Search results

1 – 10 of over 54000
To view the access options for this content please click here
Article
Publication date: 1 April 1994

JOHN LAMIDEY

This paper considers the effectiveness of the Data Protection Act since its launch in 1984. The National Audit Office prepared a report in 1993, which was critical of the…

Downloads
1432

Abstract

This paper considers the effectiveness of the Data Protection Act since its launch in 1984. The National Audit Office prepared a report in 1993, which was critical of the Data Protection Registrar, its implementation of the registration and the eight data protection principles of good practice. These criticisms are discussed here with a view to improving the Registrar's approach to data protection law, and its attitude to those who are required to register under the Data Protection Act.

Details

Journal of Financial Regulation and Compliance, vol. 2 no. 4
Type: Research Article
ISSN: 1358-1988

To view the access options for this content please click here
Article
Publication date: 20 January 2012

M. Naughton, I. Callanan, A. Guerandel and K. Malone

Medical confidentiality derives from the Hippocratic Oath and has been affirmed in most codes of professional conduct, including the Irish Medical Council's guide to…

Abstract

Purpose

Medical confidentiality derives from the Hippocratic Oath and has been affirmed in most codes of professional conduct, including the Irish Medical Council's guide to professional conduct and ethics. The Irish Data Protection Act 1988 and Amendment 2003 bring this responsibility into a legal forum. The aim of this audit is to assess how comprehensively medical tutors/consultants instilled knowledge and appreciation of confidentiality and data protection to medical students in a prominent Dublin University Hospital.

Design/methodology/approach

Breaches in data protection legislation by final year medical students were identified by means of a questionnaire. Changes were made to the curriculum (presentations, notices on students' e‐learning interface and induction manual) and to the exams in psychiatry, to increase awareness of data protection legislation. Students at the same point in their education were re‐assessed one year later to see if the interventions were helpful in increasing knowledge and improving adherence to data protection legislation.

Findings

Significant breaches of the data protection legislation at baseline and follow up were identified. Examples include: “Data shall be kept for one or more specified, explicit and legitimate purposes” – when asked if they would inform patients that assessments were for submission of a case report, 44 per cent at baseline and 56 per cent at follow‐up said yes. “Appropriate security measures shall be taken against unauthorised access” – 52 per cent password‐protected their computer at baseline and 59 per cent did at follow‐up. Of those that had no password protection at baseline, 70 per cent of their computers were used by others, with little change in this at follow‐up (68 per cent). At baseline 52 per cent kept a copy of reports on USB devices compared to 46 per cent at follow‐up. 26 per cent admitted to losing a USB device in the past. “Data should not be kept longer than is necessary for that purpose” – 63 per cent admitting keeping electronic copies of case reports on their computers following submission at baseline and 64 per cent at follow‐up. “Data should be made anonymous” – 96 per cent at baseline and 100 per cent at follow‐up used initials when submitting case reports to make the data anonymous.

Practical implications

What was disappointing was that, while knowledge and awareness of obligations under data protection legislation improved following intervention, breaches in compliance still remained.

Originality/value

This is the first such audit in Ireland on the provision of educational training in the area of data protection legislation to medical students. It is likely that that such breaches by medical students reflect the tip of the iceberg in relation to probable breaches amongst registered healthcare professionals. The challenge now facing the medical profession and healthcare services is to effect behavioural change to improve compliance with data protection legislation.

Details

Clinical Governance: An International Journal, vol. 17 no. 1
Type: Research Article
ISSN: 1477-7274

Keywords

To view the access options for this content please click here
Article
Publication date: 29 September 2021

Zongda Wu, Shigen Shen, Huxiong Li, Haiping Zhou and Dongdong Zou

First, the authors analyze the key problems faced by the protection of digital library readers' data privacy and behavior privacy. Second, the authors introduce the…

Abstract

Purpose

First, the authors analyze the key problems faced by the protection of digital library readers' data privacy and behavior privacy. Second, the authors introduce the characteristics of all kinds of existing approaches to privacy protection and their application limitations in the protection of readers' data privacy and behavior privacy. Lastly, the authors compare the advantages and disadvantages of each kind of existing approaches in terms of security, efficiency, accuracy and practicality and analyze the challenges faced by the protection of digital library reader privacy.

