Search results

1 – 10 of over 60000
Article
Publication date: 1 April 1994

JOHN LAMIDEY

This paper considers the effectiveness of the Data Protection Act since its launch in 1984. The National Audit Office prepared a report in 1993, which was critical of the…

1443

Abstract

This paper considers the effectiveness of the Data Protection Act since its launch in 1984. The National Audit Office prepared a report in 1993, which was critical of the Data Protection Registrar, its implementation of the registration and the eight data protection principles of good practice. These criticisms are discussed here with a view to improving the Registrar's approach to data protection law, and its attitude to those who are required to register under the Data Protection Act.

Details

Journal of Financial Regulation and Compliance, vol. 2 no. 4
Type: Research Article
ISSN: 1358-1988

Article
Publication date: 20 January 2012

M. Naughton, I. Callanan, A. Guerandel and K. Malone

Medical confidentiality derives from the Hippocratic Oath and has been affirmed in most codes of professional conduct, including the Irish Medical Council's guide to…

Abstract

Purpose

Medical confidentiality derives from the Hippocratic Oath and has been affirmed in most codes of professional conduct, including the Irish Medical Council's guide to professional conduct and ethics. The Irish Data Protection Act 1988 and Amendment 2003 bring this responsibility into a legal forum. The aim of this audit is to assess how comprehensively medical tutors/consultants instilled knowledge and appreciation of confidentiality and data protection to medical students in a prominent Dublin University Hospital.

Design/methodology/approach

Breaches in data protection legislation by final year medical students were identified by means of a questionnaire. Changes were made to the curriculum (presentations, notices on students' e‐learning interface and induction manual) and to the exams in psychiatry, to increase awareness of data protection legislation. Students at the same point in their education were re‐assessed one year later to see if the interventions were helpful in increasing knowledge and improving adherence to data protection legislation.

Findings

Significant breaches of the data protection legislation at baseline and follow up were identified. Examples include: “Data shall be kept for one or more specified, explicit and legitimate purposes” – when asked if they would inform patients that assessments were for submission of a case report, 44 per cent at baseline and 56 per cent at follow‐up said yes. “Appropriate security measures shall be taken against unauthorised access” – 52 per cent password‐protected their computer at baseline and 59 per cent did at follow‐up. Of those that had no password protection at baseline, 70 per cent of their computers were used by others, with little change in this at follow‐up (68 per cent). At baseline 52 per cent kept a copy of reports on USB devices compared to 46 per cent at follow‐up. 26 per cent admitted to losing a USB device in the past. “Data should not be kept longer than is necessary for that purpose” – 63 per cent admitting keeping electronic copies of case reports on their computers following submission at baseline and 64 per cent at follow‐up. “Data should be made anonymous” – 96 per cent at baseline and 100 per cent at follow‐up used initials when submitting case reports to make the data anonymous.

Practical implications

What was disappointing was that, while knowledge and awareness of obligations under data protection legislation improved following intervention, breaches in compliance still remained.

Originality/value

This is the first such audit in Ireland on the provision of educational training in the area of data protection legislation to medical students. It is likely that that such breaches by medical students reflect the tip of the iceberg in relation to probable breaches amongst registered healthcare professionals. The challenge now facing the medical profession and healthcare services is to effect behavioural change to improve compliance with data protection legislation.

Details

Clinical Governance: An International Journal, vol. 17 no. 1
Type: Research Article
ISSN: 1477-7274

Keywords

Book part
Publication date: 18 July 2022

Sonal Trivedi and Reena Malik

Introduction: The insurance industry is vulnerable to attacks as it deals with the personal information of its consumers and puts the insurance company’s business at risk…

Abstract

Introduction: The insurance industry is vulnerable to attacks as it deals with the personal information of its consumers and puts the insurance company’s business at risk in the event of data breach or abuse. To ensure the security of customer data, insurance companies must comply with various data protection requirements, including requirements imposed by laws, regulations, and standards. Following such a wide range of conditions can be challenging for insurance providers. For a long time, risk management has controlled data protection to ensure compliance with data protection law and ensure that data are processed correctly and that people’s fundamental rights are protected effectively.

