jurídico que trata as consequências sociais que surgem dos avanços tecnológicos na área da saúde e das ciências da vida; a Bioética cujas evoluções influenciam normalmente o quadro jurídico da Saúde; e, por fim, a teoria dos Direitos Humanos e as suas declarações as quais têm estado sempre historicamente ligadas à medicina e à saúde, devendo funcionar como pano de fundo de todas as questões levantadas na área do Direito da Saúde. Para finalizar a sua breve incursão sobre a definição de Direito da Saúde, os autores dão ainda nota das complexas relações entre este último e a Saúde Pública, onde se tratam mais especificamente as leis aprovadas pelos governos para regular os serviços de saúde, as indústrias e as condutas individuais que afectam a saúde das populações, aspecto do Direito da Saúde que requer uma atenção especial para evitar um desequilíbrio entre os poderes públicos e as liberdades individuais. Os autores concluem afirmando que a confiança do público em qualquer sistema de saúde é, essencialmente, sustentada pelo desenvolvimento de estruturas de saúde que sejam consistentes com o direito constitucional da saúde, tais como o direito universal ao acesso a cuidados de saúde, e que o estudo do Direito da Saúde pode contribuir com elementos
Resumo:
The present dissertation has as object of study the right to be forgotten, a new right for increase the control of subject over their data. It’s analyzed the data protection on Internet, especially, some scenarios of processing and the regulation applicable to it (directive 95/46/CE and directive 2002/58/CE).
