Discerning Data Editorial Board, Author at Discerning Data

OCR Kick Starts 2018 with Severe $3.5 Million HIPAA Settlement and Corrective Action Plan

Fresenius Medical Center North America (FMCNA) agreed to pay $3.5 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and adopt a two-year comprehensive corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA).

The no-fault resolution agreement states that FMCNA reported five separate incidents that occurred between February 23, 2012 and July 18, 2012 at five distinct FMCNA facilities (FMCNA Covered Entities). FMCNA provides centralized corporate support to the FMCNA Covered Entities, including storing patient’s medical records, creating and disseminating HIPAA policies and procedures, and investigating the circumstances surrounding each breach reported to it by the FMCNA Covered Entities.

Continue reading “OCR Kick Starts 2018 with Severe $3.5 Million HIPAA Settlement and Corrective Action Plan”

Strava’s Heatmap & IoT Devices

Online fitness tracking app Strava recently published a “heatmap” of data showing the physical movement paths of Strava users around the globe. The Strava app uses mobile phones’ GPS in conjunction with wearable fitness trackers, such as Fitbit, Garmin, and Xiaomi Mi, to track users’ physical activities, capture performance metrics like speed, pace, and distance, analyze users’ performance, and compare performance metrics with other users. As useful as this information is to Strava users, it became widely known in late January 2018 that Strava’s heatmap, easily available to the public, shows the movement of soldiers and military personnel in different global locations. This information can be used to identify, with explicit detail, the location and layout of foreign physical military installations in countries such as Syria and Afghanistan.

Strava’s heatmap, which was updated in November 2017, is a visualization of the company’s global network of athletes. According to Strava, the heatmap is the “largest, richest, and most beautiful dataset of its kind,” and consists of the following data points:

1 billion activities
3 trillion latitude/longitude points
13 trillion pixels rasterized
10 terabytes of raw input data
A total distance of 27 billion km (17 billion miles)
A total recorded activity duration of 200 thousand years
5% of all land on Earth covered by tiles

Strava notes that the platform has numerous privacy rules in place, including an enhanced privacy mode, the exclusion of some or all private activities, the cropping of activities to respect user defined privacy zones, and the option to opt-out of contributing data to the heatmap.

Strava’s heatmap highlights a variety of issues associated with the deployment of Internet of Things (IoT) devices. The IoT, a broad category of technology that is generally understood to include physical devices that can collect and share data and connect to the Internet, is quickly changing every aspect of our lives, from the way we work and how we purchase goods and services to how we exercise and how well we sleep. How these devices connect with other devices as well as consumer expectations continue to evolve is this largely unregulated space.

The FTC’s 2012 report, “Protecting Consumer Privacy in an Era of Rapid Change,” provides further insight.

Data Security Concerns Continue in 2018 – Survey Provides New Insight

A vast majority of companies report feeling vulnerable to data breaches and security threats, according to a recent report published by a data security provider and information technology advisory company. It is predicted that companies are planning on spending more than ever before to protect themselves in 2018.

The report, published by Thales eSecurity and 451 Research, summarizes the surveyed responses of more than 1,200 senior security executives employed in the U.S., U.K., Germany, Japan, Sweden, the Netherlands, Korea, and India. Of these respondents, more than one-third had major influence on security-decision making, and nearly half had sole-decision making authority.

Continue reading “Data Security Concerns Continue in 2018 – Survey Provides New Insight”

Building the Blocks of Knowledge – NIST Releases Draft Blockchain Technology Overview

On January 25, 2018, the National Institute of Standards and Technology (NIST) division of the U.S. Department of Commerce released a draft report of Blockchain technology (Overview). Recognizing the growing public awareness of the most well-known application of Blockchain technology – Bitcoin, the Overview draft report provides a high-level discussion of the technical components of Blockchain technology, addressing how data is encrypted, and how the data is verified and then distributed among the participating Blockchain parties. NIST is seeking comments on the scope and completeness of the draft Overview, which are due by February 23, 2018.

The Overview begins with a fairly detailed, yet accessible, overview of the architecture of Blockchain technology, covering both how data that is to be recorded and encrypted in the blocks, and how the individual blocks are then incorporated into the corresponding Blockchain. Discussions of hashing, nonces, forking and Merkle Trees are included, along with helpful charts for those with a preference for visuals.

Continue reading “Building the Blocks of Knowledge – NIST Releases Draft Blockchain Technology Overview”

Partnership for Public Service Releases White Paper on Using Artificial Intelligence to Transform Government

The Partnership for Public Service has issued a report that examines how artificial intelligence (AI) is being used by federal and state authorities in a variety of areas.

The research for the report, “The Future Has Begun: Using Artificial Intelligence to Transform Government,” was performed in collaboration with the IBM Center for The Business of Government and includes four case studies. The first case study involved using AI techniques originally created at the University of South Carolina to fight crime more effectively. The software was originally used to fight domestic terrorism by helping federal and state officials determine potential targets and make recommendations on randomizing patrol routes, security schedules for police officers, boat patrol routes, and assigning air marshals to flights. In a later application of the same software, the same system was given to wildlife rangers in Africa to assist in making decisions on which wildlife areas to patrol on any given day to protect both animals and plants. This was in response to presidential Executive Order 13648 issued in 2013 to have the Agriculture, Treasury and State Departments assist in combating wildlife crime.

Continue reading “Partnership for Public Service Releases White Paper on Using Artificial Intelligence to Transform Government”

Connected Cars in 2018 – Ready for the Fast Lane?

One of the most frequent predictions for significant growth in 2018 is the development of the connected car ecosystem. During the second half of 2017, there were workshops, proposed legislation and other guidance from the Department of Transportation and the National Highway Traffic Safety Administration (NHTSA).

In June 2017, the FTC and the NHTSA hosted a workshop in Washington, D.C. to discuss the enormous amounts of data collected and used in the connected car ecosystem. The workshop included representatives from consumer groups, industry, government and academia, and explored the benefits and challenges in this fast-growing market. After reviewing the materials submitted in connection with the workshop, the FTC released its Key Takeaways earlier this month.

In addition, the U.S. House of Representatives passed H.R. 3388, the SELF DRIVE (Safely Ensuring Lives Future Development and Research in Vehicle Evolution) Act to encourage testing, development and deployment of highly automated vehicles. Finally, the U.S. Department of Transportation and the NHTSA released new federal guidance for automated vehicles titled Automated Driving Systems 2.0: A Vision for Safety.

Continue reading “Connected Cars in 2018 – Ready for the Fast Lane?”

DISCERNING DATA

A Faegre Drinker Blog Covering the Latest in Privacy, Cybersecurity and Data Strategy

Author: Discerning Data Editorial Board