Oops - We Didn’t Mean to Do That! – How Unintended Consequences Can Hijack Good Privacy and Security Policies

This chapter highlights the research findings of a longitudinal study of online privacy and security practices among global municipalities conducted in 2005 and 2007. As cities worldwide implement sophisticated e-government platforms to increasingly provide services online, many barriers still inhibit the adoption of such strategies by the citizen users, and one such factor is the availability of a comprehensive privacy policy. The survey examines cities throughout the world based upon their population size, the total number of individuals using the Internet, and the percentage of individuals using the Internet. Specifically, we examined if the website has a privacy or security policy, does the website utilize digital signatures and if the website has a policy addressing the use of cookies to track users. Overall, results indicate that cities are increasingly emphasizing on privacy and security policies with major improvements in 2007, along with significant changes in the top ranking cities in when compared to the 2005 study.

Download Full-text

Privacy and Security in the Age of Electronic Customer Relationship Management

Electronic Commerce ◽

10.4018/978-1-59904-943-4.ch105 ◽

2011 ◽

pp. 1279-1301

Author(s):

Nicholas C. Romano Jr. ◽

Jerry Fjermestad

Keyword(s):

Customer Relationship Management ◽

Personal Information ◽

Relationship Management ◽

Unintended Consequences ◽

Customer Relationship ◽

Security And Privacy ◽

Exchange Relationship ◽

Privacy And Security ◽

Goods And Services ◽

A Value

This article presents a value exchange model of privacy and security for electronic customer relationship management within an electronic commerce environment. Enterprises and customers must carefully manage these new virtual relationships in order to ensure that they both derive value from them and minimize unintended consequences that result from the concomitant exchange of personal information that occurs in e-commerce. Based upon a customer’s requirements of privacy and an enterprise requirement to establish markets and sell goods and services, there is a value exchange relationship. The model is an integration of the customer sphere of privacy, sphere of security, and privacy/security sphere of implementation.

Download Full-text

Rapid development of telehealth capabilities within pediatric patient portal infrastructure for COVID-19 care: barriers, solutions, results

Journal of the American Medical Informatics Association ◽

10.1093/jamia/ocaa065 ◽

2020 ◽

Vol 27 (7) ◽

pp. 1116-1120 ◽

Cited By ~ 16

Author(s):

Pious D Patel ◽

Jared Cobb ◽

Deidre Wright ◽

Robert W Turer ◽

Tiffany Jordan ◽

...

Keyword(s):

Pediatric Patients ◽

Medical Center ◽

Rapid Development ◽

Academic Medical Center ◽

Security Policies ◽

Patient Portal ◽

Privacy And Security ◽

Academic Medical ◽

Adolescent Autonomy ◽

National Emergency

Abstract The COVID-19 national emergency has led to surging care demand and the need for unprecedented telehealth expansion. Rapid telehealth expansion can be especially complex for pediatric patients. From the experience of a large academic medical center, this report describes a pathway for efficiently increasing capacity of remote pediatric enrollment for telehealth while fulfilling privacy, security, and convenience concerns. The design and implementation of the process took 2 days. Five process requirements were identified: efficient enrollment, remote ability to establish parentage, minimal additional work for application processing, compliance with guidelines for adolescent autonomy, and compliance with institutional privacy and security policies. Weekly enrollment subsequently increased 10-fold for children (age 0–12 years) and 1.2-fold for adolescents (age 13–17 years). Weekly telehealth visits increased 200-fold for children and 90-fold for adolescents. The obstacles and solutions presented in this report can provide guidance to health systems for similar challenges during the COVID-19 response and future disasters.

Download Full-text

The 20th Scientific Conference for Information Systems and Computer Technology towards National and Institutional Information Privacy and Security Policies : Cairo , 29 - 30 May 2013

Compunet ( The Egyptian Information Journal ) ◽

10.12816/0014044 ◽

2013 ◽

Vol 11 (13) ◽

pp. 15-17

Keyword(s):

Information Systems ◽

Computer Technology ◽

Information Privacy ◽

Security Policies ◽

Scientific Conference ◽

Privacy And Security

Download Full-text

Privacy and Security Policies in Big Data

10.4018/978-1-5225-2486-1 ◽

2017 ◽

Cited By ~ 8

Keyword(s):

Big Data ◽

Security Policies ◽

Privacy And Security

Download Full-text

E-Health Project Implementation

Biocomputation and Biomedical Informatics - Advances in Bioinformatics and Biomedical Engineering ◽

10.4018/978-1-60566-768-3.ch019 ◽

2010 ◽

pp. 281-286

Author(s):

Konstantinos Siassiakos ◽

Athina Lazakidou

Keyword(s):

Security Requirements ◽

Security Policies ◽

Enterprise Management ◽

Security Measures ◽

Ethical Challenges ◽

Privacy And Security ◽

Health Project ◽

Enterprise Level ◽

The Right ◽

And Control

Privacy includes the right of individuals and organizations to determine for themselves when, how and to what extent information about them is communicated to others. The growing need of managing large amounts of medical data raises important legal and ethical challenges. E-Health systems must be capable of adhering to clearly defined security policies based upon legal requirements, regulations and standards while catering for dynamic healthcare and professional needs. Such security policies, incorporating enterprise level principles of privacy, integrity and availability, coupled with appropriate audit and control processes, must be able to be clearly defined by enterprise management with the understanding that such policy will be reliably and continuously enforced. This chapter addresses the issue of identifying and fulfilling security requirements for critical applications in the e-health domain. In this chapter the authors describe the main privacy and security measures that may be taken by the implementation of e-health projects.

