Utilizing a privacy impact assessment method using metrics in the healthcare sector

Purpose This study aims to assist organizations to protect the privacy of their users and the security of the data that they store and process. Users may be the customers of the organization (people using the offered services) or the employees (users who operate the systems of the organization). To be more specific, this paper proposes a privacy impact assessment (PIA) method that explicitly takes into account the organizational characteristics and employs a list of well-defined metrics as input, demonstrating its applicability to two hospital information systems with different characteristics. Design/methodology/approach This paper presents a PIA method that employs metrics and takes into account the peculiarities and other characteristics of the organization. The applicability of the method has been demonstrated on two Hospital Information Systems with different characteristics. The aim is to assist the organizations to estimate the criticality of potential privacy breaches and, thus, to select the appropriate security measures for the protection of the data that they collect, process and store. Findings The results of the proposed PIA method highlight the criticality of each privacy principle for every data set maintained by the organization. The method employed for the calculation of the criticality level, takes into account the consequences that the organization may experience in case of a security or privacy violation incident on a specific data set, the weighting of each privacy principle and the unique characteristics of each organization. So, the results of the proposed PIA method offer a strong indication of the security measures and privacy enforcement mechanisms that the organization should adopt to effectively protect its data. Originality/value The novelty of the method is that it handles security and privacy requirements simultaneously, as it uses the results of risk analysis together with those of a PIA. A further novelty of the method is that it introduces metrics for the quantification of the requirements and also that it takes into account the specific characteristics of the organization.

DATA SECURITY USING RC6 CIPHER ALGORITHM AS AN IMPLEMENTATION OF PRIVACY PRINCIPLE IN THE UU-ITE PERSPECTIVE AND ISLAMIC LAW

Recently, Information technology develops rapidly. It is possible for us to get some informationquickly, properly and efficiently. The information technology also has many advantages fo r people. Theneed for information is increasing according to the need of its users. This proves that informationtechnology can make our job easier and it can help us to save our time particularly for the job thatrelated to information and data processin g. With the increasing use of computer technology today, italso brings up some problems. One of them is security and confidentiality problem which is animportant aspect in an information system. Data security is an important thing in maintaining theconf identiality of particular data that only can be known by those who have right. RC6 is a symmetrickey algorithm which encrypts 128 bit plaintext blocks to 128 bit ciphertext blocks. The encryptionprocess involves four operations which is the critical arit hmetic operation of this block cipher. As alegal state, Indonesia has issued a regulation in a form of laws governing information and electronictransaction or commonly referred to UU ITE. Besides, Islam is a religion that comprehensively givesthe guidan ce of life for people. Islam has provided guidance in the various fields ranging from social,politics, economics and various other fields.

DATA SECURITY USING RC6 CIPHER ALGORITHM AS AN IMPLEMENTATION OF PRIVACY PRINCIPLE IN THE UU-ITE PERSPECTIVE AND ISLAMIC LAW

Recently, Information technology develops rapidly. It is possible for us to get some informationquickly, properly and efficiently. The information technology also has many advantages fo r people. Theneed for information is increasing according to the need of its users. This proves that informationtechnology can make our job easier and it can help us to save our time particularly for the job thatrelated to information and data processin g. With the increasing use of computer technology today, italso brings up some problems. One of them is security and confidentiality problem which is animportant aspect in an information system. Data security is an important thing in maintaining theconf identiality of particular data that only can be known by those who have right. RC6 is a symmetrickey algorithm which encrypts 128 bit plaintext blocks to 128 bit ciphertext blocks. The encryptionprocess involves four operations which is the critical arit hmetic operation of this block cipher. As alegal state, Indonesia has issued a regulation in a form of laws governing information and electronictransaction or commonly referred to UU ITE. Besides, Islam is a religion that comprehensively givesthe guidan ce of life for people. Islam has provided guidance in the various fields ranging from social,politics, economics and various other fields.

DATA SECURITY USING RC6 CIPHER ALGORITHM AS AN IMPLEMENTATION OF PRIVACY PRINCIPLE IN THE UU-ITE PERSPECTIVE AND ISLAMIC LAW

Recently, Information technology develops rapidly. It is possible for us to get some informationquickly, properly and efficiently. The information technology also has many advantages fo r people. Theneed for information is increasing according to the need of its users. This proves that informationtechnology can make our job easier and it can help us to save our time particularly for the job thatrelated to information and data processin g. With the increasing use of computer technology today, italso brings up some problems. One of them is security and confidentiality problem which is animportant aspect in an information system. Data security is an important thing in maintaining theconf identiality of particular data that only can be known by those who have right. RC6 is a symmetrickey algorithm which encrypts 128 bit plaintext blocks to 128 bit ciphertext blocks. The encryptionprocess involves four operations which is the critical arit hmetic operation of this block cipher. As alegal state, Indonesia has issued a regulation in a form of laws governing information and electronictransaction or commonly referred to UU ITE. Besides, Islam is a religion that comprehensively givesthe guidan ce of life for people. Islam has provided guidance in the various fields ranging from social,politics, economics and various other fields.

Mandatory Data Breach Notification and Hacking the Smart Home: A Legal Response to Cybersecurity?

This paper will investigate whether the Australian legal and regulatory framework sufficiently addresses cybersecurity concerns particular to the smart home. Specifically, the paper will analyse the extent to which the introduction of the data breach notification scheme in Australia will apply to smart home device manufacturers regulated by the federal Privacy Act 1988 (Cth) regarding device breaches. By examining Australian Privacy Principle 11 and the introduction of mandatory data breach notification, the paper aims to determine whether the Australian privacy model of Principles-Based Regulation is capable of providing a market-based solution to cybersecurity concerns in the smart home.

Mandatory Data Breach Notification and Hacking the Smart Home: A Legal Response to Cybersecurity?

This paper will investigate whether the Australian legal and regulatory framework sufficiently addresses cybersecurity concerns particular to the smart home. Specifically, the paper will analyse the extent to which the introduction of the data breach notification scheme in Australia will apply to smart home device manufacturers regulated by the federal Privacy Act 1988 (Cth) regarding device breaches. By examining Australian Privacy Principle 11 and the introduction of mandatory data breach notification, the paper aims to determine whether the Australian privacy model of Principles Based Regulation is capable of providing a market-based solution to cybersecurity concerns in the smart home.

Location Privacy for Rank-based Geo-Query Systems

The mobile eco-system is driven by an increasing number of location-aware applications. Consequently, a number of location privacy models have been proposed to prevent the unwanted inference of sensitive information from location traces. A primary focus in these models is to ensure that a privacy mechanism can indeed retrieve results that are geographically the closest. However, geo-query results are, in most cases, ranked using a combination of distance and importance data, thereby producing a result landscape that is periodically flat and not always dictated by distance. A privacy model that does not exploit this structure of geo-query results may enforce weaker levels of location privacy. Towards this end, we explore a formal location privacy principle designed to capture arbitrary similarity between locations, be it distance, or the number of objects common in their result sets. We propose a composite privacy mechanism that performs probabilistic cloaking and exponentially weighted sampling to provide coarse grain location hiding within a tunable area, and finer privacy guarantees under the principle inside this area. We present extensive empirical evidence to supplement claims on the effectiveness of the approach, along with comparative results to assert the stronger privacy guarantees.