Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 8 Data Privacy. Data Collection IP addresses Visited urls Anonymized? If so, supposed to prevent personal identification Europe considers IP address.

Published byMariah Wheeler Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 8 Data Privacy. Data Collection IP addresses Visited urls Anonymized? If so, supposed to prevent personal identification Europe considers IP address."— Presentation transcript:

1 Chapter 8 Data Privacy

2 Data Collection IP addresses Visited urls Anonymized? If so, supposed to prevent personal identification Europe considers IP address personal information PgP BUSA331 Chapter 8

3 ISP Subscriber Information Links IP address to individual subscriber Info may be needed for litigation/prosecution Balance anonymous free speech with opponents reputation Courts rule both ways… PgP BUSA331 Chapter 8

4 Search Engine Queries Retain lots of info Search string, date, time, IP address… May store cookie that can track subsequent searches Imagine if Joe McCarthy had access to this data in the 1950’s! Bush administration trying to obtain search engine records…scary… PgP BUSA331 Chapter 8

5 Data Retention Deleting ISP log files permissible but Electronic Communication Transactional Records Act of 1996 requires ISP to retain records for 90 days upon request of government entity Bush administration wanted to go further… SAFETY bill, retain records FOREVER! Mark Foley sponsor, how ironic PgP BUSA331 Chapter 8

6 EU Data Retention Retention policies of 6 months to 2 years (country dependent) UK had issue with FaceBook not deleting photos, only unlinking Problem-longer data retention policy increases risk of data being stolen or misused No standard yet PgP BUSA331 Chapter 8

7 Data Breach Most businesses take inadequate security measures Most hackers use state of the art technology Best defense-encrypt data-while in transit and in storage PgP BUSA331 Chapter 8

8 Data Breach Types Intrusion Accidental Disclosure Insider Breach Portable Device Breech Stationary Device Breech Hard Copy Loss Payment Card Fraud PgP BUSA331 Chapter 8

9 Data Breach Consequences ARRA-American Recovery and Reinvestment Act HITECH-Health Information Technology for Economic and Clinical Health HIPAA-Health Insurance Portability and Accountability Act PgP BUSA331 Chapter 8

10 Metadata Metadata-data about data Background at GRC.com (Metadata)Metadata Typically created in conjunction with computer files-text documents (next slide) Discoverable and could be valuable to an opposing party Federal Rules of Civil Procedure Consider stripping metadata from files Be mindful of any litigation holds PgP BUSA331 Chapter 8

11 Metadata Example-Word Doc PgP BUSA331 Chapter 8

12 Data in the Wrong Hands Consider who else may have access to an email account People share accounts, passwords Committees share accounts (fdc@winona.edu)fdc@winona.edu Wire Shark - http://www.wireshark.org/http://www.wireshark.org/ A network protocol analyzer that lets you see what is happening on your network at a microscopic level. PgP BUSA331 Chapter 8

13 Public Wi-Fi and WireShark PgP BUSA331 Chapter 8

14 Data in the Wrong Hands Cloud computing Controlled by Policies and Procedures Who has physical access? Post termination conditions? Effect of third-party subpoena Where is the data, physically? Other electronic devices Camera memory cards Fax machines, copiers Smartphones PgP BUSA331 Chapter 8

15 Public Records Pre internet Almost inaccessible Post internet Easily accessible Egalitarian? Governments beginning to post online Employer background checks Data validity? PgP BUSA33115

16 Information Broker Liability Used to be private investigator Now collate public info Liability if info used by stalker? Boyer/Youens-yes PgP BUSA33116

17 Insurer Liability Not clear what circumstances insurer liable for dissemination of third party info Indemnity issues, so may be specific riders in future PgP BUSA33117

Download ppt "Chapter 8 Data Privacy. Data Collection IP addresses Visited urls Anonymized? If so, supposed to prevent personal identification Europe considers IP address."

Similar presentations

Electronic Evidence Joe Kashi. Todays Program Types of Electronically stored information Types of Electronically stored information Accessibility and.

Electronic Evidence Joe Kashi. Todays Program Types of Electronically stored information Types of Electronically stored information Accessibility and.
Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.

Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.

COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA What’s New? 2010. What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.

HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
© 2009 The McGraw-Hill Companies, Inc. All rights reserved 3-1 LEGAL AND ETHICAL ISSUES in Medical Practice, Including HIPAA PowerPoint® presentation.

© 2009 The McGraw-Hill Companies, Inc. All rights reserved 3-1 LEGAL AND ETHICAL ISSUES in Medical Practice, Including HIPAA PowerPoint® presentation.
Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.

Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.
11 Section D: SQL  SQL Basics  Adding Records  Searching for Information  Updating Fields  Joining Tables Chapter 11: Databases1.

11 Section D: SQL  SQL Basics  Adding Records  Searching for Information  Updating Fields  Joining Tables Chapter 11: Databases1.
Chapter 11 Privacy Policies and Behavioral Marketing.

Chapter 11 Privacy Policies and Behavioral Marketing.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Email Retention How State and Federal policies can impact local districts.

Retention How State and Federal policies can impact local districts.
1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking Funded by a grant from Take Charge America, Inc.

1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking Funded by a grant from Take Charge America, Inc.
Data Retention LIS 550 Winter 2010 Unsworth Tuesday, March 02, 2010.

Data Retention LIS 550 Winter 2010 Unsworth Tuesday, March 02, 2010.
1 E-Discovery Changes to Federal Rules of Civil Procedure Concerning Discovery of Electronically Stored Information (ESI) Effective Date: 12/01/2006 October,

1 E-Discovery Changes to Federal Rules of Civil Procedure Concerning Discovery of Electronically Stored Information (ESI) Effective Date: 12/01/2006 October,
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Tracking, Privacy, You & The 21 st Century When you talk online the internet listens.

Tracking, Privacy, You & The 21 st Century When you talk online the internet listens.

Similar presentations

Ads by Google