Design/methodology/approach

In this paper, the authors review a number of research achievements relevant to privacy protection and analyze and evaluate the application limitations of them in the reader privacy protection of a digital library, consequently, establishing the constraints that an ideal approach to library reader privacy protection should meet, so as to provide references for the follow-up research of the problem.

Findings

As a result, the authors conclude that an ideal approach to reader privacy protection should be able to comprehensively improve the security of all kinds of readers' privacy information on the untrusted server-side as a whole, under the premise of not changing the architecture, efficiency, accuracy and practicality of a digital library system.

Originality/value

Along with the rapid development of new network technologies, such as cloud computing, the server-side of a digital library is becoming more and more untrustworthy, thereby, posing a serious threat to the privacy of library readers. In fact, the problem of reader privacy has become one of the important obstacles to the further development and application of digital libraries.

Details

Library Hi Tech, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0737-8831

Keywords

To view the access options for this content please click here

Abstract

Details

Drones and the Law
Type: Book
ISBN: 978-1-80043-249-9

To view the access options for this content please click here
Article
Publication date: 14 December 2018

Annegret Bendiek and Magnus Römer

This paper aims to explain how the EU projects its own data protection regime to third states and the US in particular. Digital services have become a central element in…

Downloads
2436

Abstract

Purpose

This paper aims to explain how the EU projects its own data protection regime to third states and the US in particular. Digital services have become a central element in the transatlantic economy. A substantial part of that trade is associated with the transfer of data, most of it personal, requiring many of the new products and services emerging to adhere to data protection standards. Yet different conceptions of data protection exist across the Atlantic, with the EU putting a particular focus on protecting the fundamental right to privacy.

Design/methodology/approach

Using the distinction between positive and negative forms of market integration as a starting point (Scharpf, 1997), this paper examines the question of how the EU is projecting its own data protection regime to third states. The so-called California effect (Vogel, 1997) and the utilization of trade agreements in the EU’s foreign policy and external relations are well researched. With decreasing effectiveness and limited territorial reach of its enlargement policy, the EU found trade agreements to be particularly effective to set standards on a global level (Lavenex and Schimmelfennig, 2009). The existence of the single market makes the Union not only an important locus of regulation but also a strong economic actor with the global ambition of digital assertiveness. In the past, establishing standards for the EU’s vast consumer market has proven effective in compelling non-European market participants to join.

Findings

As the globe’s largest consumer market, Europe aims to project its own data protection laws through the market place principle (lex loci solutionis), requiring any data processor to follow its laws whenever European customers’ data are processed. This paper argues that European data protection law creates a “California Effect”, whereby the EU exerts pressure on extra-territorial markets by unilateral standard setting.

Originality/value

With its GDPR, the EU may have defused the problem of European citizens’ data being stored and evaluated according to the US law. However, it has also set a precedent of extra-territorial applicability of its legislation – despite having previously criticized the USA for such practices. By now, international companies increasingly store data of European customers in Europe to prevent conflicts with EU law. With this decision, the EU will apply its own law on others’ sovereign territory. Conflicts created through the extra-territorial effects of national law may contradict the principle of due diligence obligations but are nevertheless not illegitimate. They may, however, have further unintended effects: Other major economies are likely to be less reluctant in the future about passing legal provisions with extra-territorial effect.

