Robert Guerra Director, CryptoRights Foundation

1. Implementing Privacy:Rules of the Game for Developers Robert Guerra Director, CryptoRights Foundation Mac-Crypto Conference on Macintosh Cryptography & Internet Commerce January 29, 2001

2. Overview • The Basics: Info-Privacy Principles • General Trends: Global Privacy Law • Getting Specific: Medical Privacy

3. The Basics: Information Privacy Principles

4. Information Privacy Principles [1] • Accountability of Data Maintainer • Purpose for Data Collection • Consent for Data Collection • Limits on Data Collection • Limits on Storage, Use & Disclosure

5. Information Privacy Principles [2] • Accuracy of Information • Safeguards • Openness of Policies & Practices • User Access & Challenges • Compliance & Auditing

6. General Trends: Global Privacy Law

7. World: Privacy Law Trends • Countries around the world are: • Adopting comprehensive laws toprotect privacy • Basing them on OECD and Council of Europe models

8. EU: Standardizing Privacy • EU Privacy Directive prevents unauthorized transmission of personal info to any country that does not adequately protect privacy. • Encourages countries to adopt strong privacy legislation and standardize privacy policy across borders.

9. Canada: Personal Privacy • 1983 Privacy Act • Protection for information held by Govt. • Covers ~110 Federal Departments • 2000 Personal Information Protection and Electronic Documents Act.

10. USA: Financial Privacy • 1978: Right to Financial Privacy Act • 1991: Telephone Consumer Protection Act • 1992: Fair Credit Reporting Act • 1996: Electronic Fund Transfer Act • 1999: Gramm-Leach-Biley Act (Title V) • 2000: Safe Harbour Principles (E.U./1998)

11. Getting Specific: Medical Privacy Regulations “The Only Crypto that Survives is Medical Crypto.”

12. USA: the HIPAA $tandard • 1996 Health Insurance Portability & Accountability Act • Improves efficiency of healthcare deliveryby standardizing electronic data interchange. • Protects health data confidentiality and securityby setting and enforcing standards. • All Healthcare organizations are affected. • Covers all personally identifiable health infoin electronic form. • Includes paper records and oral communications.

13. Regulatory Comparisons

14. Regulatory Criteria [1] Access • Controlling access and limiting patient info display. Backup • Secure backups to prevent medical data loss. Unique ID • Every patient or practicioner is unique like all the others. Logoff • Automated signoff after period of inactivity. Audits • Capture a historical record of medical data use.

15. Regulatory Criteria [2] eSignatures & Chart Signing • Replacing paper-based signatures. • Tracking patient-practicioner interactions. Encryption • Protecting, hiding and transmitting confidential records. Patient Access • Patients should can see their chart and know who’s looked. Sensitive Info • Patient data disclosure control & perfect forward secrecy. Locking Data • Original entries cannot be altered or deleted.

16. Regulatory Comparison criteria:

17. “I’m a privacy-rights person…the marketplace can function without sacrificing the privacy of individuals.” – George“Dubya”Bush(Business Week, 5 June 2000)

18. Robert Guerra Robert @ CryptoRights .org CryptoRights Foundation http://CryptoRights.org Mac-Crypto Conference on Macintosh Cryptography & Internet Commerce January 29, 2001