Purpose: This chapter explains the role and significance of risk management. An organised way to identify and assess risks, mitigate or avoid risks as much as possible, and then manage and accept the remaining risks, implemented in data protection as needed, explained by the supervisory authority, is implemented by the responsible organisation. This document highlights the growing consensus surrounding risk management as an essential tool for adequate data protection. Furthermore, it addresses vital considerations that affect the role of risk in data protection law and practice.

Need for study: There is an increasing consensus towards the role and significance of risk management in data protection in the insurance market. As a result, regulators and legislators are focussing on valuable and new attention on standardising and expanding data protection in risk management practices. This paper has attempted to identify critical issues and principles of risk management in data protection.

Methodology: Secondary data analysis was conducted in this study by reviewing literature related to data protection, risk management, and the insurance sector. Again, science direct was used as a source of information. For this study, the literature review approach was chosen since it allows us to trace the growth of the subject matter and identify the patterns that have formed through time.

Findings: The insurance industry comprises general insurance and life insurance. It is found that there are various studies conducted on the privacy violation and data breaches of individuals in the insurance industry. The study also identifies the factors causing privacy issues and recommends improving data privacy management in the insurance market.

Practical implications: The current study can be referred to by academicians, marketers, industry people, and policymakers. In addition, the study encourages companies and academicians to investigate further the process of data protection in the insurance industry.

Details

Big Data Analytics in the Insurance Market
Type: Book
ISBN: 978-1-80262-638-4

Keywords

Abstract

Details

Drones and the Law
Type: Book
ISBN: 978-1-80043-249-9

Article
Publication date: 29 September 2021

Zongda Wu, Shigen Shen, Huxiong Li, Haiping Zhou and Dongdong Zou

First, the authors analyze the key problems faced by the protection of digital library readers' data privacy and behavior privacy. Second, the authors introduce the…

Abstract

Purpose

First, the authors analyze the key problems faced by the protection of digital library readers' data privacy and behavior privacy. Second, the authors introduce the characteristics of all kinds of existing approaches to privacy protection and their application limitations in the protection of readers' data privacy and behavior privacy. Lastly, the authors compare the advantages and disadvantages of each kind of existing approaches in terms of security, efficiency, accuracy and practicality and analyze the challenges faced by the protection of digital library reader privacy.

Design/methodology/approach

In this paper, the authors review a number of research achievements relevant to privacy protection and analyze and evaluate the application limitations of them in the reader privacy protection of a digital library, consequently, establishing the constraints that an ideal approach to library reader privacy protection should meet, so as to provide references for the follow-up research of the problem.

Findings

As a result, the authors conclude that an ideal approach to reader privacy protection should be able to comprehensively improve the security of all kinds of readers' privacy information on the untrusted server-side as a whole, under the premise of not changing the architecture, efficiency, accuracy and practicality of a digital library system.

Originality/value

Along with the rapid development of new network technologies, such as cloud computing, the server-side of a digital library is becoming more and more untrustworthy, thereby, posing a serious threat to the privacy of library readers. In fact, the problem of reader privacy has become one of the important obstacles to the further development and application of digital libraries.

Details

Library Hi Tech, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0737-8831

Keywords

Article
Publication date: 14 December 2018

Annegret Bendiek and Magnus Römer

This paper aims to explain how the EU projects its own data protection regime to third states and the US in particular. Digital services have become a central element in…

2764

Abstract

Purpose

This paper aims to explain how the EU projects its own data protection regime to third states and the US in particular. Digital services have become a central element in the transatlantic economy. A substantial part of that trade is associated with the transfer of data, most of it personal, requiring many of the new products and services emerging to adhere to data protection standards. Yet different conceptions of data protection exist across the Atlantic, with the EU putting a particular focus on protecting the fundamental right to privacy.