Details

Digital Policy, Regulation and Governance, vol. 21 no. 1
Type: Research Article
ISSN: 2398-5038

Keywords

To view the access options for this content please click here
Article
Publication date: 13 December 2019

Yang Li and Xuhua Hu

The purpose of this paper is to solve the problem of information privacy and security of social users. Mobile internet and social network are more and more deeply…

Abstract

Purpose

The purpose of this paper is to solve the problem of information privacy and security of social users. Mobile internet and social network are more and more deeply integrated into people’s daily life, especially under the interaction of the fierce development momentum of the Internet of Things and diversified personalized services, more and more private information of social users is exposed to the network environment actively or unintentionally. In addition, a large amount of social network data not only brings more benefits to network application providers, but also provides motivation for malicious attackers. Therefore, under the social network environment, the research on the privacy protection of user information has great theoretical and practical significance.

Design/methodology/approach

In this study, based on the social network analysis, combined with the attribute reduction idea of rough set theory, the generalized reduction concept based on multi-level rough set from the perspectives of positive region, information entropy and knowledge granularity of rough set theory were proposed. Furthermore, it was traversed on the basis of the hierarchical compatible granularity space of the original information system and the corresponding attribute values are coarsened. The selected test data sets were tested, and the experimental results were analyzed.

Findings

The results showed that the algorithm can guarantee the anonymity requirement of data publishing and improve the effect of classification modeling on anonymous data in social network environment.

Research limitations/implications

In the test and verification of privacy protection algorithm and privacy protection scheme, the efficiency of algorithm and scheme needs to be tested on a larger data scale. However, the data in this study are not enough. In the following research, more data will be used for testing and verification.

Practical implications

In the context of social network, the hierarchical structure of data is introduced into rough set theory as domain knowledge by referring to human granulation cognitive mechanism, and rough set modeling for complex hierarchical data is studied for hierarchical data of decision table. The theoretical research results are applied to hierarchical decision rule mining and k-anonymous privacy protection data mining research, which enriches the connotation of rough set theory and has important theoretical and practical significance for further promoting the application of this theory. In addition, combined the theory of secure multi-party computing and the theory of attribute reduction in rough set, a privacy protection feature selection algorithm for multi-source decision table is proposed, which solves the privacy protection problem of feature selection in distributed environment. It provides a set of effective rough set feature selection method for privacy protection classification mining in distributed environment, which has practical application value for promoting the development of privacy protection data mining.

Originality/value

In this study, the proposed algorithm and scheme can effectively protect the privacy of social network data, ensure the availability of social network graph structure and realize the need of both protection and sharing of user attributes and relational data.

Details

Library Hi Tech, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0737-8831

Keywords

To view the access options for this content please click here
Article
Publication date: 6 August 2018

Jawahitha Sarabdeen and Immanuel Azaad Moonesar

The move toward e-health care in various countries is envisaged to reduce the cost of provision of health care, improve the quality of care and reduce medical errors. The…

Downloads
1191

Abstract

Purpose

The move toward e-health care in various countries is envisaged to reduce the cost of provision of health care, improve the quality of care and reduce medical errors. The most significant problem is the protection of patients’ data privacy. If the patients are reluctant or refuse to participate in health care system due to lack of privacy laws and regulations, the benefit of the full-fledged e-health care system cannot be materialized. The purpose of this paper is to investigate the available e-health data privacy protection laws and the perception of the people using the e-health care facilities.

Design/methodology/approach

The researchers used content analysis to analyze the availability and comprehensive nature of the laws and regulations. The researchers also used survey method. Participants in the study comprised of health care professionals (n=46) and health care users (n=187) who are based in the Dubai, United Arab Emirates. The researchers applied descriptive statistics mechanisms and correlational analysis to analyze the data in the survey.

Findings

The content analysis revealed that the available health data protection laws are limited in scope. The survey results, however, showed that the respondents felt that they could trust the e-health services systems offered in the UAE as the data collected is protected, the rights are not violated. The research also revealed that there was no significance difference between the nationality and the privacy data statements. All the nationality agreed that there is protection in place for the protection of e-health data. There was no significance difference between the demographic data sets and the many data protection principles.

Originality/value

The findings on the users’ perception could help to evaluate the success in realizing current strategies and an action plan of benchmarking could be introduced.

