Data Privacy UMich Kristen LeFevre, Assistant Professor CSE Current Group Members: Daniel Fabbri (Ph.D. student) Lujun Fang (Ph.D. student)

Slides:



Advertisements
Similar presentations
The Role of History and Prediction in Data Privacy Kristen LeFevre University of Michigan May 13, 2009.
Advertisements

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
CALEA Compliance in 2006 H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Presented by: Dan Landsberg August 12, Agenda  What is Social Media?  Social Media’s Professional Side  Benefits of Social Media  Regulatory.
Privacy Wizards for Social Networking Sites Reporter : 鄭志欣 Advisor: Hsing-Kuo Pao Date : 2011/01/17 1.
DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.
Security Controls – What Works
Semantic Web and Web Mining: Networking with Industry and Academia İsmail Hakkı Toroslu IST EVENT 2006.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Computer Security: Principles and Practice
Risk management planning related to Health Information Technology
Bank Crime Investigation Techniques by means of Forensic IT
Operational Data Tools Chapter Eight. Copyright © Houghton Mifflin Company. All rights reserved.8–28–2 Chapter Eight Learning Objectives To learn database.
Privacy and Security Risks in Higher Education
Academic Computing Daniella Meeker, PhD Director, Clinical Research Informatics SC-CTSI Assistant Professor of Preventive Medicine and Pediatrics.
PESO Presentation, June 13, 2012 The IRDR Rob Aanstoos, Texas Department of Information Resources June, 2012.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
Forms Management: Compliance, Security & Workflow Efficiencies.
Topic 17: Writing and Publishing the Report Manila 6 December 2013 Irene Kitsara, Project Officer Patent Information Section, Access to Information and.
Keyloggers At Work Jason Clark. History Believed to have been first used by the government Believed that they were used in the early 1990’s Software key.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Computing Essentials 2014 Privacy, Security and Ethics © 2014 by McGraw-Hill Education. This proprietary material solely for authorized instructor use.
Mi-Gyeong Gwak, Christian Vargas, Jonathan Vinson
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
DEVELOPMENT AND EFFECTIVE IMPLEMENTATION OF THE NATIONAL PROGRAM ON OSH IN VIETNAM Reporter: Mrs. Doan Minh Hoa General director of Bureau for Safe Work.
  A virus is illegal computer code that can alter programs or destroy data.  A virus can copy itself onto programs, spreading its damaging effects.
Security and Privacy Practices for Electronic Health Records Joseph W. Hales, PhD, FACMI Intermountain Healthcare Salt Lake City, UT.
Privacy Communication Privacy Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic.
Olof Nilsson.  Ex: Facebook, MySpace, LinkedIn ◦ Allows users to create web pages or profiles that provide information about themselves and are available.
Mayer Brown is a global legal services organization comprising legal practices that are separate entities ("Mayer Brown Practices"). The Mayer Brown Practices.
NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,
Data Warehousing Data Mining Privacy. Reading Bhavani Thuraisingham, Murat Kantarcioglu, and Srinivasan Iyer Extended RBAC-design and implementation.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
European Standards on Confidentiality and Privacy in Healthcare Dr Colin M Harper Division of Psychiatry & Neuroscience Queen’s University.
Course 6: IHS MPI Overview and Tool Usage February 2, 2011.
The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,
Pedigree: Network-wide Protection Against Enterprise Data Leaks Team: Nick Feamster, Assistant Professor, School of CS Anirudh Ramachandran, PhD candidate,
Academic Computing Daniella Meeker, PhD Director, Clinical Research Informatics SC-CTSI Assistant Professor of Preventive Medicine and Pediatrics.
Information and Records Management INFM 718X/LBSC 708X Seminar on E-Discovery.
Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.
TOP TEST SECURITY RECOMMENDATIONS FOR SCHOOL DISTRICTS John Fremer, Ph.D. President Caveon Test Security October 25, 2006.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.
HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.
Configuring Electronic Health Records Privacy and Security in the US Lecture a This material (Comp11_Unit7a) was developed by Oregon Health & Science University.
Introduction Web analysis includes the study of users’ behavior on the web Traffic analysis – Usage analysis Behavior at particular website or across.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
Incident Response Christian Seifert IMT st October 2007.
The Medical College of Georgia HIPAA Privacy Rule Orientation.
Integrating the Healthcare Enterprise The Integration Profiles: Basic Security Profile.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
How Can REDCap Help my Research?
Consumer Health Informatics
Understanding HIPAA Dr. Jennifer Lu.
UNC System Archivists and Records Managers Meeting
Dramatic Change in Data Review Handling with Analytical Tools
Internet law Business law.
Practical Guidance on the Use of Social Media for Recruitment
Innovation in Healthcare across the EU WhiteRoseBrussels
Data Management Ethical considerations for educational research
Data and Applications Security Developments and Directions
18734: Foundations of Privacy
Making it easier for online learners
Presentation transcript:

Data Privacy UMich Kristen LeFevre, Assistant Professor CSE Current Group Members: Daniel Fabbri (Ph.D. student) Lujun Fang (Ph.D. student) Xunjia Lu (Undergraduate student)

Motivation Mass digitization of personal data –Web: , web searches, clickstreams, social network profiles, user-generated content –Healthcare: Electronic health records, clinical trials, genome data –Many more… Legal, ethical, and technical questions surrounding data ownership, collection, dissemination, and use

Our Work Overarching Goal: Developing new technologies to better control the collection, dissemination, and use of sensitive data. Specific Projects: –User-Centric Privacy Controls –Data Use and Compliance Auditing –Privacy-Preserving Data Publishing, Private Data Analysis

User-Centric Privacy Controls (w/ Lujun Fang) Social media requires non-technical end- users to specify access control policies for their data –E.g., Facebook fine-grained privacy settings Hard for most people! Privacy “Wizard” Project applies data mining and machine learning techniques to recommend detailed privacy settings with minimal user input

Data Use Auditing, Compliance Reporting (w/ Dan Fabbri, Xunjia Lu) Access control prevents unauthorized data access –Policies may be incomplete or incorrect –Policies may be deliberately loose E.g., Electronic Health Records Complementary tool: Maintain an audit log to support a posteriori investigation Interesting Challenges: –Misconfiguration response and breach reporting (Dan) –Log monitoring, analysis, and proactive detection of data breaches (Xunjia, Lujun)

Thank you! Questions? Web:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.