Download Full-text

Privacy and Security in the Age of Electronic Customer Relationship Management

Selected Readings on Electronic Commerce Technologies ◽

10.4018/978-1-60566-096-7.ch022 ◽

2009 ◽

pp. 310-332

Author(s):

Nicholas C. Romano Jr. ◽

Jerry Fjermestad

Keyword(s):

Customer Relationship Management ◽

Personal Information ◽

Relationship Management ◽

Unintended Consequences ◽

Customer Relationship ◽

Security And Privacy ◽

Exchange Relationship ◽

Privacy And Security ◽

Goods And Services ◽

A Value

This article presents a value exchange model of privacy and security for electronic customer relationship management within an electronic commerce environment. Enterprises and customers must carefully manage these new virtual relationships in order to ensure that they both derive value from them and minimize unintended consequences that result from the concomitant exchange of personal information that occurs in e-commerce. Based upon a customer’s requirements of privacy and an enterprise requirement to establish markets and sell goods and services, there is a value exchange relationship. The model is an integration of the customer sphere of privacy, sphere of security, and privacy/security sphere of implementation.

Download Full-text

A Graph-Based Approach to Model Privacy and Security Issues of Online Social Networks

Social Network Engineering for Secure Web Data and Services ◽

10.4018/978-1-4666-3926-3.ch009 ◽

2013 ◽

pp. 184-205 ◽

Cited By ~ 1

Author(s):

Luca Caviglione ◽

Mauro Coccoli ◽

Alessio Merlo

Keyword(s):

Social Networks ◽

Social Organization ◽

Online Social Networks ◽

Personal Information ◽

Security Policies ◽

Privacy And Security ◽

Web Based ◽

Security Issues ◽

Cultural Phenomenon ◽

Usage Patterns

With millions of users, Online Social Networks (OSNs) are a huge cultural phenomenon. Put briefly, they are characterized by: i) an intrinsic sharing of personal information, ii) a rich set of features to publish, organize and retrieve contents, especially for emphasizing their social organization, iii) the interaction with a heterogeneous set of devices, e.g., ranging from desktops to mobile appliances, and iv) the mix of Web-based paradigms and sophisticated methodologies for processing data. However, if not properly implemented, or without effective security policies, i) – iv) could lead to severe risks in terms both of privacy and security. In this perspective, this chapter analyzes the major peculiarities of OSN platforms, the preferred development methodologies, and usage patterns, also by taking into account how personal information can be exploited to conduct malicious actions. Then, a graph-based modeling approach is introduced to reveal possible attacks, as well as to elaborate the needed countermeasures or (automated) checking procedures.

Download Full-text

An Anatomy for Recognizing Network Attack Intention

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.c4022.098319 ◽

2019 ◽

Vol 8 (3) ◽

pp. 803-816

Keyword(s):

Exponential Growth ◽

Process Model ◽

Process Models ◽

Security Policies ◽

Privacy And Security ◽

Network Forensics ◽

Network Attack ◽

Cyber Crimes ◽

The Times ◽

Generic Process

Research in the field of Network forensics is tremendously expanding with the tendency to help in arbitrating, capturing and detaining the exponential growth of the cyber crimes. With this expansion, the field of Network forensics is still not clear and is uncertain. In this paper, we have presented the architecture of an analysis mechanism for network forensics. The work followed by generic process model for network forensics investigation is also presented and discussed in detail. Overall this paper presents an overview of the network forensics architecture, generic process models to help a user in the times of emergency by considering the incident and thus maintaining the privacy and security policies.

Download Full-text

A User Perspective on the Vulnerabilities of Smart Watches: Is Security a Concern?

Timisoara Journal of Economics and Business ◽

10.1515/tjeb-2017-0009 ◽

2017 ◽

Vol 10 (2) ◽

pp. 135-150 ◽

Cited By ~ 1

Author(s):

Daniela Popescul ◽

Mircea Georgescu

Keyword(s):

Mass Media ◽

Security And Privacy ◽

Security Policies ◽

Privacy And Security ◽

User Perspective ◽

Online Source ◽

Is Security ◽

Smart Things ◽

Privacy Issues

Abstract Nowadays, we are witnessing a serious gain in popularity of the wearable smart things. A triumphalist language referring to their benefits can be noticed in mass media, revealing the hype in their adoption. Multiple advantages are perceived by the consumers, and work as positive drivers in the wearables market. Yet, there is little awareness regarding their privacy and security – such concerns are constantly expressed by academia, but usually ignored by buyers and manufacturers. Therefore, the purpose of this paper is to provide some preliminary insights into how do the users perceive vulnerabilities as interferences, frequent disconnections, hardware and software malfunctions, improper/difficult configuration etc. of hand worn devices. The analysis was realized by means of netnography, using emag.ro, the oldest and largest ecommerce site in Romania as online source. Inspired by a similar study conducted by (Genaro Motti & Caine, 2016), we selected and reviewed 931 comments posted by the buyers of the ten most popular smart watches, in order to identify the hardware, software and connectivity problems they faced while using the devices and to assess the awareness of the buyers to security and privacy issues. Also, an overview of the privacy and security policies published by selected smart watches’ manufactures was made, and some conclusion regarding the recommended future actions for wearable buyers, sellers and manufacturers were presented.

Download Full-text