Details

Benchmarking: An International Journal, vol. 25 no. 6
Type: Research Article
ISSN: 1463-5771

Keywords

To view the access options for this content please click here
Book part
Publication date: 6 December 2018

Albena Kuyumdzhieva

The chapter deliberates on research ethics and the unanticipated side effects that technological developments have brought in the past decades. It looks at data protection

Abstract

The chapter deliberates on research ethics and the unanticipated side effects that technological developments have brought in the past decades. It looks at data protection and privacy through the prism of ethics and focuses on the need for safeguarding the fundamental rights of the research participants in the new digital era. Acknowledging the benefits of data analytics for boosting scientific process, the chapter reflects on the main principles and specific research derogations, introduced by the EU General Data Protection Regulation. Further on, it discusses some of the most pressing ethics concerns, related to the use, reuse, and misuse of data; the distinction between publicly available and open data; ethics challenges in online recruitment of research participants; and the potential bias and representativeness problems of Big Data research. The chapter underscores that all challenges should be properly addressed at the outset of research design. Highlighting the power asymmetries between Big Data studies and individuals’ rights to data protection, human dignity, and respect for private and family life, the chapter argues that anonymization may be reasonable, yet not the ultimate ethics solution. It asserts that while anonymization techniques may protect individual data protection rights, the former may not be sufficient to prevent discrimination and stigmatization of entire groups of populations. Finally, the chapter suggests some approaches for ensuring ethics compliance in the digital era.

Details

Ethics and Integrity in Health and Life Sciences Research
Type: Book
ISBN: 978-1-78743-572-8

Keywords

To view the access options for this content please click here
Article
Publication date: 1 January 1996

ANGELA JONES‐EVANS

This paper gives an overview of the 1984 Data Protection Act and the implications for records managers who store information about people on a computer. The terminology of…

Abstract

This paper gives an overview of the 1984 Data Protection Act and the implications for records managers who store information about people on a computer. The terminology of the Act and its eight principles are described, and criteria are given for deciding whether or not an organisation should register with the Data Protection Registrar.

Details

Records Management Journal, vol. 6 no. 1
Type: Research Article
ISSN: 0956-5698

To view the access options for this content please click here
Article
Publication date: 24 July 2020

Rene Kaiser, Stefan Thalmann and Viktoria Pammer-Schindler

This paper aims to report an interview study investigating knowledge protection practices in a collaborative research and innovation project centred around the…

Abstract

Purpose

This paper aims to report an interview study investigating knowledge protection practices in a collaborative research and innovation project centred around the semi-conductor industry. The authors explore which and how knowledge protection practices are applied and zoom in on a particular one to investigate the perspective of three stakeholders which collaborate: the SUPPLIER of a specialised machine, the APPLIER of this machine and a SCHOLAR who collaborates with both, in an effort to develop a grey-box model of the machine and its operation.

Design/methodology/approach

A total of 33 interviews have been conducted in two rounds: 30 interviews explore knowledge protection practices applied across a large project. Qualitative content analysis is applied to determine practices not well covered by the research community. A total of three follow-up interviews inspect one specific collaboration case of three partners. Quotes from all interviews are used to illustrate the participants’ viewpoints and motivation.

Findings

SCHOLAR and APPLIER communicate using a data-centric knowledge protection practice, in that concrete parameter values are sensitive and hidden by communicating data within a wider parameter range. This practice balances the benefit that all three stakeholders have from communicating about specifics of machine design and operations. The grey-box model combines engineering knowledge of both SUPPLIER and APPLIER.

Practical implications

The line of thought described in this study is applicable to comparable collaboration constellations of a SUPPLIER of a machine, an APPLIER of a machine and a SCHOLAR who analyses and draws insights out of data.

Originality/value

The paper fills a research gap by reporting on applied knowledge protection practices and characterising a data-centric knowledge protection practice around a grey-box model.

Details

VINE Journal of Information and Knowledge Management Systems, vol. 51 no. 5
Type: Research Article
ISSN: 2059-5891

Keywords

1 – 10 of over 54000