Design/methodology/approach

Using the distinction between positive and negative forms of market integration as a starting point (Scharpf, 1997), this paper examines the question of how the EU is projecting its own data protection regime to third states. The so-called California effect (Vogel, 1997) and the utilization of trade agreements in the EU’s foreign policy and external relations are well researched. With decreasing effectiveness and limited territorial reach of its enlargement policy, the EU found trade agreements to be particularly effective to set standards on a global level (Lavenex and Schimmelfennig, 2009). The existence of the single market makes the Union not only an important locus of regulation but also a strong economic actor with the global ambition of digital assertiveness. In the past, establishing standards for the EU’s vast consumer market has proven effective in compelling non-European market participants to join.

Findings

As the globe’s largest consumer market, Europe aims to project its own data protection laws through the market place principle (lex loci solutionis), requiring any data processor to follow its laws whenever European customers’ data are processed. This paper argues that European data protection law creates a “California Effect”, whereby the EU exerts pressure on extra-territorial markets by unilateral standard setting.

Originality/value

With its GDPR, the EU may have defused the problem of European citizens’ data being stored and evaluated according to the US law. However, it has also set a precedent of extra-territorial applicability of its legislation – despite having previously criticized the USA for such practices. By now, international companies increasingly store data of European customers in Europe to prevent conflicts with EU law. With this decision, the EU will apply its own law on others’ sovereign territory. Conflicts created through the extra-territorial effects of national law may contradict the principle of due diligence obligations but are nevertheless not illegitimate. They may, however, have further unintended effects: Other major economies are likely to be less reluctant in the future about passing legal provisions with extra-territorial effect.

Details

Digital Policy, Regulation and Governance, vol. 21 no. 1
Type: Research Article
ISSN: 2398-5038

Keywords

Article
Publication date: 13 December 2019

Yang Li and Xuhua Hu

The purpose of this paper is to solve the problem of information privacy and security of social users. Mobile internet and social network are more and more deeply…

Abstract

Purpose

The purpose of this paper is to solve the problem of information privacy and security of social users. Mobile internet and social network are more and more deeply integrated into people’s daily life, especially under the interaction of the fierce development momentum of the Internet of Things and diversified personalized services, more and more private information of social users is exposed to the network environment actively or unintentionally. In addition, a large amount of social network data not only brings more benefits to network application providers, but also provides motivation for malicious attackers. Therefore, under the social network environment, the research on the privacy protection of user information has great theoretical and practical significance.

Design/methodology/approach

In this study, based on the social network analysis, combined with the attribute reduction idea of rough set theory, the generalized reduction concept based on multi-level rough set from the perspectives of positive region, information entropy and knowledge granularity of rough set theory were proposed. Furthermore, it was traversed on the basis of the hierarchical compatible granularity space of the original information system and the corresponding attribute values are coarsened. The selected test data sets were tested, and the experimental results were analyzed.

Findings

The results showed that the algorithm can guarantee the anonymity requirement of data publishing and improve the effect of classification modeling on anonymous data in social network environment.

Research limitations/implications

In the test and verification of privacy protection algorithm and privacy protection scheme, the efficiency of algorithm and scheme needs to be tested on a larger data scale. However, the data in this study are not enough. In the following research, more data will be used for testing and verification.

Practical implications

In the context of social network, the hierarchical structure of data is introduced into rough set theory as domain knowledge by referring to human granulation cognitive mechanism, and rough set modeling for complex hierarchical data is studied for hierarchical data of decision table. The theoretical research results are applied to hierarchical decision rule mining and k-anonymous privacy protection data mining research, which enriches the connotation of rough set theory and has important theoretical and practical significance for further promoting the application of this theory. In addition, combined the theory of secure multi-party computing and the theory of attribute reduction in rough set, a privacy protection feature selection algorithm for multi-source decision table is proposed, which solves the privacy protection problem of feature selection in distributed environment. It provides a set of effective rough set feature selection method for privacy protection classification mining in distributed environment, which has practical application value for promoting the development of privacy protection data mining.

Originality/value

In this study, the proposed algorithm and scheme can effectively protect the privacy of social network data, ensure the availability of social network graph structure and realize the need of both protection and sharing of user attributes and relational data.

