In order to bridge differences in approaches to privacy and provide a streamlined means for U.S. organizations to comply with the Directive, the U.S. Department of Commerce in consultation with the European Commission developed this "safe harbor" framework. This site provides the information organizations need to evaluate and join the U.S.-EU Safe Harbor program.
Created by Nicholas Cramer of AllClear ID, this whitepaper takes a close look at key considerations involved in responding to data breaches of all sizes to help privacy, risk, legal and compliance professionals understand some of the nuances involved in a data breach response.
This IT security guide created by the British Information Commissioner’s Office aims to give small businesses practical advice in the area of IT security.
This guidance published by the CIO Council and the Chief Acquisition Officers Council provides federal agencies guidance in effectively implementing the government’s “Cloud First” policy and moving forward with the Federal Cloud Computing Strategy by focusing on ways to more effectively procure cloud services within existing regulations and laws.
The Texas Health Services Authority developed the Texas Model BAA as an aid for use between healthcare providers and the state's grant-funded health information exchanges to satisfy federal HIPAA requirements related to electronic exchange of protected health information.
Prepared for the Texas Health and Human Services Commission and the Texas Health Services Authority by Patricia Gray, this paper addresses legal requirements for providing and maintaining the security of a patient’s personal health information by those who have access to it.
This document created by the Expertise Department of the CNIL is a catalogue of good practices intended to treat risks that the processing of personal data may pose to the civil liberties and privacy of data subjects. It supplements the risk management method of the CNIL, the French data protection authority, with regard to risks to civil liberties and privacy and helps to determine the measures proportionate to the risks identified using this method.
This document created by the Expertise Department of the CNIL describes a method for managing risks that the processing of personal data can generate to individuals. It includes a complete analytical approach for improving the processing personal data.
Issued by the Mobile Marketing Association Privacy & Advocacy Committee in December 2011, this framework provides mobile application developers with policy language that can be “quickly and completely understood by the consumer.”
The main objective of this guide created by the U.S. Department of Health and Human Services is to reinforce some ways covered entities may protect EPHI when it is accessed or used outside of the organization’s physical purview, including strategies for organizations that conduct some of their business activities through portable devices, home computers or other non-corporate equipment.
Published in December 2012, The Office for Civil Rights solicited input from stakeholders with practical, technical and policy experience in de-identification to create this guidance about methods and approaches to achieve de-identification in accordance with the HIPAA Privacy Rule.
The CNIL’s recommendations are a practical tool for any customer who wishes to use a cloud computing service. Customers' attention is drawn to the fact that they should choose the service provider after carrying out an analysis of requirements and a risk analysis and after having identified the required security measures given the envisaged type of service.
Electronic Health Information Laboratory’s Privacy and Confidentiality Knowledgebase on De-identification Practices
Created by World Law Group, this guide aims to facilitate a framework for analyzing and constructing multinational or global whistleblowing programs, with an eye towards consistency, where possible, and adherence to local law.
A framework created by the Obama Administration to address the lack of “a clear statement of basic privacy principles that apply to the commercial world, and a sustained commitment of all stakeholders to address consumer data privacy issues as they arise from advances in technologies and business models” in the current U.S. consumer data privacy framework.
Page 7 of 11 pages ‹ First < 5 6 7 8 9 > Last ›