●●●●● Ten Principles of Privacy ●●●● ●●0 ●●● ●●●● o Openness o a donor shall be able to access all information about the donor stored in the database
16 Ten Principles of Privacy ⚫ Openness ⚫ A donor shall be able to access all information about the donor stored in the database
●●●●● Ten Principles of Privacy ●●●● ●●0 ●●● ●●●● Compliance a donor shall be able to verify compliance with the above principles. Similarly, the database shall be able to address a challenge concerning compliance Example: a patient should be able to see that all the privacy policies that have been specified with respect to his data are actually being enforced This will also help in gaining the trust of the donor
17 Ten Principles of Privacy ⚫ Compliance ⚫ A donor shall be able to verify compliance with the above principles. Similarly, the database shall be able to address a challenge concerning compliance. ⚫ Example: A patient should be able to see that all the privacy policies that have been specified with respect to his data are actually being enforced. This will also help in gaining the trust of the donor
●●●●● Hippocratic Databases ●●●● ●●0 ●●● ●●●● Privacy Policy User Preferences Application Data Creation Data Collection Retrieval Installation Negotiation EPAL Policy User Preferences Parser Policy Matching Privac Enforcement JDBC Driver Installed Policy User Data DATABASE database
18 Hippocratic Databases DATABASE Application Data Retrieval Privacy Enforcement JDBC Driver User Data User Preferences & Data Collection Negotiation User Preferences & Policy Matching Installed Policy Privacy Policy Creation Installation EPAL Policy Parser
Hippocratic Databases ●●●●● NetCare Healthcare Business scenario ●●●● Csre GOOD SAMARITAN HOSPITAL KAISER PERMANENTE CIGNA I Business of Curing John Cane, Chief Privacy Officer, Netcare Healthcare Jane smith, New Patient Netcare Healthcare Dr. Young, Physician, Netcare Healthcare Christine Jones, Lab Technician, Netcare Healthcare Phil crew, Drug Researcher, Innovative Drug Research
19 Hippocratic Databases NetCare Healthcare Business Scenario •John Cane, Chief Privacy Officer, NetCare Healthcare •Jane Smith, New Patient, NetCare Healthcare •Dr. Young, Physician, NetCare Healthcare •Christine Jones, Lab Technician, NetCare Healthcare •Phil Crew, Drug Researcher, Innovative Drug Research
Hippocratic Databases Netcare healthcare Business scena/o ●●●● 需 John cane, CPo installs Jane, a new patient, defines Jane visits Netcare 's website Jane submits her corporate privacy policy her privacy preferences to setup patient account personal information Installation Negotiation Name, Address, SSN#, Email Opt-out of sharing full medical records to lab technicians Corporate Jane's Data Policy (Personal/ Medica DATABASE Records)
20 Hippocratic Databases NetCare Healthcare Business Scenario DATABASE Corporate Policy Installation John Cane, CPO installs corporate privacy policy Jane’s Data (Personal/Medical Records) Jane, a new patient, defines her privacy preferences Negotiation Jane visits NetCare’s website to setup patient account Jane submits her personal information - Name, Address, SSN#, Email - Opt-in to sharing data for research - Opt-out of sharing full medical records to lab technicians