Details

Library Hi Tech, vol. 40 no. 1
Type: Research Article
ISSN: 0737-8831

Keywords

Article
Publication date: 6 August 2018

Jawahitha Sarabdeen and Immanuel Azaad Moonesar

The move toward e-health care in various countries is envisaged to reduce the cost of provision of health care, improve the quality of care and reduce medical errors. The…

1397

Abstract

Purpose

The move toward e-health care in various countries is envisaged to reduce the cost of provision of health care, improve the quality of care and reduce medical errors. The most significant problem is the protection of patients’ data privacy. If the patients are reluctant or refuse to participate in health care system due to lack of privacy laws and regulations, the benefit of the full-fledged e-health care system cannot be materialized. The purpose of this paper is to investigate the available e-health data privacy protection laws and the perception of the people using the e-health care facilities.

Design/methodology/approach

The researchers used content analysis to analyze the availability and comprehensive nature of the laws and regulations. The researchers also used survey method. Participants in the study comprised of health care professionals (n=46) and health care users (n=187) who are based in the Dubai, United Arab Emirates. The researchers applied descriptive statistics mechanisms and correlational analysis to analyze the data in the survey.

Findings

The content analysis revealed that the available health data protection laws are limited in scope. The survey results, however, showed that the respondents felt that they could trust the e-health services systems offered in the UAE as the data collected is protected, the rights are not violated. The research also revealed that there was no significance difference between the nationality and the privacy data statements. All the nationality agreed that there is protection in place for the protection of e-health data. There was no significance difference between the demographic data sets and the many data protection principles.

Originality/value

The findings on the users’ perception could help to evaluate the success in realizing current strategies and an action plan of benchmarking could be introduced.

Details

Benchmarking: An International Journal, vol. 25 no. 6
Type: Research Article
ISSN: 1463-5771

Keywords

Book part
Publication date: 6 December 2018

Albena Kuyumdzhieva

The chapter deliberates on research ethics and the unanticipated side effects that technological developments have brought in the past decades. It looks at data protection

Abstract

The chapter deliberates on research ethics and the unanticipated side effects that technological developments have brought in the past decades. It looks at data protection and privacy through the prism of ethics and focuses on the need for safeguarding the fundamental rights of the research participants in the new digital era. Acknowledging the benefits of data analytics for boosting scientific process, the chapter reflects on the main principles and specific research derogations, introduced by the EU General Data Protection Regulation. Further on, it discusses some of the most pressing ethics concerns, related to the use, reuse, and misuse of data; the distinction between publicly available and open data; ethics challenges in online recruitment of research participants; and the potential bias and representativeness problems of Big Data research. The chapter underscores that all challenges should be properly addressed at the outset of research design. Highlighting the power asymmetries between Big Data studies and individuals’ rights to data protection, human dignity, and respect for private and family life, the chapter argues that anonymization may be reasonable, yet not the ultimate ethics solution. It asserts that while anonymization techniques may protect individual data protection rights, the former may not be sufficient to prevent discrimination and stigmatization of entire groups of populations. Finally, the chapter suggests some approaches for ensuring ethics compliance in the digital era.

Details

Ethics and Integrity in Health and Life Sciences Research
Type: Book
ISBN: 978-1-78743-572-8

Keywords

Book part
Publication date: 22 March 2022

Björn Fasterling

The context of this chapter is the use of data and advanced data analytics in a commercial setting. Privacy is considered as protection from vulnerability, whereby…

Abstract

The context of this chapter is the use of data and advanced data analytics in a commercial setting. Privacy is considered as protection from vulnerability, whereby vulnerability is understood as the state of being exposed to the possibility of being harmed, either physically or emotionally, or in fundamental rights other than privacy. Therefore, privacy's policy instruments, in particular data protection law, could be seen as a means to reduce the risk of harm resulting from data use. Such harm is probabilistic and often uncertain, which, however, does not exclude analyzing costs and benefits of regulatory data protection policies. When balancing privacy protections and opportunities for knowledge gain, regulatory policy could be viewed as superior, when it expands the range of possible trade-offs between vulnerability protection and gaining socially beneficial knowledge.

Details

The Law and Economics of Privacy, Personal Data, Artificial Intelligence, and Incomplete Monitoring
Type: Book
ISBN: 978-1-80262-002-3

Keywords

1 – 10 of over 60000