Below is a list of items with policy relevance from the November issue of Communications of the ACM. As always, much of the material in CACM is premium content, and free content one month may slip behind a pay wall the next. You need to be a member of ACM or a subscriber to CACM to access premium content online.
Implementing Electronic Medical Records, Leah Hoffman
A review of the implementation challenges facing the drive to establish electronic medical records in a much higher percentage of American medical practices.
Viewpoints: Legally Speaking
Are Business Methods Patentable? by Pamela Samuelson
A discussion about how a pending Supreme Court case concerning business method patents may affect software patents. The influence of this decision will come from why the Court decides to strike down the patents at issue, if it rules that way.
Continue reading “Policy Highlights from Communications of the ACM – November 2009 (Vol. 52, No. 11)”
The Department of Homeland Security’s Data Privacy and Integrity Advisory Committee will meet
8:30 a.m.-2 p.m., 490 L’Enfant Plaza S.W., Washington, D.C.
PASS ID, S. 1261, is a bill introduced in June as an attempt to break through the impasse over REAL ID. That law, passed as part of a budget bill in 2005, was intended to tighten the security of drivers’ licenses and state-issued identification cards to combat terrorism. The USACM Issue Brief on REAL ID reviews our concerns with the legislation, which we argue is badly designed and introduces too many risks to the security and privacy of personal information to be effective. There have been several problems in implementing the bill, not the least of which is the actions of several states to pass resolutions or laws stating they will not implement the law.
Continue reading “PASS ID Moves Forward in Congress”
The Senate Judiciary Committee will hold a hearing on cybersecurity, with an emphasis on fighting terrorism and protecting privacy.
10 a.m., 226 Dirksen Building
The House Science and Technology Committee will review pending legislation on cybersecurity research, development, and standards.
10 a.m., 2318 Rayburn Building
The Subcommittee on Communications, Technology and the Internet, and the Subcommittee on Commerce, Trade and Consumer Protection of the House Energy and Commerce Committee will meet on the collection and use of consumer information.
10 a.m., 2123 Rayburn Building
In a markup session yesterday, the Senate Judiciary Committee approved two bills on the protection of consumer data. S 1490, the Personal Data Privacy and Security Act of 2009, takes a number of steps to increase the penalties for identity theft and to require data brokers take additional measures to protect the information they handle. The additional steps start with implementing data privacy and security programs for databases with sensitive personal information. Data brokers would be required to disclose to an individual information that the broker has on that individual. Brokers must also maintain procedures for individuals to correct inaccuracies in this information. The bill also requires the Federal Trade Commission, the General Services Administration, and the U.S. Sentencing Commission make changes to their policies to reflect the standards and procedures described in this act. For example, the bill makes it a crime to intentionally or willfully conceal a security breach involving personal data.
The bill’s data breach notification provisions come from a separate bill the committee approved, S 139, the Data Breach Notification Act. Any federal agency or business entity that uses, accesses, or collects sensitive personally identifiable information must notify in the event of a data breach: any U.S. resident whose information was accessed or taken; and any third party that has access or control of that information. Under special circumstances other agencies would be notified as well. The Senate Judiciary Committee has approved data privacy and breach notification legislation before, and it failed to reach the Senate floor. With the number of records exposed by data breaches continuing to grow, it would be nice to see this legislation advance further in the process.
The Technology and Innovation Subcommittee of the House Science and Technology Committee will review the Cybersecurity Coordination and Awareness Act, a piece of draft legislation.
10:30 a.m., 2318 Rayburn Building
The Senate Judiciary Committee will meet to consider nominations and pending legislation, including bills on data breach notification and data privacy.
10 a.m., 226 Dirksen Building